How to remove $RBYGJHZ.exe

» File
File Details
Overview
Analysis

$RBYGJHZ.exe

The module $RBYGJHZ.exe has been detected as PUP.Generic

$RBYGJHZ.exe

Remove $RBYGJHZ.exe

File Details

Main Info:

Product Name:	WinSnap
Company Name:	NTWind Software
MD5:	16b01bb7e25b7e193411b9caf5d6f65a
Size:	5 MB
First Published:	2025-10-06 23:00:33 (3 months ago)
Latest Published:	2025-10-06 23:00:33 (3 months ago)

Analysis:

Status:	PUP.Generic (on last analysis)
Analysis Date:	2025-10-06 23:00:33 (3 months ago)

Overview

Digital Signature

Signed By:	Avdonin Aleksandr Nikolaevich Ip
Status:	Invalid (digital signature could be stolen or file could be patched)

Common Places:

%sysdrive%\$recycle.bin

Geography:

100.0%

OS Version:

Windows 10

100.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00083cb4

PE Sections:

Name	Size of data	MD5
.text	2267648	ecc5d147c4fd3ae6e0919b83a8e89f79
.rdata	604160	3959ca1786705f4e3f42f833822a9cf9
.data	73728	96c3cae0bea5733c98ea3c0bf9902799
.gfids	18432	2acf822127d579e33f6d9d3de8f90436
.giats	512	65ac3d20ef05e8669cd4fde3e1b68731
.tls	512	1f354d76203061bfdd5a53dae48d5435
.rsrc	3073024	ba9fcf9ceadab6c8e5a9c19f99371abb
.reloc	190976	c9c29c34ca5e5260db418fc397c9f7a1

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for $RBYGJHZ.exe

copyright for information about $RBYGJHZ.exe