How to remove $RBWT9RF.exe

$RBWT9RF.exe

The module $RBWT9RF.exe has been detected as General Threat

$RBWT9RF.exe
Remove $RBWT9RF.exe

File Details

Product Name:

PerfectDisk
Company Name:

Raxco Software, Inc.
MD5: c2b66c8e539adbfacb61053f13ed3df6
Size: 3 MB
First Published: 2018-06-26 01:01:50 (6 years ago)
Latest Published: 2018-09-05 17:14:21 (6 years ago)
Status: General Threat (on last analysis)
Analysis Date: 2018-09-05 17:14:21 (6 years ago)

Overview

Signed By: Raxco Software, Inc.
Status: Valid

Common Places:

%programfiles%\raxco
%programfiles%\raxco\pd14.0_pro_install\x64\program files 64\raxco
%sysdrive%\$recycle.bin
%sysdrive%\app
%desktop%
%sysdrive%
%programfiles%\raxco\pd14.0_server_install\x64\program files 64\raxco
%sysdrive%\$recycle.bin\s-1-5-21-681595151-3895500003-3580703755-1001\$rvms0vr\pd14.0_pro_install\x64\program files 64\raxco
%temp%\perfectdisk\x64\program files 64\raxco
%sysdrive%\programmy

File Names:

PDAgent.exe
$RBWT9RF.exe
PDAgent.exe.quarantined
pdagent.exe

Geography:

17.0%
15.1%
7.5%
5.0%
5.0%
5.0%
4.4%
3.8%
3.1%
3.1%
2.5%
2.5%
2.5%
1.9%
1.9%
1.9%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%

OS Version:

Windows 10 70.4%
Windows 7 22.6%
Windows 8.1 6.9%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x001c1450

PE Sections:

Name Size of data MD5
.text 2045440 8576c0ab833362dbdd8680c29d93fa0b
.rdata 889856 ed7aa380ff6fa39eb6e83c66d13a1012
.data 17920 345c778713053794f9d36551ff829f5c
.pdata 138240 fd829b40b081ba3e0bbbbdb47e88c7c0
.rsrc 50176 e4adec429c7a3ebce1a4a03fcba7802f
.reloc 13312 9bf5e4142b9c107394a8c00119b78ad8

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for $RBWT9RF.exe
copyright for information about $RBWT9RF.exe