How to remove $RF8DCYW.exe

» File
File Details
Overview
Analysis

$RF8DCYW.exe

The module $RF8DCYW.exe has been detected as Adware.Amonetize

$RF8DCYW.exe

Remove $RF8DCYW.exe

File Details

Main Info:

MD5:	48514d6aa4696a8fde76049b3c21da18
Size:	1 MB
First Published:	2017-05-27 08:00:56 (6 years ago)
Latest Published:	2020-10-18 22:20:39 (3 years ago)

Analysis:

Status:	Adware.Amonetize (on last analysis)
Analysis Date:	2020-10-18 22:20:39 (3 years ago)

Overview

Digital Signature

Signed By:	LLC "TARKOS SOFT"
Status:	Valid

Common Places:

%sysdrive%\torrentex

%sysdrive%\$recycle.bin\s-1-5-21-2865926441-479222758-3681480021-1000

%sysdrive%\sandbox\a-kris1961\defaultbox\drive\c\torrentex

%sysdrive%

%sysdrive%

%sysdrive%

File Names:

unins000.exe

$RF8DCYW.exe

Geography:

	16.3%
	16.3%
	7.0%
	7.0%
	7.0%
	7.0%
	7.0%
	4.7%
	2.3%
	2.3%
	2.3%
	2.3%
	2.3%
	2.3%
	2.3%
	2.3%
	2.3%
	2.3%
	2.3%
	2.3%

OS Version:

Windows 7	48.8%
Windows 10	37.2%
Windows 8.1	9.3%
Windows XP	2.3%
Windows 8	2.3%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00100004

PE Sections:

Name	Size of data	MD5
.text	1037312	69351d25c67a0d26ae98293518b48c7b
.itext	5120	6af5b74ebcd128d62db3adf99a2fdade
.data	12800	e451917917f4a9d9e9f972f25b034fdf
.bss	0	00000000000000000000000000000000
.idata	14848	43c0f118777059b21ad6a5849b132450
.tls	0	00000000000000000000000000000000
.rdata	512	3f4821d98c8d2f792b0e23905609a7d6
.rsrc	103424	c8e4fd80fbcdcdf69bf09df3b5e3c9f6

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for $RF8DCYW.exe

copyright for information about $RF8DCYW.exe