Win32:DyfucDldr-F(Trj)

Avast home edition has deleted this virus from memory file “optimise.exe” only for it reappear next time I scan the memory. Any suggestions as to why its not being deleted, and how? thanks

Hi,

what WIN do you have ?
Where exactly was the infected File found (full pathname and filename) ?

test the file with OnlineScanners e.g. from Trend & KAV (see below) to get a more specific name
(you need to temporarily disable AV-Resident Shields/Monitors to be able to scan the file online)

-remove the Virus/Malware and it’s system modifications according to VirusInfos
from Avast, VGREP, TrendMicro, Kaspersky;
you might also try searching for the virus name or filename with google

general removal procedure:

  • disable system restore on Win ME/XP
  • kill respective Backdoor/Trojan process with task manager
  • search for the file/process names in the registry; remove the malware’s startup entries in the registry
  • disinfect or (if disinfection is not possible) delete the file; this may be possible only after a reboot

-Secure your system (change passwords, secure shares, install patches/updates for WIN, IE etc…)
-scan your whole system with updated avast and maybe a 2nd scanner ,e.g. TrendMicro to check whether your PC is clean :wink:

  • reenable system restore on Win ME/XP

if it’s of the trojan-gen kind: spybot, ad-aware and cwshredder might also help
if you still can’t remove it, you could post a logfile of Hijackthis here

see www.lurkhere.com ->nicefiles and www.lavasoft.de

Further Details and Links via the board search above

Also read here on some dyfucdldr-variants:
http://www.virusbtn.com/resources/vgrep/vgrep.cgi?terms=DyfucDldr&product=1
:wink: