RSMENTQE.DLL – Backdoor Farfli

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

RSMENTQE.DLL – Backdoor Farfli removal

FileMD5Virus Alias
RSMENTQE.DLL 3ef4633cec04516113343c64a990a526 Backdoor Farfli
RSMENTQE.DLL 3ef4633cec04516113343c64a990a526 Trojan SuspiciousFile
RSMENTQE.DLL 3ef4633cec04516113343c64a990a526 Trojan Generic
RSMENTQE.DLL 3ef4633cec04516113343c64a990a526 Trojan Eldorado
RSMENTQE.DLL 3ef4633cec04516113343c64a990a526 Trojan Downloader
RSMENTQE.DLL 3ef4633cec04516113343c64a990a526 Trojan Magania

RSMENTQE.DLL size: 10166272 bytes
RSMENTQE.DLL hash: 3EF4633CEC04516113343C64A990A526

Created files:

C:\windows\system32\drivers\gui.sys
C:\windows\system32\Rsmentqe.dll
C:\windows\temp377200.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\McAfee Network Agent\Type: 10010000
HKLM\System\CurrentControlSet\Services\McAfee Network Agent\Start: 02000000
HKLM\System\CurrentControlSet\Services\McAfee Network Agent\DisplayName: McAfee Network Agent
HKLM\System\CurrentControlSet\Services\McAfee Network Agent\ImagePath: %SystemRoot%\System32\svchost.exe -k imgsvc

Detected by UnHackMe:

RSMENTQE.DLL
Default location: %SYSDIR%\RSMENTQE.DLL

Dropper information:
MD5: 84f08b5b63f01643d5c904ec365a1c2b
File size: 135168 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images