Solved! Use NETWORK SETUP WIZARD.EXE (Trojan Delf) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

NETWORK SETUP WIZARD.EXE – Trojan Delf removal

FileMD5Virus Alias
NETWORK SETUP WIZARD.EXE 87134e2b60033ba1253eab05809e6beb Trojan Delf
NETWORK SETUP WIZARD.EXE 87134e2b60033ba1253eab05809e6beb Trojan Hlux
NETWORK SETUP WIZARD.EXE 87134e2b60033ba1253eab05809e6beb Trojan Eldorado
NETWORK SETUP WIZARD.EXE 87134e2b60033ba1253eab05809e6beb Trojan Agent
NETWORK SETUP WIZARD.EXE 87134e2b60033ba1253eab05809e6beb Trojan Delphi
NETWORK SETUP WIZARD.EXE 87134e2b60033ba1253eab05809e6beb Trojan Crypt

NETWORK SETUP WIZARD.EXE size: 459786 bytes
NETWORK SETUP WIZARD.EXE hash: 87134E2B60033BA1253EAB05809E6BEB

Created files:

%SysDir%\sIRC4.exe
%SysDir%\xdccPrograms\KillOK.exe
%SysDir%\xdccPrograms\Network Setup Wizard.exe
%SysDir%\xdccPrograms\Opera_1161_int_Setup.exe
%SysDir%\xdccPrograms\SafariSetup.exe
%SysDir%\xdccPrograms\Wireless Network Setup Wizard.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell: Explorer.exe sIRC4.exe

Detected by UnHackMe:

NETWORK SETUP WIZARD.EXE
Default location: %SYSDIR%\XDCCPROGRAMS\NETWORK SETUP WIZARD.EXE

Dropper information:
MD5: 1a42d7e386c341fafe05c4ddd0c0b9a1
File size: 444855 bytes

Leave a Reply