Trojan:Win32/Delf.EP
Trojan:Win32/Delf.EP is a dangerous Trojan infection which has the ability to download and install parasites and malicious applications onto a compromised computer. Trojan:Win32/Delf.EP may be downloaded via malicious websites and once active will cause all sorts problems. Trojan:Win32/Delf.EP should be terminated immediately once detected.
File System Modifications
- The following files were created in the system:
# File Name 1 %ProgramFiles%\Internet Explorer\HMMAPIGSeQd.exe 2 %ProgramFiles%\Internet Explorer\HSfRt.exe 3 %ProgramFiles%\Internet Explorer\OyLwJUt.exe 4 %ProgramFiles%\MSN Gaming Zone\OzMwJv.dll 5 %ProgramFiles%\Windows Media Player\dPaMzKwHSt.exe 6 %ProgramFiles%\Windows Media Player\DtLcuMDuMC.exe 7 %ProgramFiles%\Windows Media Player\tvNDvMDtLb.exe 8 %ProgramFiles%\Windows Media Player\tzLxJVF.exe 9 %System%\CstbsKaRI.exe 10 %System%\GtOEvNEuMC.exe 11 %System%\ScPbNtKv.exe 12 %System%\tbtKc.exe 13 %System%\VV6aXXw.dll 14 %Windir%\addins\HSeQb.dll 15 %Windir%\DelA.bat 16 %Windir%\Registration\R000000000007wIuGSdQb.exe 17 %Windir%\repair\samKwITFR.dll 18 %Windir%\WinSxS\eQbObNxKuG.dat 19 [file and pathname of the sample #1]
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell][HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shell]HKEY..\..\..\..{RegistryKeys}[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceCurrent][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceCurrent]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.