Backdoor

Backdoor.TofseePMF.S28195247 removal guide

Malware Removal

The Backdoor.TofseePMF.S28195247 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.TofseePMF.S28195247 virus can do?

  • Authenticode signature is invalid
  • CAPE detected the Tofsee malware family
  • Attempts to interact with an Alternate Data Stream (ADS)

How to determine Backdoor.TofseePMF.S28195247?



File Info:

name: C94540B7DC78DC8D4952.mlw
path: /opt/CAPEv2/storage/binaries/81db3a26cdbd2eec9c365b699423fa5810f08083ed13bc0de58cfb01041abb4f
crc32: 45AE1F40
md5: c94540b7dc78dc8d49522b9c98f333b2
sha1: df4deb08a87cfd6ad8e331db0d711d9c21d23363
sha256: 81db3a26cdbd2eec9c365b699423fa5810f08083ed13bc0de58cfb01041abb4f
sha512: def0ee032299ff13052a4df83ac460ff13379906da707d297ac280d1b372ac261faea13afa3be778a525d9e44588f128dd60268915b35bc96c67ad209f75cfb6
ssdeep: 1536:XSs2wgCmJ/usDBeuBiY3xHER7WRWdpIhUc:fgCmssDBRBi8klpIW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13D637D1BF6D18172EC810175669D7F2A9BFFDA363438E4C3E7421981AEA58C0D62D34B
sha3_384: fcdbb72481821c80055a8894f7371423f7299581e9b397a047482ba716a0877d0b09a6427fcb595a37079ccd08cc0f82
ep_bytes: 558bec81ec8406000053568b3580010a
timestamp: 2018-01-13 10:08:37


Version Info:

0: [No Data]

Backdoor.TofseePMF.S28195247 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.4!c
ElasticWindows.Trojan.Tofsee
MicroWorld-eScanGen:Variant.Razy.549137
ClamAVWin.Trojan.Tofsee-7102058-0
FireEyeGeneric.mg.c94540b7dc78dc8d
CAT-QuickHealBackdoor.TofseePMF.S28195247
McAfeeBackDoor-FDRN!C94540B7DC78
Cylanceunsafe
ZillyaDropper.Demp.Win32.2486
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0059425c1 )
AlibabaBackdoor:Win32/Tofsee.ea76f4e2
K7GWTrojan ( 0059425c1 )
Cybereasonmalicious.7dc78d
ArcabitTrojan.Razy.D86111
BaiduWin32.Trojan.Tofsee.a
CyrenW32/Tofsee.Q.gen!Eldorado
SymantecTrojan.Ascesso!gm
ESET-NOD32a variant of Win32/Tofsee.AX
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Razy.549137
NANO-AntivirusTrojan.Win32.Tofsee.fhimyb
ViRobotTrojan.Win.Z.Tofsee.72704.ADU
AvastWin32:BackdoorX-gen [Trj]
TencentTrojan.Win32.Tofsee.xa
EmsisoftGen:Variant.Razy.549137 (B)
F-SecureBackdoor.BDS/Backdoor.Gen
DrWebTrojan.DownLoader26.42957
VIPREGen:Variant.Razy.549137
TrendMicroTROJ_GEN.R002C0CH123
McAfee-GW-EditionBehavesLike.Win32.Generic.lh
Trapminemalicious.high.ml.score
SophosMal/Tinba-AH
IkarusBackdoor.Win32.Tofsee
JiangminTrojanDropper.Demp.bek
AviraBDS/Backdoor.Gen
MAXmalware (ai score=86)
Antiy-AVLTrojan[Backdoor]/Win32.Tofsee
XcitiumMalCrypt.Indus!@1qrzi1
MicrosoftBackdoor:Win32/Tofsee.MAK!MTB
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataWin32.Backdoor.Tofsee.C
GoogleDetected
AhnLab-V3Backdoor/Win32.Tofsee.R284452
BitDefenderThetaGen:NN.ZexaF.36348.eqW@aW6z95f
ALYacGen:Variant.Razy.549137
TACHYONTrojan/W32.Agent.72704.AHD
VBA32BScope.Trojan.Tofsee
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R002C0CH123
RisingTrojan.Tofsee!1.AF3A (CLASSIC)
YandexTrojan.GenAsa!XvO1cEIyueE
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.7164915.susgen
FortinetW32/Tofsee.AX!tr
AVGWin32:BackdoorX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Backdoor.TofseePMF.S28195247?

Backdoor.TofseePMF.S28195247 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment