How to remove $RZKZG21.exe
- File Details
- Overview
- Analysis
$RZKZG21.exe
The module $RZKZG21.exe has been detected as PUP.Reimage
File Details
Product Name: |
|
Company Name: |
|
MD5: |
184f5ff4a2a87c960b4a8572eccb8ca9 |
Size: |
4 MB |
First Published: |
2018-04-26 03:04:38 (5 years ago) |
Latest Published: |
2019-09-09 23:11:29 (4 years ago) |
Status: |
PUP.Reimage (on last analysis) |
|
Analysis Date: |
2019-09-09 23:11:29 (4 years ago) |
Overview
%programfiles%\reimage |
%sysdrive%\adwcleaner\quarantine\rqf69azbla |
%sysdrive%\vtroot\harddiskvolume3\program files\reimage |
%desktop% |
%appdata%\zhp\quarantine\reimage.dir |
%appdata%\zhp\quarantine\zhpcleaner\reimage |
%commonappdata%\bullguard |
%sysdrive%\$recycle.bin |
%sysdrive%\adwcleaner\quarantine\jbdt3hvofo |
%programfiles%\~reimage |
ReiProtectorM.exe |
ReiProtectorM.exe.E1D2AC2ECB1E885A9A06AB851D1E0403 |
$RZIGEAV.exe |
ReiProtectorM.exe#30E6C24838A506F9 |
$RZKZG21.exe |
|
9.5% |
|
|
5.9% |
|
|
5.6% |
|
|
5.0% |
|
|
4.4% |
|
|
3.9% |
|
|
3.4% |
|
|
3.3% |
|
|
3.2% |
|
|
3.1% |
|
|
3.0% |
|
|
2.5% |
|
|
2.4% |
|
|
2.2% |
|
|
2.2% |
|
|
2.1% |
|
|
2.1% |
|
|
2.0% |
|
|
1.9% |
|
|
1.8% |
|
|
1.6% |
|
|
1.5% |
|
|
1.4% |
|
|
1.4% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.2% |
|
|
1.2% |
|
|
1.1% |
|
|
1.0% |
|
|
0.9% |
|
|
0.9% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
Windows 10 |
65.8% |
|
Windows 7 |
23.8% |
|
Windows 8.1 |
8.6% |
|
Windows 8 |
0.6% |
|
Windows Server 2012 R2 |
0.6% |
|
Windows Server 2016 |
0.3% |
|
Windows Server 2012 |
0.1% |
|
Windows Server 2008 |
0.1% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
64 |
Image Base: |
0x0000000140000000 |
Entry Address: |
0x002d4e28 |
Name |
Size of data |
MD5 |
.text |
3246592 |
c31d30209238de8daf49d4675b7f2930 |
.rdata |
1313280 |
dcf9093ea9899de3dbda84eb20707cc3 |
.data |
122368 |
dec09f389651e0522d9de1f63a8b187c |
.pdata |
131072 |
b505794e5c62b04e5dd4d1fafb5f34dc |
.rsrc |
101376 |
d51e16e4730bec0bb63961eb052dd102 |
.reloc |
67584 |
3b01ef36ebd60f1d7815a5b3380daf52 |