I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.
IYYESMS.EXE – Backdoor Farfli removal
| File | MD5 | Virus Alias |
|---|---|---|
| IYYESMS.EXE | 0d8d466b0c98c9d4a392361d6e55b9e7 | Backdoor Farfli |
| IYYESMS.EXE | 0d8d466b0c98c9d4a392361d6e55b9e7 | Trojan Generic |
| IYYESMS.EXE | 0d8d466b0c98c9d4a392361d6e55b9e7 | Trojan Eldorado |
| IYYESMS.EXE | 0d8d466b0c98c9d4a392361d6e55b9e7 | Trojan Graftor |
| IYYESMS.EXE | 0d8d466b0c98c9d4a392361d6e55b9e7 | Trojan Renos |
| IYYESMS.EXE | 0d8d466b0c98c9d4a392361d6e55b9e7 | Trojan Agent |
IYYESMS.EXE size: 10532352 bytes
IYYESMS.EXE hash: 0D8D466B0C98C9D4A392361D6E55B9E7
Created files:
%Program Files%\Windows NT\Iyyesms.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\Wsqqwk wwqcqsem\ConnectGroup: ??????
HKLM\System\CurrentControlSet\Services\Wsqqwk wwqcqsem\MarkTime: 2014-11-18 03:55
HKLM\System\CurrentControlSet\Services\Wsqqwk wwqcqsem\Type: 10010000
HKLM\System\CurrentControlSet\Services\Wsqqwk wwqcqsem\Start: 02000000
HKLM\System\CurrentControlSet\Services\Wsqqwk wwqcqsem\DisplayName: Qaqmou moaecsky
HKLM\System\CurrentControlSet\Services\Wsqqwk wwqcqsem\ImagePath: %Program Files%\Windows NT\Iyyesms.exe
Detected by UnHackMe:
IYYESMS.EXE
Default location: %PROGRAM FILES%\WINDOWS NT\IYYESMS.EXE
Dropper information:
MD5: 335be978986b67a0a854a7ab2f129114
File size: 46592 bytes