Trojan.Delf Removal Guide

Threat Level:
8/10
Rate this Article:
Comments (0)
Article Views: 14539
Category: Trojans

If you do not want to be subjected to virtual identity theft, you have to protect your PC against Trojan.Delf. This family of Trojans is composed of such infamous infections as Trojan.Delf.fyl, Trojan.Delf.CO, Trojan.Delf.cdo and tens of others. These malicious programs have been set to spy on your virtual activity, breach email and IM accounts, distribute malware and produce misleading pop-ups. Who stand behind the vicious application? Have no doubt that it is virtual schemers who have released this malevolent infection. And how do they circulate malware? If the Trojan has entered your computer, you may want to consider the activity of other infections which could have downloaded it onto the PC. Of course, Trojan.Delf removal may become your problem if you open spam email attachments, click on suspicious links or adware and download from illegal P2P file-sharing sites. Should you delete Trojan.Delf? You should waste no more time because the removal of this is infection is perilous to your own security.

Are you thinking about manual Trojan.Delf removal? Unfortunately, not many Windows users will be able to find and delete clandestine Trojan components, many of which are rootkits and can hide against manual removal operations. Note that some of the dangerous files may use the names of familiar Windows elements (e.g. lsass.exe, svchost.exe). Additionally, alongside cloaked files, you may face misleading names like SmartGearozfy.exe or TNod-1.4.1.0-final-setup.exe, and those with randomly generated names – 149000.exe, aegvvp.exe, gbppdist.dll, etc. All of these files are responsible for corrupting the computer and ensuring the smooth running of the malicious components ccmain.exe, cndrive32.exe, rundll32.exe, winlogin.exe, wmplayer.dll or wnzip32.exe. It is these components which can steal your passwords, login into your personal accounts, use the name to distribute malware and even perform financial scams. Overall, you will not be able to miss the running of these components because they slow down your PC, reconfigure the running of security programs, delete start menu icons, change the desktop background and produce other similar symptoms. If you have noticed any suspicious activity – install an automatic removal tool to scan the PC and delete Trojan.Delf.

Why should you use automatic spyware detection and removal software? Of course, if you are 100% sure that you can succeed with manual removal tasks, you are free to continue on your own. However, note that every mistake could lead you to irremediable system damage. Therefore, if you are not confident with your manual removal experience and you want to protect your PC against future malware attacks, you should employ such reliable, effective security applications as SpyHunter. We strongly recommend this particular tool because it can detect and delete rootkit components.

Download Remover for Trojan.Delf *
*SpyHunter scanner, published on this site, is intended to be used only as a detection tool. To use the removal functionality, you will need to purchase the full version of SpyHunter.

Trojan.Delf technical info for manual removal:

Files Modified/Created on the system:

