Solved! Use SERVER.EXE (Backdoor Farfli) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

SERVER.EXE – Backdoor Farfli removal

FileMD5Virus Alias
SERVER.EXE 660c74b59db30a9cef302b0f048fc809 Backdoor Farfli
SERVER.EXE 660c74b59db30a9cef302b0f048fc809 Trojan Artemis
SERVER.EXE 660c74b59db30a9cef302b0f048fc809 Trojan Generic
SERVER.EXE 660c74b59db30a9cef302b0f048fc809 Trojan CI
SERVER.EXE 660c74b59db30a9cef302b0f048fc809 Trojan Agent
SERVER.EXE 660c74b59db30a9cef302b0f048fc809 Backdoor Zegost

SERVER.EXE size: 15862336 bytes
SERVER.EXE hash: 660C74B59DB30A9CEF302B0F048FC809

Created files:

%Program Files%\Ruelkm ustiu\server.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Qhjffw calrva\ConnectGroup: ??????
HKLM\System\CurrentControlSet\Services\Qhjffw calrva\MarkTime: 2015-11-20 01:33
HKLM\System\CurrentControlSet\Services\Qhjffw calrva\Type: 10010000
HKLM\System\CurrentControlSet\Services\Qhjffw calrva\Start: 02000000
HKLM\System\CurrentControlSet\Services\Qhjffw calrva\DisplayName: Tpcvtv wdwavgth
HKLM\System\CurrentControlSet\Services\Qhjffw calrva\ImagePath: %Program Files%\Ruelkm ustiu\server.exe
HKLM\System\CurrentControlSet\Services\Ruyjle aiipjacg\ReleiceName: Qhjffw calrva

Detected by UnHackMe:

SERVER.EXE
Default location: %PROGRAM FILES%\RUELKM USTIU\SERVER.EXE

Dropper information:
MD5: 660c74b59db30a9cef302b0f048fc809
File size: 15862336 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images