Should I remove “Trojan.Agent.Delf.RVB”?

The Trojan.Agent.Delf.RVB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.Agent.Delf.RVB virus can do?

The binary contains an unknown PE section name indicative of packing
The executable is compressed using UPX
Authenticode signature is invalid

How to determine Trojan.Agent.Delf.RVB?


File Info:
name: 9A667E94137C030686CE.mlw
path: /opt/CAPEv2/storage/binaries/8d9fe5e4e626557b2af4d169518fd65b588638ebeaa41a7752a236a27f8b7cd6
crc32: 47B37804
md5: 9a667e94137c030686ce68751649969e
sha1: 0746f88cc1acc78237f5fbc695afd2ea65b78f5b
sha256: 8d9fe5e4e626557b2af4d169518fd65b588638ebeaa41a7752a236a27f8b7cd6
sha512: 2cf4aefb641627beba3c478f010bab1b4f028682a1fab713252c24599fe0b25bca6516ee070785c5499b773e9693199e3139f9aedb8575a59f35c2607d3c7fd2
ssdeep: 12288:UrpwABK90BOe/x9lPAYvxPQVjdsAY2XjWlnlpTMMXG91uhKIVO5:WwAcu99lPzvxP+Bsz2XjWTRMQckkIV
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T105F46D36F6809437D9321A799C4F81E554257E302E39B94B7BE61F0C9F7D2C23A2A1C6
sha3_384: 18aed277d20ef5b642a14e6243921a6528641b517a82d63e9013f5c3bf5499155dfb170a7ba9dbc1cea75ee8c0103daf
ep_bytes: 60be00a047008dbe0070f8ffc787b0f7
timestamp: 2011-02-18 11:13:48

Version Info:
0: [No Data]

Trojan.Agent.Delf.RVB also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.DarkKomet.m!c
MicroWorld-eScan	Trojan.Agent.Delf.RVB
FireEye	Generic.mg.9a667e94137c0306
Skyhigh	BehavesLike.Win32.Generic.bm
McAfee	Artemis!9A667E94137C
Cylance	unsafe
Zillya	Backdoor.DarkKomet.Win32.51903
Sangfor	Trojan.Win32.Save.a
Alibaba	Backdoor:Win32/DarkKomet.b0e35b49
K7GW	Trojan ( 004bcce41 )
K7AntiVirus	Trojan ( 004bcce41 )
BitDefenderTheta	Gen:NN.ZelphiF.36804.TmW@aaL1iEcG
VirIT	Trojan.Win32.Delf.VTW
Symantec	SMG.Heur!gen
Elastic	malicious (moderate confidence)
ESET-NOD32	a variant of Win32/Delf.NVC
APEX	Malicious
TrendMicro-HouseCall	TROJ_GEN.R002C0ODB24
Avast	Win32:Delf-AIC [Trj]
ClamAV	Win.Trojan.Darkkomet-9857871-0
Kaspersky	Backdoor.Win32.DarkKomet.ilfy
BitDefender	Trojan.Agent.Delf.RVB
Tencent	Backdoor.Win32.DarkKomet.artra
Emsisoft	Trojan.Agent.Delf.RVB (B)
Baidu	Win32.Backdoor.Agent.l
DrWeb	Trojan.Siggen2.22967
VIPRE	Trojan.Agent.Delf.RVB
TrendMicro	TROJ_GEN.R002C0ODB24
Trapmine	malicious.moderate.ml.score
Sophos	Mal/Generic-S
Paloalto	generic.ml
MAX	malware (ai score=85)
Jiangmin	Trojan/Siscos.alq
Webroot	W32.Trojan.Siscos.Gen
Google	Detected
Varist	W32/Backdoor.J.gen!Eldorado
Antiy-AVL	Trojan/Win32.Siscos
Kingsoft	Win32.Hack.DarkKomet.a
Microsoft	VirTool:Win32/DelfInject
Xcitium	TrojWare.Win32.Siscos.re@41dj9n
Arcabit	Trojan.Agent.Delf.RVB
ViRobot	Trojan.Win.Z.Delf.741376.C
ZoneAlarm	Backdoor.Win32.DarkKomet.ilfy
GData	Trojan.Agent.Delf.RVB
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Scar.R2290
ALYac	Trojan.Agent.Delf.RVB
VBA32	suspected of Malware.Delf.50
Malwarebytes	Generic.Trojan.Delf.DDS
Panda	Trj/Genetic.gen
Rising	Backdoor.DarkComet!1.CB87 (CLASSIC)
Ikarus	Trojan-Spy.Win32.Delf
MaxSecure	Trojan.Malware.239496069.susgen
Fortinet	W32/Fynloski.AS!tr
AVG	Win32:Delf-AIC [Trj]
DeepInstinct	MALICIOUS
alibabacloud	Trojan[dropper]:Win/Delf.NVC

How to remove Trojan.Agent.Delf.RVB?

Trojan.Agent.Delf.RVB removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X