Solved! Use SOFTWAREUPDATE.EXE (Trojan Delf) Removal Guide

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

SOFTWAREUPDATE.EXE – Trojan Delf removal

FileMD5Virus Alias
SOFTWAREUPDATE.EXE 5646a958f24402c9a89892153210411a Trojan Delf
SOFTWAREUPDATE.EXE 5646a958f24402c9a89892153210411a Trojan Hlux
SOFTWAREUPDATE.EXE 5646a958f24402c9a89892153210411a Trojan Eldorado
SOFTWAREUPDATE.EXE 5646a958f24402c9a89892153210411a Trojan Agent
SOFTWAREUPDATE.EXE 5646a958f24402c9a89892153210411a Trojan Delphi
SOFTWAREUPDATE.EXE 5646a958f24402c9a89892153210411a Trojan Crypt

SOFTWAREUPDATE.EXE size: 92582 bytes
SOFTWAREUPDATE.EXE hash: 5646A958F24402C9A89892153210411A

Created files:

%SysDir%\sIRC4.exe
%SysDir%\xdccPrograms\KillOK.exe
%SysDir%\xdccPrograms\Network Setup Wizard.exe
%SysDir%\xdccPrograms\Opera_1161_int_Setup.exe
%SysDir%\xdccPrograms\SafariSetup.exe
%SysDir%\xdccPrograms\SoftwareUpdate.exe
%SysDir%\xdccPrograms\Wireless Network Setup Wizard.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell: Explorer.exe sIRC4.exe

Detected by UnHackMe:

SOFTWAREUPDATE.EXE
Default location: %SYSDIR%\XDCCPROGRAMS\SOFTWAREUPDATE.EXE

Dropper information:
MD5: 0eb9122714055815b0566af20e22bbd1
File size: 92582 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images