How to remove $RS1PW4T.exe

$RS1PW4T.exe

The module $RS1PW4T.exe has been detected as Backdoor.Fynloski

$RS1PW4T.exe
Remove $RS1PW4T.exe

File Details

Product Name:

Remote Service Application
Company Name:

Microsoft Corp.
MD5: 84701df691b005300b423f83fd19c4fb
Size: 479 KB
First Published: 2023-05-24 23:03:25 (2 years ago)
Latest Published: 2023-05-24 23:34:46 (2 years ago)
Status: Backdoor.Fynloski (on last analysis)
Analysis Date: 2023-05-24 23:34:46 (2 years ago)

Common Places:

%sysdrive%\$recycle.bin
%sysdrive%\$recycle.bin
%sysdrive%\$recycle.bin

Geography:

100.0%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000ee8d0

PE Sections:

Name Size of data MD5
UPX0 0 d41d8cd98f00b204e9800998ecf8427e
UPX1 252928 53c9a0b83e79488207609199392b1156
.rsrc 236544 03a52547730f2c12e976a40cddd73f81

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for $RS1PW4T.exe
copyright for information about $RS1PW4T.exe