How to remove “Backdoor.Win32.Farfli.bvuv”?

Malware Removal

The Backdoor.Win32.Farfli.bvuv is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Backdoor.Win32.Farfli.bvuv virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Presents an Authenticode digital signature
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Deletes its original binary from disk
  • Creates a copy of itself
  • Anomalous binary characteristics

How to determine Backdoor.Win32.Farfli.bvuv?


File Info:

crc32: A09B75C2
md5: f8befb695a76c9bca757890002828f9d
name: F8BEFB695A76C9BCA757890002828F9D.mlw
sha1: b18333e908169cb1e54d77756888cc8596aef575
sha256: 8f875e5ea23bda106403972b13137ee9ee227e3e52fa13d1826302d95750b2cb
sha512: f58030ab5fc2b50139cc7d1b7aa6582b91f8876c62201bfcf2a533af7016fdb1f59e682d38c7a8ce2f304c73c163fa6fcda0ddd5d2d3a36b0391b9a546b4d477
ssdeep: 3072:gh/CRfVuB/9qi9Xe9tKG/zb1v8g0cSbEwJLckdVkR10:dfVW/siE9tN/9v8RTbHOkdVt
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: x7248x6743x6240x6709 (C) 2005
InternalName: Style
FileVersion: 1, 0, 0, 1
CompanyName:
LegalTrademarks:
ProductName: Style x5e94x7528x7a0bx5e8f
ProductVersion: 1, 0, 0, 1
FileDescription: Style Microsoft x57fax7840x7c7bx5e94x7528x7a0bx5e8f
OriginalFilename: Style.EXE
Translation: 0x0804 0x04b0

Backdoor.Win32.Farfli.bvuv also known as:

Elasticmalicious (high confidence)
CynetMalicious (score: 100)
CylanceUnsafe
CrowdStrikewin/malicious_confidence_80% (D)
Cybereasonmalicious.908169
SymantecML.Attribute.HighConfidence
APEXMalicious
KasperskyBackdoor.Win32.Farfli.bvuv
SophosML/PE-A
ComodoTrojWare.Win32.Magania.F@7jjkv4
BitDefenderThetaGen:NN.ZexaF.34722.kC2@aSM!JVlb
VIPRETrojan.Win32.Generic.pak!cobra
TrendMicroTROJ_GEN.R005C0DF721
McAfee-GW-EditionArtemis
FireEyeGeneric.mg.f8befb695a76c9bc
SentinelOneStatic AI – Malicious PE
JiangminHeur:Trojan.DTStealer.Gen
eGambitPE.Heur.InvalidSig
MicrosoftTrojan:Win32/Farfli.DSK!MTB
GridinsoftPUP.Qiyi.vl!c
AhnLab-V3Malware/Win32.RL_Backdoor.R353637
McAfeeArtemis!F8BEFB695A76
VBA32BScope.Trojan.Fsysna
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_GEN.R005C0DF721
RisingMalware.Heuristic!ET#94% (RDMK:cmRtazrMASzP4gWUz8W/f081jNj6)
YandexBackdoor.Poison!1ugYMQKWifg
FortinetPossibleThreat.PALLAS.H

How to remove Backdoor.Win32.Farfli.bvuv?

Backdoor.Win32.Farfli.bvuv removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment