How to remove rxfcv.sys
rxfcv.sys
The module rxfcv.sys has been detected as Trojan.Creprote
File Details
| Product Name: | PrimoCache |
| Company Name: | Romex Software |
| MD5: | addd5f744b04737d236cd0bc042ee004 |
| Size: | 175 KB |
| First Published: | 2024-01-15 00:00:28 (2 years ago) |
| Latest Published: | 2025-02-27 23:01:49 (9 months ago) |
| Status: | Trojan.Creprote (on last analysis) | |
| Analysis Date: | 2025-02-27 23:01:49 (9 months ago) |
Overview
| Signed By: | Shenzhen yundian Technology Co., Ltd;TestCertificate |
| Status: | Valid |
Common Places:
| %profile%\downloads\primocache\primocache\reg |
| %system% |
| %profile%\downloads\telegram desktop\primocache.zip\primocache\reg |
| %system% |
Geography:
| 50.0% | ||
| 25.0% | ||
| 25.0% |
OS Version:
| Windows 10 | 100.0% |
Analysis
| Subsystem: | Native |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x00028410 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 116736 | 5151bf50f3bec7af8f9f6937a8a11618 |
| EXTRA | 8192 | 17ddcc118ed2082b8bf777be9a77f238 |
| CPATA | 512 | b430a231b0c95c545a403ef8fa2f638c |
| .rdata | 8192 | cd63be16cd9e8d2a411236d2a2d45bc3 |
| .data | 1024 | f2de5f9ac1079cf74e633829597f0a17 |
| .pdata | 6144 | c69a09d4e110e016630e63daa58b7153 |
| PAGE | 3072 | 7e7f223c5eff1963e75c576dabb9425b |
| INIT | 10752 | 71a1283478092a98cf9d3bf142036675 |
| .rsrc | 2560 | ab8c3ed920acd7c51a47dff132e70c77 |
| .reloc | 512 | f19b2d63de7e0402eb8b8736c20f81c4 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for rxfcv.sys