# File Name File Size (Bytes) File Hash
1tt8_keygen.exe50176 bytesMD5: 1443eff6c52b5fcf047eac5869eadd27
2SmartGearozfy.exe1929216 bytesMD5: 02f8f999f4d2c03a3492fefb37b53238
3wlconex.exe153600 bytesMD5: b788fcc5b032348f043289a7188bcf1c
4668709b5-34ff-4fd2-8f3a-27b6c6221427.exe112128 bytesMD5: bf4d11d8e4864532e46a350e0576c62b
5msvloycs.com865659 bytesMD5: 217a33afdff9a3c38c349d94ee68741a
6xshCs.exe1141760 bytesMD5: ba8de07dec35485e8320ce8d1f73f1b2
7rundat.eXe124264 bytesMD5: 55dd9bb3942bf1407b4ef50000eb1f0f
8GoogleApp.exe1638400 bytesMD5: 8c4a57ea905065871a4d6d6c358a5867
9hub.exe621056 bytesMD5: e28b8169e6766a795a6e0a4b1faece69
10hpSvcs.exe291328 bytesMD5: 7beef884e709e3cd6e7c50fcf028054c
11vrbrmon.exe27648 bytesMD5: 25ed59794dd34f37c099a689c2e94a7d
12HitmanBloodMoney.exe7911425 bytesMD5: 0465ff99d55644c09410a6675521cbf4
13arsv.exe11776 bytesMD5: b3df35b8fe858ad9067005a6a976fca7
14RUNDLL32.exe61440 bytesMD5: 4f6ace06c9b5e7ce25c70eddd78ec32e
15java.exe41505284 bytesMD5: 894097b9c67ee4b35e7e4e2272068849
16daemonupd.exe19968 bytesMD5: b4b60569e7fd2bca14dc4a46547c43f3
17sysxp.cpl1513984 bytesMD5: 57e73e765f596de6a5d0fb1e4d899b53
18compros.exe197632 bytesMD5: 33304874ccb459133de099db8e86813f
19tfukdrrnx.exe151552 bytesMD5: 51dd3e82e597d6415749b6e3fcd857c8
20ze.exe594432 bytesMD5: 5e5689042ce303948f21b9a3fb836afb
21US30Kbd2K.sys10752 bytesMD5: ddef5ec0ec3ec6ee9dbd80e06481af6f
22wh.exe628736 bytesMD5: 681605a644d93853b6dcad2fb0b759c0
23LogViewer.exe933376 bytesMD5: c6a4f22ed8c9387154f243d524e5099f
24rutserv.exe4497920 bytesMD5: ad1be8662750a675a7d91fccb60ccb91
25tfukdrrn.exe135168 bytesMD5: 4835bf8914e91093bff47e3e9d73e1de
26rundll32 .exe774144 bytesMD5: ab862d16ed42e4f37c7f99179d542a13
27QuickShare.exe13824 bytesMD5: 919c73892e95333cda05ccb1eee11a9b
28BTStacFrr.exe1879040 bytesMD5: f2ce14137957b6e11ab3cd3ee605ef5e
29damsx.exe438272 bytesMD5: 159aaa8ddf9c2ad27b8c04ec70900df0
306gx41ypvwj.exe25600 bytesMD5: ac20c992d1fcce45789e38d41ba0889c
31GlobalManager.exe1417216 bytesMD5: 8727561c61b94a995f2109eb2c1febe8
32pdoubrhgfjkxeiqndts.exe1480704 bytesMD5: 26c38c1e1f2eb72bb26ece3423f6122d
33sbmb.exe436736 bytesMD5: 7d4a1f0b41f3e06936d39fe331a3337f
349D57.tmp96256 bytesMD5: 410824c4330b76115a16ee1c2e858dcc
35SAEG.EXE4100096 bytesMD5: ec434773dc180c648ecbf69dbb94c5ae
36tjplsgvowg.exe105472 bytesMD5: b7817240ad59e731aadbeffc305f8c36
37mssapsmr.dll36865 bytesMD5: 1b6f078bb830bafd87dca7939951cf5f
38winlgoon.exe866984 bytesMD5: 873a1a7a0cbd9fd66a1a6c5468414b8a
39authz.exe9728 bytesMD5: 96085772a45acf4cafc4bd97cad033a2
40Patch_for_XP_by_REVENGE.exe3579904 bytesMD5: 832598dca2d0db3d3e7a7de3f6770d73
41hgcheck.exe89772 bytesMD5: 5f0ed8815f6cc8e8e533e1c747ed6b76
42String.dll574464 bytesMD5: a7c0df25165f50f893e0dfb0c1a9bb46
43Winlogon.exe374272 bytesMD5: a6fadf10d3e593803601ddff296a10d7
44mscormmc.exe8704 bytesMD5: 0510ec6244668e278bef5827624be0b3
45svchost32.exe576000 bytesMD5: f7e5522e20ba545788590f4df9d99639
