Solved! Use DRWTSN32.EXE (Trojan Delf) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

DRWTSN32.EXE – Trojan Delf removal

FileMD5Virus Alias
DRWTSN32.EXE 03ccd38662ea18ff722cf14a7a26aa4c Trojan Delf
DRWTSN32.EXE 03ccd38662ea18ff722cf14a7a26aa4c Trojan MailPassView
DRWTSN32.EXE 03ccd38662ea18ff722cf14a7a26aa4c Trojan Xema
DRWTSN32.EXE 03ccd38662ea18ff722cf14a7a26aa4c Trojan Downloader
DRWTSN32.EXE 03ccd38662ea18ff722cf14a7a26aa4c Trojan Agent

DRWTSN32.EXE size: 489472 bytes
DRWTSN32.EXE hash: 03CCD38662EA18FF722CF14A7A26AA4C

Created files:

%WinDir%\drwtsn32.exe
%WinDir%\ml.exe
%WinDir%\ml.nkd
%WinDir%\ms.exe
%WinDir%\ms.nkd
%WinDir%\nkd.nkd
%WinDir%\ns.exe
%WinDir%\ns.nkd
%WinDir%\pv.exe
%WinDir%\pv.nkd

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Explorer: %WinDir%\drwtsn32.exe

Detected by UnHackMe:

DRWTSN32.EXE
Default location: %WinDir%\DRWTSN32.EXE

Dropper information:
MD5: 03ccd38662ea18ff722cf14a7a26aa4c
File size: 489472 bytes

Leave a Reply