RE: Microsoft Search Assistant and Trojan Downloader Delf

From: Wayne Brinegar [MSFT] (wayneb_at_online.Microsoft.com)
Date: 01/15/05

  • Next message: David H. Lipman: "Re: Microsoft Search Assistant and Trojan Downloader Delf"
    Date: Sat, 15 Jan 2005 17:06:05 GMT
    
    

    Good Morning,

    The DELF family of malware are Backdoor Trojans. Anyone of the anti-virus
    vendors would have a decription
    of how the malware behaves and any removal instructions. Based on
    information from a major anti-virus vendors website,
    the malware captures private data such as logging keystrokes.

    The plan should be:

    1. visit www.Windowsupdate.com and download and install all the critical
    patches.
    2. go to http://support.Microsoft.com/?kbid=890830 and scan your machine.
    DELF is not one of the scanned viruses but this utility could identify any
    others.
    3. do a manual update of your anti-virus signatures (just to make sure that
    the signatures really downloaded)
    4. boot your machine into safe mode and do a virus scan
    5. visit an anti-virus vendor's website for removal instructions.

    Please make a backup of your machine before this virus scan.
    I have seen machines that were so infected that after running the virus
    scan from safe mode, the machine would not boot.

    Please contact your anti-virus vendor for help in removing the malware.

    There are three ways a machine can be compromised:
    1. weak passwords
    2. missing Windowsupdate patches
    3. social engineering

    Please see the Password policy whitepaper at
    http://www.microsoft.com/technet/community/columns/5min/5min

    Thanks,

    Wayneb@online.Microsoft.com

    This posting is provided "AS IS" with no warranties, and confers no rights.


  • Next message: David H. Lipman: "Re: Microsoft Search Assistant and Trojan Downloader Delf"