Solved! Use CMXOKEW.EXE (Backdoor Farfli) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

CMXOKEW.EXE – Backdoor Farfli removal

File MD5 Virus Alias
CMXOKEW.EXE 3ce88cc3005bf2727d7c91643b4bdfdd Backdoor Farfli
CMXOKEW.EXE 3ce88cc3005bf2727d7c91643b4bdfdd Trojan Generic
CMXOKEW.EXE 3ce88cc3005bf2727d7c91643b4bdfdd Trojan Eldorado
CMXOKEW.EXE 3ce88cc3005bf2727d7c91643b4bdfdd Trojan Downloader
CMXOKEW.EXE 3ce88cc3005bf2727d7c91643b4bdfdd Trojan Graftor
CMXOKEW.EXE 3ce88cc3005bf2727d7c91643b4bdfdd Trojan Agent

CMXOKEW.EXE size: 15859296 bytes
CMXOKEW.EXE hash: 3CE88CC3005BF2727D7C91643B4BDFDD

Created files:

%Program Files%\Ruaxaw soebe\Cmxokew.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Rulzyj iflaokcm\ReleiceName: Ssaqyi casiqa
HKLM\System\CurrentControlSet\Services\Ssaqyi casiqa\ConnectGroup: ??????
HKLM\System\CurrentControlSet\Services\Ssaqyi casiqa\MarkTime: 2015-04-20 04:52
HKLM\System\CurrentControlSet\Services\Ssaqyi casiqa\Type: 10010000
HKLM\System\CurrentControlSet\Services\Ssaqyi casiqa\Start: 02000000
HKLM\System\CurrentControlSet\Services\Ssaqyi casiqa\DisplayName: Lzknlh qryotmdz
HKLM\System\CurrentControlSet\Services\Ssaqyi casiqa\ImagePath: %Program Files%\Ruaxaw soebe\Cmxokew.exe

Detected by UnHackMe:

CMXOKEW.EXE
Default location: %PROGRAM FILES%\RUAXAW SOEBE\CMXOKEW.EXE

Dropper information:
MD5: af83ec0c870a538725c2e104c53f3edf
File size: 130656 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images