Solved! Use XSFRSC.PIF (Rootkit TDSS) Removal Guide

Rootkits No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

XSFRSC.PIF – Rootkit TDSS removal

FileMD5Virus Alias
XSFRSC.PIF e62d3c724adcf3135fccb104860e822b Rootkit TDSS
XSFRSC.PIF e62d3c724adcf3135fccb104860e822b Trojan Exception.gen.101
XSFRSC.PIF e62d3c724adcf3135fccb104860e822b Trojan DLOADER
XSFRSC.PIF e62d3c724adcf3135fccb104860e822b Trojan Generic
XSFRSC.PIF e62d3c724adcf3135fccb104860e822b Backdoor RBot
XSFRSC.PIF e62d3c724adcf3135fccb104860e822b Trojan Buzus

XSFRSC.PIF size: 39960 bytes
XSFRSC.PIF hash: E62D3C724ADCF3135FCCB104860E822B

Created files:

%SysDir%\hra101.dll
%WinDir%\xsfrsc.pif

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Defghi Klmnopqr Tuv\Type: 10010000
HKLM\System\CurrentControlSet\Services\Defghi Klmnopqr Tuv\Start: 02000000
HKLM\System\CurrentControlSet\Services\Defghi Klmnopqr Tuv\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\Defghi Klmnopqr Tuv\DisplayName: Defghi Klmnopqr Tuvwxyab Defg
HKLM\System\CurrentControlSet\Services\Defghi Klmnopqr Tuv\ImagePath: %WinDir%\xsfrsc.pif
HKLM\System\CurrentControlSet\Services\Defghi Klmnopqr Tuv\Description: Defghijk Mnopqrstu Wxyabcd Fghijklm Opq

Detected by UnHackMe:

XSFRSC.PIF
Default location: %WinDir%\XSFRSC.PIF

Dropper information:
MD5: e62d3c724adcf3135fccb104860e822b
File size: 39960 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images