Start to remove Backdoor:PHP/C99shell.N now!
Backdoor:PHP/C99shell.N description and removal instruction

Backdoor:PHP/C99shell.N

Free Backdoor:PHP/C99shell.N Scan

Technical information
Payload
Removal instructions

Technical information

The Backdoor:PHP/C99shell.N will install rogue security software NTI Backup Now EZ 2010 into the affected machines without users knowledge. The Backdoor:PHP/C99shell.N file size is 58880 bytes.

Payload

Once launched, the Backdoor:PHP/C99shell.N performs the following actions:

  • Download rogue security tool NTI Backup Now EZ 2010 from the following domains:
    http://www.ntius.com/
  • Modify the properties of the following files:
    %SYSTEMROOT%:\WINDOWS\System32\\clfsw32.dll

    (58880 bytes; detected by HitMalware as " Backdoor:PHP/C99shell.N")
  • Removal instructions

    If your machine doesn't have antivirus/antispyware, please take the following steps to resolve the problems caused by Backdoor:PHP/C99shell.N:

    1. Replace the infected file clfsw32.dll for free by using clfsw32.dll repair tool - DLL Suite. See how to replace clfsw32.dll by using DLL Suite.

    2. Perform a full Backdoor:PHP/C99shell.N scan by using the latest antivirus/antispyware HitMalware.
    (Download Trial Version Now)

    MD5: 73893557389355


    How to replace clfsw32.dll by using DLL Suite

  • Download DLL Suite, install and run
  • Click "Start Scan" button to check clfsw32.dll file
  • Choose clfsw32.dll and click "More Information"
  • Download clfsw32.dll for free from the open web page
  • Save clfsw32.dll to its default folder to replace infected clfsw32.dll file.
  • Download Backdoor:PHP/C99shell.N Removal Tool Now

    Download Backdoor:PHP/C99shell.N Removal Tool Now