How to remove $RZO0XJC.exe
- File Details
- Overview
- Analysis
$RZO0XJC.exe
The module $RZO0XJC.exe has been detected as PUP.Ask
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
47e1fbc3aa8b4439b60d7633eb355a8e |
| Size: |
1023 KB |
| First Published: |
2017-05-21 05:04:24 (7 years ago) |
| Latest Published: |
2018-10-11 02:10:32 (6 years ago) |
| Status: |
PUP.Ask (on last analysis) |
|
| Analysis Date: |
2018-10-11 02:10:32 (6 years ago) |
Overview
| %programfiles%\freetime\formatfactory\ffmodules\package\ask |
| %programfiles%\formatfactory\ffmodules\package\ask |
| %localappdata%\temp |
| %desktop%\formatfactory\ffmodules\package\ask |
| %commonappdata%\suitelordi\appli\video\formatfactory\ffmodules\package\ask |
| %desktop%\formatfactoryportable_3.3.4_azo\格式工廠\app\formatfactory\ffmodules\package\ask |
| %desktop%\bt\formatfactoryportable_3.6.0\app\formatfactory\ffmodules\package\ask |
| %sysdrive%\1-portable cloud apps os\portable_softwares\多媒體工具\formatfactory\app\formatfactory\ffmodules\package\ask |
| %sysdrive%\$recycle.bin\s-1-5-21-4211469877-2708500256-3821864035-1000\$rqnrp1n\formatfactory\ffmodules\package\ask |
| %desktop%\of the franco's carpeteishon\programas\formatfactory\ffmodules\package\ask |
| AskPIP_FF_.exe |
| $RZO0XJC.exe |
|
20.0% |
|
|
18.9% |
|
|
8.4% |
|
|
5.3% |
|
|
4.5% |
|
|
3.9% |
|
|
3.7% |
|
|
3.5% |
|
|
3.1% |
|
|
2.7% |
|
|
2.3% |
|
|
1.6% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
0.8% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
| Windows 7 |
46.0% |
|
| Windows 10 |
34.2% |
|
| Windows 8.1 |
13.8% |
|
| Windows XP |
3.8% |
|
| Windows 8 |
1.6% |
|
| Windows Vista |
0.4% |
|
| Windows Server 2008 R2 |
0.2% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00079eb4 |
| Name |
Size of data |
MD5 |
| .text |
639488 |
059aa2302068cf62d73ba51770723784 |
| .rdata |
143872 |
f05f125a56d051029362e3d376c0d948 |
| .data |
22528 |
c9e04799a6659650d211036f8d7327c0 |
| .rsrc |
185344 |
5afdda3b3ea163e1c53dae881b331e4b |
| .reloc |
49664 |
e9f398e5e167c245e7d374c43ac920bd |