46ancamcorderupdate.exe204800 bytesMD5: 8b98a8b25f6cf3168c1d4be1726f9769
47HONClients.EXE229376 bytesMD5: d1f204eb29cb2d17d058ed0dd0609a4c
48.exe61221 bytesMD5: 52ad0f14ba52c539aa777056f3123a66
49build.exe122880 bytesMD5: ea768a24c0fc6edc87c005c66681cd70
50lsass.exe97792 bytesMD5: 8b33f25e56498928da2d8d5c4620b1c8
51svcpool.dll121344 bytesMD5: cd99d51658a383536c3d060c939b1f2e
52DFcore.exe2256896 bytesMD5: 59264c3b1360f3fb11813037c95e95ad
53Start.exe2228736 bytesMD5: 3b0260deddd55340ff4bf6094a8ac8cf
54usdriver.com551424 bytesMD5: 150f3f401b663a08a14208bc4eaace97
55digprot.exe1712128 bytesMD5: 4356ac1869ea3ea62ddd38b23456011d
56msviowovy.exe34816 bytesMD5: dde5518b0eaefb18a638c0a541b3d534
57FreeListenManager.exe2936872 bytesMD5: ba120116bc56efbe381fada54ad930b4
58002b41d0.exe1014913 bytesMD5: 69f6d54d57592fd218d826ad8928c602
59twunk_16.exe301056 bytesMD5: 96ac456acdc10abc8a695e18bb574adb
60kjewhbfy.exe105984 bytesMD5: 36a312ccda2afd67e98f799556e782c2
61TNod-1.4.1.0-final-setup.exe787241 bytesMD5: e90ab11e9276357ea3de79d51615fcd1
62GBPlugins.dll371200 bytesMD5: b197512bb4927b018898662e3b166715
63iupdater.exe16896 bytesMD5: 62c70a0a68ffc3c7718309957a06564f
64PR15.DLL24576 bytesMD5: f3b05a02f034a43af91f8465aedbd8e5
65Aspire-DVD.cpl407040 bytesMD5: 7eb01bea725fe23b06b2959f0b9a0d39
66prun.exe29696 bytesMD5: b50055da10328141838bc810818c9c63
6737582210102012Rev.exe373248 bytesMD5: ac8e91cc87e52432b94fbeccec5ce98d
68apptj.exe1167360 bytesMD5: f46328307a07a763b3c8b81a8f9b6696
69dimsntfy32.dll113664 bytesMD5: b40cbd1c7ed9af6b1eecdf6b08cd6055
70wsname.exe175104 bytesMD5: 7907f8a0d045e548a84194fd1ee62f9e
71netfilter2.sys42368 bytesMD5: bc999b34e2c15a15a3d70c705ea967e4
72cftmon.exe53248 bytesMD5: 2d3cab2d16a029df20afcc0f059afcb6
73svcnost.exe49162 bytesMD5: 83de52fc90d725ed6ad606d29339ed96
74scvhost.exe1505280 bytesMD5: 37231907e7c261841d5db74d907811f5
75vknt.exe157184 bytesMD5: 784884389254f1fd75e2e0a5335dea28
76Argente Utilities.exe1415732 bytesMD5: 410687eb3e2770ea136e3168ec8439e0
77drvcnf.dll266752 bytesMD5: 7e66635282fd058e6f7997f71a3b9324
78tmpE321.tmp.exe645120 bytesMD5: ae693bb1b69cc985ecf7b10e3cf8fad8
791R-SER~1.EXE85635 bytesMD5: 8cf867d678db27143605152bd884d5eb
80questscan139.exe45056 bytesMD5: 5e64c3f86ac29c35f9bab83da61199b0
81compp.exe40960 bytesMD5: 378ce3de4ed226c640e067064a874365
82dfsmbl.exe286208 bytesMD5: 41b6afa056c59940565465007642fb4a
83jusched.exe200704 bytesMD5: 7643484746038d379ff95af67c1dd1fd
84O1Lx085.com39424 bytesMD5: 17c34012bcae2589bcdc6f28ebe47432
85svhchost.exe221242 bytesMD5: 7287fde86f8c160fd6dab4bfca4482b9
86svchost.exe968192 bytesMD5: e483152b3ab4813258db559148c64386
87guardis.exe136192 bytesMD5: 0c3442bb390afb6163f0a00dcdd5d85d
88jsheded.exe373760 bytesMD5: de2b3d20a8cf3fc7d75f73c3ee757148
89Windwnx32.exe83968 bytesMD5: 80cd4adbfd6240a9e08bb9ad77d1aaed
90SVOHOST.exe69389 bytesMD5: 40b6e9c246c1d3eacaefd698ba71dedd
91npwxeia.exe880640 bytesMD5: ab1d88459242b2d13894ecd7164aceac
92PDFConverterSetup.exe445440 bytesMD5: 2c371fae5575b4365c1aa0f17273076d
