Solved! Use SMRSS.EXE (Trojan Delf) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

SMRSS.EXE – Trojan Delf removal

FileMD5Virus Alias
SMRSS.EXE 0b7315ad0ffbfc5f65c0471111bd9af1 Trojan Delf
SMRSS.EXE 0b7315ad0ffbfc5f65c0471111bd9af1 Trojan Generic
SMRSS.EXE 0b7315ad0ffbfc5f65c0471111bd9af1 Trojan Downloader
SMRSS.EXE 0b7315ad0ffbfc5f65c0471111bd9af1 Trojan Dadobra
SMRSS.EXE 0b7315ad0ffbfc5f65c0471111bd9af1 Trojan Agent
SMRSS.EXE 0b7315ad0ffbfc5f65c0471111bd9af1 Trojan Kryptik

SMRSS.EXE size: 1039098 bytes
SMRSS.EXE hash: 0B7315AD0FFBFC5F65C0471111BD9AF1

Created files:

%WinDir%\svchost.exe
%SysDir%\freizer.exe
%SysDir%\smrss.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\freizer: %WinDir%\System32\freizer.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\svchost: %WinDir%\System32\svchost.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell: Explorer.exe smrss.exe

Detected by UnHackMe:

SMRSS.EXE
Default location: %SYSDIR%\SMRSS.EXE

Dropper information:
MD5: 0b7315ad0ffbfc5f65c0471111bd9af1
File size: 1039098 bytes

Leave a Reply