How to remove $RCDGW13.exe

$RCDGW13.exe

The module $RCDGW13.exe has been detected as Adware.Downloader

$RCDGW13.exe
Remove $RCDGW13.exe

File Details

Product Name:

winrar

Company Name:

win.rar GmbH

MD5: 26c2a62118cf1d506b8f5490084df6de
Size: 2 MB
First Published: 2018-07-06 03:07:05 (6 years ago)
Latest Published: 2020-11-26 12:16:04 (3 years ago)
Status: Adware.Downloader (on last analysis)
Analysis Date: 2020-11-26 12:16:04 (3 years ago)

Overview

Signed By: QUALITY APPROACH LTD
Status: Valid

Common Places:

%profile%
%sysdrive%\$recycle.bin
%sysdrive%\programs
%desktop%
%sysdrive%
%mydoc%
%localappdata%\packages\microsoft.microsoftedge_8wekyb3d8bbwe\ac\#!001\microsoftedge\cache
%profile%\downloads
%localappdata%\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate
%profile%\dropbox\elmenda\move-store

File Names:

wrar550.exe
$RCDGW13.exe
wrar550 (1).exe
$R6H0DOT.exe
wrar550[1].exe
$RD5OHBA.exe
$RGKJ26K.exe
$RAB7LAX.exe
$RCSK9QC.exe
winrar 5.50.exe

Geography:

14.8%
14.4%
12.1%
7.5%
7.2%
5.2%
3.3%
3.0%
3.0%
3.0%
2.3%
2.0%
2.0%
2.0%
1.6%
1.6%
1.3%
1.0%
1.0%
1.0%
1.0%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%

OS Version:

Windows 10 66.9%
Windows 7 27.7%
Windows 8.1 3.5%
Windows 8 1.0%
Windows Server 2012 R2 1.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x0000aa98

PE Sections:

Name Size of data MD5
CODE 41472 b7ea439d9c6d5ec722056c9243fb3054
DATA 1024 9b2268ed5360951559d8041925d025fb
BSS 0 00000000000000000000000000000000
.idata 2560 df5f31e62e05c787fd29eed7071bf556
.tls 0 00000000000000000000000000000000
.rdata 512 14dfa4128117e7f94fe2f8d7dea374a0
.reloc 0 00000000000000000000000000000000
.rsrc 11264 f0c59ec214a18650cf48c77a1c99a6c5

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for $RCDGW13.exe
copyright for information about $RCDGW13.exe