Win32:Delf-ASD [Trj

Viruses and worms
1

hi…i jus did a boot scan and i observed i had alot of Win32:Delf-ASD [Trj in my windows files…soo i sid i was gonna move to chest but that would effect the operation of the computer …is thier ne way i could remove the troj from my files?

2

Hi dartrymple,

Remoavl instructions for:

Windows NT/2000/XP/2003

In Windows NT/2000/XP/2003 you will also need to edit the following registry entry. The removal of this entry is optional in Windows 95/98/Me. Please read the warning about editing the registry.

At the taskbar, click Start|Run. Type ‘Regedit’ and press Return. The registry editor opens.

Before you edit the registry, you should make a backup. On the ‘Registry’ menu, click ‘Export Registry File’. In the ‘Export range’ panel, click ‘All’, then save your registry as Backup.

Locate the HKEY_LOCAL_MACHINE entry:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
runing
\win.exe

and delete it if it exists.

Close the registry editor.

polonus

3

Hi can anyone help,

I too have been affected by the Win32:Delf-ASD [Trj], it keeps on coming up, iv’e tried delete,move to chest and rename/move. But no luck. I’ve also followed the advice of the previous response to delete from registry but unfortunately its not there. I have also turned off system restore and ran a full virus scan, rebooted and still it keeps popping back.

Please can anyone help , i have the home edition of Avast.

Thanks in advance. :cry:

4

What Operating System are you using ? is it up to date ?
What was the file name, where was it found example (C:\windows\system32\infected-file-name.xxx) ?

Windows in its infinite wisdom protects files in use (even malware), so it is likely that avast! can’t delete or move files in use. So schedule boot-time scan in avast’s menu if you have XP, win2k or NT, otherwise boot into safe mode and run an avast scan. This should ensure that the file isn’t in use and avast should be able to deal with it.

If it keeps coming back, something is either bringing it back or you are visiting the same sites and getting reinfected.

If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode. Ewido anti-spyware If using winXP. or a-Squared free if using win98/ME.

5

Hi sukitechi,

Remove this:
multidropper-fb-.pif

If found up for this trojan dropper

polonus

6

:slight_smile: Hi darlrymple & sukitechie :

 As DavidR shared, trojans, in general, are best gotten rid
of the using a program that "specializes" in detecting and
removing them, by either "ewido anti-spyware" or
"A-squared Free" . These programs will find other malware
 as well as the specific trojan you asked about .
7

Hi ,

Thanks for your feedback guys! mine’s sorted now (hopefully) . I didn’t turn off system restore as previously mentioned ( forgot to OK it ) .

Once i turned off system restore and did a complete virus scan ,it picked up the trojan and deleted it.

Thanks alot for your help. :slight_smile: :slight_smile: :slight_smile: