Click on screenshot to zoom
Danger level 7
Type: Trojans

Trojan.Delfobfus.A

Trojan.Delfobfus.A is malware designed with the sole purpose of compromising the integrity of any system is has infiltrated.

Trojan.Katusha, as a typical Trojan infection tends to infiltrate a system via security or browser exploits and is usually unseen once in the system.

According to studies and research carried on to find out more about this particular parasite, it was found that Trojan.Delfobfus.A may display the following characteristics:

• Trojan.Delfobfus.A is capable of extorting information such personal financial data (credit card numbers, online banking login details), user profiles, software registration keys, and passwords – from the infected system.
• Trojan.Delfobfus.A may attempt to compromise security settings/rules of security products by emulating mouse clicks on the dialog windows.
(For example, when a security product pops up a dialog box asking for user permission to block suspicious activity, a threat may click Allow button to enable its malicious payload.)
• Trojan.Delfobfus.A could contain characteristics similar to that of a Trojan infection that is able to steal passwords from multiple popular email, ICQ and FTP client applications, such as Mirabilis ICQ, Miranda, Trillian, Microsoft Outlook, CuteFTP, Thunderbird, FileZilla, FlashFXP, The Bat!, etc.
• Trojan.Delfobfus.A may host file modification that may block access to the security web sites.
• Trojan.Delfobfus.A might download/request other malicious files from Internet.
• Trojan.Delfobfus.A could create a start-up registry entry.
• Trojan.Delfobfus.A may contain characteristics of an identified security risk.

In light of the above, one can safely assume that upon installation, Trojan.Delfobfus.A will carry out its harmful functionality, and will only compromise the system it has infiltrated.

Trojan.Delfobfus.A may work in conjunction with various other malware applications.

Important to bear in mind is the fact that once embedded within a computer system, Trojan.Delfobfus.A may gather personal, financial and banking information stored on the system, and allow an outside remote controller access to this gathered information.

A good way to ensure your system remains safe and secure is highlighted below; you should follow these steps to prevent PC threat invasions:

• Enable a firewall on your computer.
• Get the latest computer updates for all your installed software.
• Use up-to-date antivirus software.
• Use caution when opening attachments and accepting file transfers.
• Use caution when clicking on links to web pages.

Manual detection and removal of Trojan.Delfobfus.A is not recommended, as it could further damage the computer system.

To avoid any unneeded risks of damage to your computer system, it is highly recommended to utilize a reliable and legitimate anti-spyware application, to remove Trojan.Delfobfus.A and all its components from the infected computer system.

Download Spyware Removal Tool to Remove* Trojan.Delfobfus.A
  • Quick & tested solution for Trojan.Delfobfus.A removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Trojan.Delfobfus.A

Files associated with Trojan.Delfobfus.A infection:

TNod-1.4.1.0-final-setup.exe
U1013.exe
TNODUP.exe
daemonupd.exe
compp.exe
brew-dsp8.exe
6gx41ypvwj.exe
US30Kbd2K.sys
SmartGearozfy.exe
questscan139.exe
O1Lx085.com
BTStacFrr.exe
aegvvp.exe
dimsntfy32.dll
syswind.exe
149000.exe
usdriver.com
svhchost.exe
CplusC.exe
winlogin.exe
mssapsmr.dll
jusched.exe
hpSvcs.exe
digprot.exe
cryptnet32.dll
ccmain.exe
ca_setup.exe
wlconex.exe
cndrive32.exe
Windwnx32.exe
tfukdrrnx.exe
tfukdrrn.exe
msvmiode.exe
9D57.tmp
lsass.exe
svchost32.exe
PR15.DLL
filename.exe
hgcheck.exe
inetsock.exe
ACER.cmd
gbppdist.dll
SVOHOST.exe
shell32.dll
wnzip32.exe
svcpool.dll
proxy.exe
compros.exe
wmplayer.dll
wsname.exe
RUNDLL32.exe
svchost.exe
SYSNOTE.EXE
GBPlugins.dll
245760
prun.exe
drvcnf.dll
svw.exe
service.exe
advpackp.exe
accessu.exe
3COM_DMId.exe
userinit.exe
accessf.exe
svc.exe
vlc.exe
1042x.exe
svx.exe
svzip.exe
runsql.exe
wdmon.exe
svhoster.exe
sv.exe

Trojan.Delfobfus.A DLL's to remove:

PR15.DLL
dimsntfy32.dll
mssapsmr.dll
cryptnet32.dll
gbppdist.dll
shell32.dll
svcpool.dll
wmplayer.dll
GBPlugins.dll
drvcnf.dll

Trojan.Delfobfus.A processes to kill:

SYSNOTE.EXE
TNod-1.4.1.0-final-setup.exe
U1013.exe
TNODUP.exe
daemonupd.exe
compp.exe
brew-dsp8.exe
6gx41ypvwj.exe
SmartGearozfy.exe
questscan139.exe
BTStacFrr.exe
aegvvp.exe
syswind.exe
149000.exe
svhchost.exe
CplusC.exe
winlogin.exe
jusched.exe
hpSvcs.exe
digprot.exe
ccmain.exe
ca_setup.exe
wlconex.exe
SearchSettingsProtection.exe
cndrive32.exe
Windwnx32.exe
tfukdrrnx.exe
tfukdrrn.exe
msvmiode.exe
lsass.exe
svchost32.exe
filename.exe
hgcheck.exe
inetsock.exe
SVOHOST.exe
wnzip32.exe
proxy.exe
compros.exe
wsname.exe
RUNDLL32.exe
svchost.exe
prun.exe
svw.exe
service.exe
advpackp.exe
accessu.exe
3COM_DMId.exe
userinit.exe
accessf.exe
svc.exe
vlc.exe
1042x.exe
svx.exe
svzip.exe
runsql.exe
wdmon.exe
svhoster.exe
sv.exe

Remove Trojan.Delfobfus.A registry entries:

HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Key
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ RTHDBPL
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN pup
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINDOWS\APPINIT_DLLS\ AppInit_DLLs
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ aGbPlugin
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\USERINIT\ userinit
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6F1A4CB-DADD-4D0C-BDFC-E945647302C1}
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ACER
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ compros
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Downsys
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ hgcheck
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ IEUpdate
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Microsoft Driver Setup
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ MSODESNV7
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ net64
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ netc
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ netsv32
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ netx
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ netzip
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ runsql
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ SoundMam
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ tfukdrrn
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ tfukdrrnx
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ vlc
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ wdmon
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ worknote1
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Wsname
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NVIDIA Display Drivers
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Window Net Dns
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Networks
MICROSOFT\WINDOWS\CURRENTVERSION\RUN\prunnet
RUNNING PROGRAM\Explorer.EXE
RUNNING PROGRAM\lsass.exe
RUNNING PROGRAM\proxy.exe
RUNNING PROGRAM\RUNDLL32.exe
RUNNING PROGRAM\svchost.exe
RUNNING PROGRAM\winlogon.exe
RUNNING PROGRAM\wnzip32.exe
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.