93aegvvp.exe77312 bytesMD5: e3082abdcb9da69ec0a9b9f1996d01f4
94GameGuard.exe801953 bytesMD5: f100e8e1a8dec52a18143b1ec7c1442f
95taskhost.exe38400 bytesMD5: 59ed08cfe7b409d545f2c31408bfaa75
96InfoWise.exe84088 bytesMD5: a91e1798db3e2236283d2b9959f13253
970.5741384901339003.exe61698 bytesMD5: be0bdbc56b875f2645e594d35c006119
98CplusC.exe2753536 bytesMD5: 02fa7ca18e79d29d3cb7a3cb64bfad69
99fastsrch.dll123392 bytesMD5: 0e4ddf3879d3285ba3660a001b2e95c2
100149000.exe139264 bytesMD5: 0c03cc7451acd1b525a6abd736e67c04
101ccmain.exe2022912 bytesMD5: d37b882d0c23c494b09890b5320c2181
102prkiller.exe38400 bytesMD5: 7c557fd090347693f7fd5dbfec444d02
103msvmiode.exe162816 bytesMD5: 17172e1dde1d1f63a87256142b5d89f1
104U1013.exe1105920 bytesMD5: ab5df308f5586d30f3ca287b139b861a
105gbppdist.dll119296 bytesMD5: 18b9ab27b4abc36bd4823d638bba7b7f
106csrss.exe654029 bytesMD5: a55a9c963c0b7d9b82b43856f1d4dd4e
107syswind.exe357791 bytesMD5: 00e5aa52e940b15b3f323adf8b4ae0cf
108batszxye.exe123904 bytesMD5: 7a2ccfa78bace5cd84372aa0be3cff03
109brew-dsp8.exe413184 bytesMD5: d772c793c2148c04b08295ece1b74712
1105163.exe386048 bytesMD5: 615d88b524cbee9e260b4c8935a85284
111cndrive32.exe66048 bytesMD5: e063af548784dabb1f762c0d959f03cd
112hwrreg.exe405652 bytesMD5: 33ce05849ad1622b4fb7174bc1c8acf0
11350ec73c97f445.dll118784 bytesMD5: da161da8bcb9b8032908cc303602f2ee
114winlogin.exe117760 bytesMD5: e9b002b1b57bd3343647bd3407f07f9a
115TSBot.exe839680 bytesMD5: 2ba2a2c66ab1aac4fef87f9f20cfc0ca
116AutoLoader_AxLaUn.exe447197 bytesMD5: fffc88a99dfa24da800a7d916a7aecfa
117UsbFix.exe1270388 bytesMD5: de12e0daa8d87de746c1ee67d8d5dee2
118sndctl.exe32768 bytesMD5: 39567251c707e5a10f4cbc2fb8cf8027
119winsvchost.exe267776 bytesMD5: 1d36ef3fab0894792b5daed5807d8cef
120ba4c12bee3027d94da5c81db2d196bfd.exe496640 bytesMD5: 17239de1b737db27028b3e29121a3ec8
121vrbarsvc.exe36864 bytesMD5: 6660957bf59b7f831c6f33926b4d899d
122Money1299.sys30080 bytesMD5: dacac740023329b5e714f81791c51002
123filename.exe86016 bytesMD5: 1e895bb72986d1d1ffe9c9c5d6276795
124msvcrt.exe243712 bytesMD5: 13f6170411d602cef599ecb5c6de9c8d
125mIRC.exe2080768 bytesMD5: 010e822207891fff2b89c5d7e1b268f6
126dwm.exe656896 bytesMD5: 5c67d407b9d947806cc426c39db775fd
127A-728786287.exe1021117 bytesMD5: e7f16b3a5249557f177d327a4d42905a
128ACER.cmd388096 bytesMD5: e2f755b5f0eae312a90c619f17632e84
129245760
130FarmManager.exe901120 bytesMD5: 90e8dee96de4f401cf6f49dbb8c7f055
131wnzip32.exe100864 bytesMD5: 346a71fc6aceb5a695ddf05640f7d041
132ComboFix.exe3912719 bytesMD5: 5ea74296b2b7f8c1a499590e20eb0324
133ClamAVFile252928 bytesMD5: 2dcd4439ed60f724a8e76737cc603bc6
134asktbarx.dll683008 bytesMD5: 15594e754153e0e4fd3db6e8f5ed3abe
135webgrade.exe397312 bytesMD5: 03555c9e8923708b53b156c535d430de
136proxy.exe607744 bytesMD5: ed5c66176b390f6e8a12cb6c79290fc3
137wap.exe4096000 bytesMD5: 2cc7a16cbc30b1555cd81618af06b43e
138TNODUP.exe1811968 bytesMD5: e8a5c547082923c000d2b54de0449b01
