Solved! Use QOF.DLL (Backdoor Koutodoor) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

QOF.DLL – Backdoor Koutodoor removal

FileMD5Virus Alias
QOF.DLL d0a6f64d0e96e587e1f8f3a98f990866 Backdoor Koutodoor
QOF.DLL d0a6f64d0e96e587e1f8f3a98f990866 Trojan Generic
QOF.DLL d0a6f64d0e96e587e1f8f3a98f990866 Trojan Eldorado
QOF.DLL d0a6f64d0e96e587e1f8f3a98f990866 Trojan Adload
QOF.DLL d0a6f64d0e96e587e1f8f3a98f990866 Trojan Agent

QOF.DLL size: 53248 bytes
QOF.DLL hash: D0A6F64D0E96E587E1F8F3A98F990866

Created files:

%SysDir%\drivers\hoifnw.sys
%SysDir%\qof.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\hoifnw\Type: 01000000
HKLM\System\CurrentControlSet\Services\hoifnw\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\hoifnw\DisplayName: hoifnw
HKLM\System\CurrentControlSet\Services\hoifnw\ImagePath: 730079007300740065006D00330032005C0064007200690076006500720073005C0068006F00690066006E0077002E007300790073000000

Detected by UnHackMe:

QOF.DLL
Default location: %SYSDIR%\QOF.DLL

Dropper information:
MD5: d848581ad19633353e0cab2bde27734a
File size: 128064 bytes

Leave a Reply