How to remove $R6PMXT0.exe

» File
File Details
Overview
Analysis

$R6PMXT0.exe

The module $R6PMXT0.exe has been detected as Adware.Kuaiba

$R6PMXT0.exe

Remove $R6PMXT0.exe

File Details

Main Info:

MD5:	9a77d619126eac8b64b08e7c541564a2
Size:	245 KB
First Published:	2017-09-21 19:05:17 (7 years ago)
Latest Published:	2022-04-28 23:07:23 (2 years ago)

Analysis:

Status:	Adware.Kuaiba (on last analysis)
Analysis Date:	2022-04-28 23:07:23 (2 years ago)

Overview

Digital Signature

Signed By:	Suzhou Shijie Software Co., LTD
Status:	Valid

Common Places:

%windir%\syswow64

%windir%\system32

%sysdrive%\adwcleaner\quarantine\zdgc81tbdk

%sysdrive%\adwcleaner\quarantine\bbsqwy6yhk

%sysdrive%\$windows.~bt\newos\windows\syswow64

%sysdrive%\adwcleaner\quarantine\gtxsl1c00g

%system%

%sysdrive%\$recycle.bin

%sysdrive%\adwcleaner\quarantine

%sysdrive%\$recycle.bin\s-1-5-21-932668629-2394377310-2329042766-1000\$rokheka\quarantine

File Names:

kz.exe

$R6PMXT0.exe

vvbcrhcxkbktqutvbbhogossulezryib.back

A0324914.exe

qwwpdttmjicswafnafudpjkrnyvncuwi.back

kz.exe#FFFC90D71F7C86BD

pyjqgtzvpcklgfxasrhpfptyxvxnjxzg.back

Geography:

	49.1%
	11.2%
	6.5%
	3.9%
	3.1%
	2.8%
	1.8%
	1.6%
	1.5%
	1.3%
	1.3%
	1.1%
	1.0%
	0.8%
	0.8%
	0.7%
	0.7%
	0.7%
	0.7%
	0.5%
	0.5%
	0.5%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%

OS Version:

Windows 10	47.9%
Windows 7	43.0%
Windows 8.1	5.0%
Windows XP	2.3%
Windows 8	0.8%
Windows Server 2008 R2	0.8%
Windows Server 2012 R2	0.2%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00001680

PE Sections:

Name	Size of data	MD5
.text	5120	0a615107ba383f16895a436ec5ae5c63
.rdata	2560	15a11281afc72b73ebce25f2978046c2
.data	512	ac7f9f0b2fa96b5ead057f9f30e1ee56
.CRT	512	53fc2d2624fd8667018b0fff99ebe291
.rsrc	232448	b5cb859a0dd01c7a69158facd6ca2cbe
.reloc	1536	669093093be69c26cc3d7c3bb13b70f9

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for $R6PMXT0.exe

copyright for information about $R6PMXT0.exe