Solved! Use 2027200.DLL (Backdoor Farfli) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

2027200.DLL – Backdoor Farfli removal

FileMD5Virus Alias
2027200.DLL 75eb17d805b0d2db70f6e571a032cc4d Backdoor Farfli
2027200.DLL 75eb17d805b0d2db70f6e571a032cc4d Trojan Eldorado
2027200.DLL 75eb17d805b0d2db70f6e571a032cc4d Trojan Magania
2027200.DLL 75eb17d805b0d2db70f6e571a032cc4d Trojan Agent
2027200.DLL 75eb17d805b0d2db70f6e571a032cc4d Backdoor Zegost
2027200.DLL 75eb17d805b0d2db70f6e571a032cc4d Backdoor IRCBot

2027200.DLL size: 136704 bytes
2027200.DLL hash: 75EB17D805B0D2DB70F6E571A032CC4D

Created files:

C:\2027200.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Ghijkl Nopqrstu Wxy\Type: 10010000
HKLM\System\CurrentControlSet\Services\Ghijkl Nopqrstu Wxy\Start: 02000000
HKLM\System\CurrentControlSet\Services\Ghijkl Nopqrstu Wxy\DisplayName: Ghijkl Nopqrstu Wxyabcde Ghij
HKLM\System\CurrentControlSet\Services\Ghijkl Nopqrstu Wxy\ImagePath: %SystemRoot%\System32\svchost.exe -k imgsvc
HKLM\System\CurrentControlSet\Services\RemoteAccess\RouterManagers\Ip\DLLPath: 43003A005C0032003000320037003200300030002E0064006C006C000000

Detected by UnHackMe:

2027200.DLL
Default location: C:\2027200.DLL

Dropper information:
MD5: 3f8d93f65b4c0128cc8be839e13d06d3
File size: 144384 bytes

Leave a Reply