Dropper-Delf
Trojan.Dropper-Delf Description
Dropper-Delf is a Spyware Trojan designed to infiltrate your computer and open a conduit by which large amounts of adware and spyware can be piped to your system. Dropper-Delf opens up a large security hole on your computer and is a very dangerous threat to the security of your personal and financial data. Dropper-Delf will download and install numerous additional parasites.
Aliases
Backdoor.Delf.FAYY [VirusBuster]Backdoor.Win32.Delf.uro [VBA32]Mal/Generic-L [Sophos]Trojan.Win32.Generic.520A1BC1 [Rising]Trj/CI.A [Panda]Obfuscated.FA [Norman]a variant of Win32/Delf.TKR [NOD32]Generic.dx!tbc [McAfee]Backdoor.Win32.Delf.vih [Kaspersky]Win32.HEURMalware [eSafe]
More aliases (695)
Trojan.Dropper-Delf Automatic Detection Tool (Recommended)
Is your PC infected with Trojan.Dropper-Delf? To safely & quickly detect Trojan.Dropper-Delf, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect Trojan.Dropper-Delf
What happens if Trojan.Dropper-Delf does not let you open SpyHunter or blocks the Internet?
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read
the tutorials on how to find malware,
kill unwanted processes,
remove malicious DLLs and
delete other harmful files. Always be
sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name Detection Count 1 adsldpbx.dll 679 2 qtwm.exe 621 3 Metin2.exe 607 4 admparsek.dll 527 5 prun.exe 475 6 dsaip32b.dll 447 7 ztacfg.dll 396 8 winntR1.exe 365 9 prunnet.exe 80 10 mjkdpl.dll 7
More files
Registry Modifications
Tutorial: To edit and delete registry entries manually, read the tutorial on
how to remove malicious registry entries.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
- The following newly produced Registry Values are:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}adgiyguADriveralphaCDriverDriverCheckDriverLoadFDrivergammainternat.dllmessengerappMsnValueprunnetRealUpdateRegistryMonitor1WinmplayerwinntR1HKEY..\..\{Value}Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5}Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {D4C5947D-16E3-462F-A93D-FB718E100406}Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {D1159422-16E3-462F-A93D-FB718E100407}Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {C7CF1142-0785-4B12-A280-B64681E4D45E}SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, value: {B8A170A8-7AD3-4678-B2FE-F2D7381CC1B5}SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN, value: ieupdateSOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run, value: alphaSOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run, value: gammaSOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run, value: Winhost2SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run, value: FDriverSOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run, value: Winhost4SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run, value: DriverCheckSOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run, value: DriverLoadSOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run, value: SystemDriverSOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run, value: ADriverSOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run, value: WinhostSOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run, value: Winhost1SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run, value: Winhost3software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, value: CheckWeb - The following CLSID's were detected:
HKEY..\..\{CLSID Path} {c111cf13-545f-6ff1-51ac-f623d452c63d}{B8A170A8-7AD3-4678-B2FE-F2D7381CC1B5}{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5}{D1159422-16E3-462F-A93D-FB718E100407}{B2FBBC8D-743D-4DDF-BD61-A9E314D14EA5}{B6B28A9D-AB77-4959-BAE2-E39F446B16CA}{90B286E7-377B-4C7C-8859-9D961E8DD433}{04A9D5D4-73A5-4752-9820-06086885F789}{04B0AACB-ADE6-45C7-9989-7836E8DC8C3D}{038F228B-EED3-4A87-A565-F88FC99EBA91}
Posted: December 13, 2006 | By SpywareRemove
MoreThreat Level: 9/10
(No Ratings Yet)
Loading ...Rate this article:
Detection Count: 23
I WAS SUFFER WITH TROJAN HORSE NAMED CDFVIE.DLL THAT CANNOT REMOVE EASILY.UNTIL YOU REINSTALL UR OPERATING SYSTEM. BUT WE CAN DELETE IT BY THIS WAY, TRY TO REMOVE UR HARD DISK FROM UR PC AND FIX IT TO ANOTHER PC THAT IS VIRUS FREE AND MAKE IT SLAVE.GO TOUR HARD DISK C:\WINODWS\SYSTEM32\ THEN SELECT CDFVIE.DLL,OR WHERE IT IS LOCATED SELECT IT AND PRESS DELETE. FIX UR HARD DISK TO UR OWN PC. AND SCAN FOR TROJAN HORSE,THAT WILL BE REMOVED TRY TO USE FIREFOX EXPLORER. IF U HAVE A INTERNET EXPLORER 6.0 TRY TO REMOVE IT FOR A FEW TIME