Solved! Use 1.EXE (Backdoor Farfli) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

1.EXE – Backdoor Farfli removal

FileMD5Virus Alias
1.EXE c3cf9b43276e0377b239969382375f1f Backdoor Farfli
1.EXE c3cf9b43276e0377b239969382375f1f Trojan Generic
1.EXE c3cf9b43276e0377b239969382375f1f Trojan Eldorado
1.EXE c3cf9b43276e0377b239969382375f1f Trojan Downloader
1.EXE c3cf9b43276e0377b239969382375f1f Trojan Magania
1.EXE c3cf9b43276e0377b239969382375f1f Backdoor Nitol

1.EXE size: 151552 bytes
1.EXE hash: C3CF9B43276E0377B239969382375F1F

Created files:

C:\1.exe
%SysDir%\zzxxcck.dll
%Temp%\tt1.exe
%Temp%\tt11.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\WS2IFSL\Type: 01000000
HKLM\System\CurrentControlSet\Services\WS2IFSL\Start: 01000000
HKLM\System\CurrentControlSet\Services\WS2IFSL\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\WS2IFSL\DisplayName: Windows Socket 2.0 Non-IFS Service Provider Support Environment
HKLM\System\CurrentControlSet\Services\WS2IFSL\ImagePath: \SystemRoot\System32\drivers\ws2ifsl.sys

Detected by UnHackMe:

1.EXE
Default location: C:\1.EXE

Dropper information:
MD5: 27e91ce3ef6ec1d629c721277ebf59bd
File size: 161884 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images