Backdoor:Win32/Farfli.AV

By Sumo3000 in Backdoors

Threat Scorecard

Threat Level:	60 % (Medium)
Infected Computers:	843

First Seen:	June 25, 2013
Last Seen:	August 28, 2022
OS(es) Affected:	Windows

Backdoor:Win32/Farfli.AV is a backdoor Trojan that enables a remote cybercriminal to obtain access and control to the corrupted PC. Backdoor:Win32/Farfli.AV can log keystrokes and steal an affected PC user's personal information. Backdoor:Win32/Farfli.AV can drop other malware infections on the infected computer system. Backdoor:Win32/Farfli.AV may steal the target PC user's personal information by recording his/her usernames and passwords. While being installed, Backdoor:Win32/Farfli.AV makes system modifications by adding malevolent files. Backdoor:Win32/Farfli.AV adds itself to the start menu to ensure it is executed automatically every time you start Windows. Backdoor:Win32/Farfli.AV creates a copy of itself as a malevolent file. Backdoor:Win32/Farfli.AV strives to connect to a distant server to receive commands. Backdoor:Win32/Farfli.AV alters system settings and runs or blocks programs.

Table of Contents

SpyHunter Detects & Remove Backdoor:Win32/Farfli.AV

File System Details

Backdoor:Win32/Farfli.AV may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	updata.exe	281e5275e39b6aa7997bd017f9ba8794	125
Name: updata.exe MD5: 281e5275e39b6aa7997bd017f9ba8794 Size: 282.62 KB (282624 bytes) Detections: 125 Type: Executable File Path: %SystemDrive% Group: Malware file Last Updated: July 27, 2017
2.	svchsot.exe	e79a87fba2dd859b02d9294495b92f13	31
Name: svchsot.exe MD5: e79a87fba2dd859b02d9294495b92f13 Size: 315.39 KB (315392 bytes) Detections: 31 Type: Executable File Path: %WINDIR%\XXXXXX579E5A5B VVVVVVrr2unw== Group: Malware file Last Updated: September 14, 2017
3.	Backdoor.A_variant.exe	f26a2bcc152d2ba697ad4508ea00959e	2
Name: Backdoor.A_variant.exe MD5: f26a2bcc152d2ba697ad4508ea00959e Size: 61.46 KB (61467 bytes) Detections: 2 Type: Executable File Path: %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: March 25, 2016
4.	file.exe	109dd29814db94db205eddccc1e17c58	1
Name: file.exe MD5: 109dd29814db94db205eddccc1e17c58 Size: 322.07 KB (322070 bytes) Detections: 1 Type: Executable File Group: Malware file Last Updated: October 24, 2025
5.	[start menu]\Programs\Startup\killmdx
Name: [start menu]\Programs\Startup\killmdx Group: Malware file

More files

Registry Details

Backdoor:Win32/Farfli.AV may create the following registry entry or registry entries:

Regexp file mask

%HOMEDRIVE%\updata.exe

%PROGRAMFILES%\Internet Explorer\test.exe

%WINDIR%\dsawe.EXE

%WINDIR%\terms.exe.exe

Directories

Backdoor:Win32/Farfli.AV may create the following directory or directories:

%PROGRAMFILES%\Microsoft Ogmgka

%PROGRAMFILES%\mysqldata

%PROGRAMFILES(x86)%\Microsoft Ogmgka

%PROGRAMFILES(x86)%\mysqldata

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Backdoor:Win32/Farfli.AV

Threat Scorecard

EnigmaSoft Threat Scorecard

SpyHunter Detects & Remove Backdoor:Win32/Farfli.AV

File System Details

Registry Details

Directories

Submit Comment

Trending

American Express - Sign-in Attempt Was Blocked Scam

OKX Rewards Scam

Chainspanhub.com

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Discord Is Stuck on Gray Screen

Discord Shows Black Screen when Sharing Screen