1397c43f13b4d6ef71850652c0dbe8b01d5.exe80384 bytesMD5: dbff0454064c8db572588e02565b782a
140ms3x.exe2430464 bytesMD5: 209a909f43e9b6371aa5791b60465ecd
141SkypeAdmin.exe13312 bytesMD5: bb9b45cc25fcef57945ccd9e7fa68c24
142nqnqe.exe262144 bytesMD5: cac15bbccd5b708290a44086f72deb7d
143ActiveCollectorPlugin.dll221184 bytesMD5: 2eaa1e29ec4ebe8cba7e933c3b64cfdc
144n.66048 bytesMD5: 5e28c03100586c76bdaa42c9467ec5f8
145winmgr.exe657760 bytesMD5: 972d2cea5f8ed8fe89ef51376fbe5910
146wmplayer.dll445440 bytesMD5: d69170fc9ccc1bfd8138af476fd00895
147SYSNOTE.EXE857088 bytesMD5: 93cdf55165ab42448193ba95404e969d
148ca_setup.exe7389520 bytesMD5: 35ffd3322ac2d37b42ab0bc499e6b39e
149shell32.dll67584 bytesMD5: ddf80fc4a1f091f9893658625cd71de7
150Activar_y_Validar_windows_xp.exe70480 bytesMD5: f0d267d6025187615d0cd6e254531747
151cryptnet32.dll45056 bytesMD5: e71084e728d28a918f7963d22cb956fd
152inetsock.exe24064 bytesMD5: f3e0499c47ed1ba951e899808420f108
153Spoolvmx.exe397312 bytesMD5: 661d62242b5362ed68a8a4555aae1a7b
154KMService.exe151622 bytesMD5: d8ce23b58f52c5850968b9085a3a1d02
155AdobePSL.exe583168 bytesMD5: b30cca6a612da423a5901fc2e0bc843c

Registry Modifications:

The following Registry Keys were created:

  • HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN pup
  • RUNNING PROGRAM\RUNDLL32.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ hgcheck
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Networks
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\USERINIT\ userinit
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ aGbPlugin
  • MICROSOFT\WINDOWS\CURRENTVERSION\RUN\prunnet
  • RUNNING PROGRAM\proxy.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ tfukdrrn
  • HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Key
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ tfukdrrnx
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NVIDIA Display Drivers
  • RUNNING PROGRAM\winlogon.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ worknote1
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ SoundMam
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINDOWS\APPINIT_DLLS\ AppInit_DLLs
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ MSODESNV7
  • RUNNING PROGRAM\lsass.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Wsname
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Window Net Dns
  • RUNNING PROGRAM\Explorer.EXE
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ compros
  • RUNNING PROGRAM\wnzip32.exe
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Downsys
  • HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ RTHDBPL
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6F1A4CB-DADD-4D0C-BDFC-E945647302C1}
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ACER
  • HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Microsoft Driver Setup
  • RUNNING PROGRAM\svchost.exe

Reply

Your email address will not be published.

Name
Website
Comment

Enter the numbers in the box to the right *