Solved! Use OEWGYGV.EXE (Backdoor Farfli) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

OEWGYGV.EXE – Backdoor Farfli removal

File MD5 Virus Alias
OEWGYGV.EXE a887df23eb47093cee6d2a58f047874f Backdoor Farfli
OEWGYGV.EXE a887df23eb47093cee6d2a58f047874f Trojan SuspiciousFile
OEWGYGV.EXE a887df23eb47093cee6d2a58f047874f Trojan Generic
OEWGYGV.EXE a887df23eb47093cee6d2a58f047874f Trojan Downloader
OEWGYGV.EXE a887df23eb47093cee6d2a58f047874f Trojan CI
OEWGYGV.EXE a887df23eb47093cee6d2a58f047874f Trojan Graftor

OEWGYGV.EXE size: 108032 bytes
OEWGYGV.EXE hash: A887DF23EB47093CEE6D2A58F047874F

Created files:

%WinDir%\Oewgygv.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Ebxnpk cazjpa\ConnectGroup: 3306
HKLM\System\CurrentControlSet\Services\Ebxnpk cazjpa\MarkTime: 2014-11-20 23:44
HKLM\System\CurrentControlSet\Services\Ebxnpk cazjpa\Type: 10010000
HKLM\System\CurrentControlSet\Services\Ebxnpk cazjpa\Start: 02000000
HKLM\System\CurrentControlSet\Services\Ebxnpk cazjpa\DisplayName: Ppelzf ytmgdedv
HKLM\System\CurrentControlSet\Services\Ebxnpk cazjpa\ImagePath: %WinDir%\Oewgygv.exe
HKLM\System\CurrentControlSet\Services\Rucaug cefylknd\ReleiceName: Ebxnpk cazjpa

Detected by UnHackMe:

OEWGYGV.EXE
Default location: %WinDir%\OEWGYGV.EXE

Dropper information:
MD5: a887df23eb47093cee6d2a58f047874f
File size: 108032 bytes

Leave a Reply