Win32:Delf-BSG

Hi,
I’ve got this virus but I can’t delete it ! Can someone help me plz ? !

Thx

Hi CBHM,

What’s the name and location of the infected file?

What is your operating system?

Have you tried a boot time scan with avast!?

What reason is given for not being able to delete it ?

What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?

Windows in its infinite wisdom protects files in use (even malware) or in system folders, so it is likely that avast! can’t delete or move files in use. So schedule boot-time scan in avast’s menu if you have XP, win2k or NT, otherwise boot into safe mode and run an avast scan. This should ensure that the file isn’t in use and avast should be able to deal with it.

Most Delf Trojans add a Startup entry: Startup Entry Name, SysService - Process Name, SysService.exe

Use Task Manager to End the Process. Also to end the startup entry, Windows Start, Run, type 'msconfig without the quotes, in the new window select the Startup Tab, find the SysService entry and uncheck it.

Hi CHBM,

Here the full technical description:
http://www.avira.com/en/threats/section/fulldetails/id_vir/2712/worm_ircbot.239616.html

polonus