How to remove $RGQTF9Y.exe

» File
File Details
Overview
Analysis

$RGQTF9Y.exe

The module $RGQTF9Y.exe has been detected as Trojan.Downloader

$RGQTF9Y.exe

Remove $RGQTF9Y.exe

File Details

Main Info:

Product Name:	Main Services
Company Name:	System Native
MD5:	4b63b66777879afd66703864aaf084b5
Size:	651 KB
First Published:	2018-03-15 06:03:54 (6 years ago)
Latest Published:	2018-05-03 07:08:19 (6 years ago)

Analysis:

Status:	Trojan.Downloader (on last analysis)
Analysis Date:	2018-05-03 07:08:19 (6 years ago)

Common Places:

%programfiles%\system native

%sysdrive%\$recycle.bin\s-1-5-21-2886818698-2723655693-604723939-1001\$rhrndwh

%sysdrive%\$recycle.bin

File Names:

updater.exe

$RGQTF9Y.exe

Geography:

	28.0%
	24.0%
	12.0%
	8.0%
	6.0%
	4.0%
	4.0%
	4.0%
	4.0%
	2.0%
	2.0%
	2.0%

OS Version:

Windows 10	64.0%
Windows 7	22.0%
Windows 8.1	10.0%
Windows 8	4.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00042f0f

PE Sections:

Name	Size of data	MD5
.text	396800	3e80c470d57960c49640cbbbb300b123
.rdata	112640	d58214c74dfbbca6dffa37172c90ff02
.data	4096	c00ca3bceb27f5e4dc4fde12984bcebd
.rsrc	129536	d4637a98341c7de78a5d6817456a4c50
.reloc	22528	9ab159c68bd3b6b89467c0feeff59171

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for $RGQTF9Y.exe

copyright for information about $RGQTF9Y.exe