Backdoor:Win32/Farfli.AV

Backdoor:Win32/Farfli.AV Description

Type: Backdoors

Backdoor:Win32/Farfli.AV is a backdoor Trojan that enables a remote cybercriminal to obtain access and control to the corrupted PC. Backdoor:Win32/Farfli.AV can log keystrokes and steal an affected PC user's personal information. Backdoor:Win32/Farfli.AV can drop other malware infections on the infected computer system. Backdoor:Win32/Farfli.AV may steal the target PC user's personal information by recording his/her usernames and passwords. While being installed, Backdoor:Win32/Farfli.AV makes system modifications by adding malevolent files. Backdoor:Win32/Farfli.AV adds itself to the start menu to ensure it is executed automatically every time you start Windows. Backdoor:Win32/Farfli.AV creates a copy of itself as a malevolent file. Backdoor:Win32/Farfli.AV strives to connect to a distant server to receive commands. Backdoor:Win32/Farfli.AV alters system settings and runs or blocks programs.

Technical Information

File System Details

Backdoor:Win32/Farfli.AV creates the following file(s):
# File Name MD5 Detection Count
1 updata.exe 281e5275e39b6aa7997bd017f9ba8794 125
2 svchsot.exe 377e64bc752914e0c1cb5a223d0111f0 43
3 Backdoor.A_variant.exe f26a2bcc152d2ba697ad4508ea00959e 2
4 [start menu]\Programs\Startup\killmdx N/A
5 file.exe bffe4a9dff2bb714fdb748b1ad8ed146 0
More files

Registry Details

Backdoor:Win32/Farfli.AV creates the following registry entry or registry entries:
Regexp file mask
%HOMEDRIVE%\updata.exe
%PROGRAMFILES%\Internet Explorer\test.exe
%WINDIR%\dsawe.EXE
%WINDIR%\terms.exe.exe
Directory
%PROGRAMFILES%\Microsoft Ogmgka
%PROGRAMFILES%\mysqldata
%PROGRAMFILES(x86)%\Microsoft Ogmgka
%PROGRAMFILES(x86)%\mysqldata

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.