I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
Trojan Delf
Also known as: Trojan Downloader.Generic, Trojan-Ransom Gimemo
SHA256: cee0c0b4969856675d2d0f94d93add36c6d750802b7fd6cc3d72c74cf5e98ef1
SHA1: 033258c39280e3f2ef30832fcefc9fda19f2c43a
MD5: 17eb3fe030044f70025d637c006999eb
File size: 182784 bytes
Created files:
%AppData%\AMD_cpx.exe – Trojan Delf
Trojan Delf created autostart registry keys:
HKLM\Software\Microsoft\Active Setup\Installed Components\{cixSnxnx-Tx3q-5426-uRt0-MkxE5BvNvq3B}\ZjHxBovKZKNmF9z: “%AppData%\AMD_cpx.exe” /ActiveX
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ZjHxBovKZKNmF9z: %AppData%\AMD_cpx.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: %AppData%\AMD_cpx.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %AppData%\AMD_cpx.exe,%WinDir%\System32\userinit.exe,
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ZjHxBovKZKNmF9z: %AppData%\AMD_cpx.exe
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: %AppData%\AMD_cpx.exe
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %AppData%\AMD_cpx.exe,%WinDir%\System32\userinit.exe,