Solved! Use HOIFNW.SYS (Backdoor Koutodoor) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

HOIFNW.SYS – Backdoor Koutodoor removal

FileMD5Virus Alias
HOIFNW.SYS 63e1abfc2155ba0e2bab12f684ea9a41 Backdoor Koutodoor
HOIFNW.SYS 63e1abfc2155ba0e2bab12f684ea9a41 Trojan Generic
HOIFNW.SYS 63e1abfc2155ba0e2bab12f684ea9a41 Trojan Eldorado
HOIFNW.SYS 63e1abfc2155ba0e2bab12f684ea9a41 Trojan Siggen
HOIFNW.SYS 63e1abfc2155ba0e2bab12f684ea9a41 Trojan Agent
HOIFNW.SYS 63e1abfc2155ba0e2bab12f684ea9a41 Trojan Crypt

HOIFNW.SYS size: 38304 bytes
HOIFNW.SYS hash: 63E1ABFC2155BA0E2BAB12F684EA9A41

Created files:

%SysDir%\drivers\hoifnw.sys
%SysDir%\qof.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\hoifnw\Type: 01000000
HKLM\System\CurrentControlSet\Services\hoifnw\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\hoifnw\DisplayName: hoifnw
HKLM\System\CurrentControlSet\Services\hoifnw\ImagePath: 730079007300740065006D00330032005C0064007200690076006500720073005C0068006F00690066006E0077002E007300790073000000

Detected by UnHackMe:

HOIFNW.SYS
Default location: %SYSDIR%\DRIVERS\HOIFNW.SYS

Dropper information:
MD5: d848581ad19633353e0cab2bde27734a
File size: 128064 bytes

Leave a Reply