I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
Trojan Delf
Also known as: Trojan Banload, Trojan Agent
SHA256: 3d9e4e70d090b217617243aa0b2a89f079dd534b48518e326cd802543c056e4f
SHA1: fc5df95f56eaef3e074de0b3369d269519b9a39c
MD5: 0c46a3b0d5d6e558fa5f793f4531b475
File size: 1656832 bytes
Created files:
%WinDir%\BugSlayerUtil.dll – Trojan Delf
%WinDir%\convertxdccfile.exe – Trojan Delf
%WinDir%\cygcrypt-0.dll – Trojan Delf
%WinDir%\cygregex.dll – Trojan Delf
%WinDir%\cygwin1.dll – Trojan Delf
%WinDir%\gob.bat – Trojan Delf
%WinDir%\gos.bat – Trojan Delf
%WinDir%\hdd32.exe – Trojan Delf
%WinDir%\libeay32.dll – Trojan Delf
%WinDir%\ServUPerfCount.dll – Trojan Delf
%WinDir%\ssleay32.dll – Trojan Delf
%WinDir%\stm.bat – Trojan Delf
%SysDir%\Shell323.exe – Trojan Delf
%SysDir%\srv_capture.dll – Trojan Delf
%SysDir%\srv_funstuff.dll – Trojan Delf
%SysDir%\srv_multimedia.dll – Trojan Delf
%SysDir%\srv_portscan.dll – Trojan Delf
%SysDir%\srv_pwinfo.dll – Trojan Delf
%WinDir%\Tuneop.exe – Trojan Delf
%WinDir%\TzoLibr.dll – Trojan Delf
%WinDir%\winhlp.exe – Trojan Delf
%WinDir%\winupt.exe – Trojan Delf
%Temp%\~SD1.exe – Trojan Delf
%Temp%\~SD2.exe – Trojan Delf
Trojan Delf created autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Print_Manager: C:\windows\hdd32.exe winupt.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\NortonTuneop: C:\windows\hdd32.exe C:\windows\tuneop.exe C:\windows\sysback.config
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Shell32: Shell323.exe