ANTIVAR.EXE – Trojan Delf

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

ANTIVAR.EXE – Trojan Delf removal

FileMD5Virus Alias
ANTIVAR.EXE 8bda44b6d4c78362ede55eb3e22ed77a Trojan Delf
ANTIVAR.EXE 8bda44b6d4c78362ede55eb3e22ed77a Trojan Generic
ANTIVAR.EXE 8bda44b6d4c78362ede55eb3e22ed77a Trojan Eldorado
ANTIVAR.EXE 8bda44b6d4c78362ede55eb3e22ed77a Trojan Downloader
ANTIVAR.EXE 8bda44b6d4c78362ede55eb3e22ed77a Trojan Bancos
ANTIVAR.EXE 8bda44b6d4c78362ede55eb3e22ed77a Trojan Agent

ANTIVAR.EXE size: 177152 bytes
ANTIVAR.EXE hash: 8BDA44B6D4C78362EDE55EB3E22ED77A

Created files:

C:\Documents and Settings\LocalService\Local Settings\Application Data\sLT.exf
%SysDir%\antivar.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\ServerNabs4\Type: 10010000
HKLM\System\CurrentControlSet\Services\ServerNabs4\Start: 02000000
HKLM\System\CurrentControlSet\Services\ServerNabs4\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\ServerNabs4\DisplayName: ServerNabs4
HKLM\System\CurrentControlSet\Services\ServerNabs4\ImagePath: %WinDir%\System32\antivar.exe

Detected by UnHackMe:

ANTIVAR.EXE
Default location: %SYSDIR%\ANTIVAR.EXE

Dropper information:
MD5: 8bda44b6d4c78362ede55eb3e22ed77a
File size: 177152 bytes

Leave a Reply