Solved! Use SOAYUKU.EXE (Backdoor Farfli) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

SOAYUKU.EXE – Backdoor Farfli removal

FileMD5Virus Alias
SOAYUKU.EXE 1f804833384f18b4392c7af4f0a7009a Backdoor Farfli
SOAYUKU.EXE 1f804833384f18b4392c7af4f0a7009a Trojan Graftor
SOAYUKU.EXE 1f804833384f18b4392c7af4f0a7009a Trojan Agent

SOAYUKU.EXE size: 57544 bytes
SOAYUKU.EXE hash: 1F804833384F18B4392C7AF4F0A7009A

Created files:

%Program Files%\Microsoft Edevwh\Soayuku.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Wswiem eiigieia\ConnectGroup: AAAAAA
HKLM\System\CurrentControlSet\Services\Wswiem eiigieia\MarkTime: 2014-08-21 21:32
HKLM\System\CurrentControlSet\Services\Wswiem eiigieia\Type: 10010000
HKLM\System\CurrentControlSet\Services\Wswiem eiigieia\Start: 02000000
HKLM\System\CurrentControlSet\Services\Wswiem eiigieia\DisplayName: Abrkzp aelmhazi
HKLM\System\CurrentControlSet\Services\Wswiem eiigieia\ImagePath: %Program Files%\Microsoft Edevwh\Soayuku.exe

Detected by UnHackMe:

SOAYUKU.EXE
Default location: %PROGRAM FILES%\MICROSOFT EDEVWH\SOAYUKU.EXE

Dropper information:
MD5: 1f804833384f18b4392c7af4f0a7009a
File size: 57544 bytes

Leave a Reply