How to remove $RWIT6FA.exe

$RWIT6FA.exe Removal: How to Get Rid of $RWIT6FA.exe77de69f84fbc22dfe4271cf4234c5b91

$RWIT6FA.exe

The module $RWIT6FA.exe has been detected as Adware.MultiPlug

$RWIT6FA.exe
Remove $RWIT6FA.exe

File Details

MD5: 77de69f84fbc22dfe4271cf4234c5b91
Size: 234 KB
First Published: 2017-05-21 05:04:31 (5 years ago)
Latest Published: 2020-12-14 23:03:14 (2 years ago)
Status: Adware.MultiPlug (on last analysis)
Analysis Date: 2020-12-14 23:03:14 (2 years ago)

Common Places:

%appdata%\kyubey
%programfiles%\fijushreibuent\_allowdel_b421
%sysdrive%\$recycle.bin\s-1-5-21-1638238481-826990769-3333327472-1001
%profile%\x\application data\kyubey
%appdata%
%sysdrive%\fx-pc\backup set 2017-03-26 190000\backup files 2017-04-09 190001\backup files 1.zip\c\users\fx\appdata\roaming
%sysdrive%\adwcleaner\quarantine\files

File Names:

Kyubey.exe
$RWIT6FA.exe
trz6A2C.tmp

Geography:

48.6%
6.8%
5.4%
5.4%
5.4%
2.7%
2.7%
2.7%
2.7%
2.7%
1.4%
1.4%
1.4%
1.4%
1.4%
1.4%
1.4%
1.4%
1.4%
1.4%
1.4%

OS Version:

Windows 7 86.5%
Windows 10 5.4%
Windows 8.1 2.7%
Windows XP 2.7%
Windows 8 1.4%
Windows Server 2012 R2 1.4%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x0000c09d

PE Sections:

Name Size of data MD5
.text 192512 8e028e169b7276c669ffbd3aa9b34f08
.rdata 40448 0f8c2aa7f430f104cdec606d23a0b2b2
.data 5632 5af8b05ca702716cb1b971a0c55b6446
.rsrc 512 bc5906e4f4c97273653b0cea784091ec

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for $RWIT6FA.exe
copyright for information about $RWIT6FA.exe