Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

delus.bat


  • Please log in to reply

#1
Iconicmoronic

Iconicmoronic

    Member

  • Member
  • PipPip
  • 92 posts
:)

I have a licensed version of malware bytes although with its near hourly update rate i'm wondering if it isn't just a script kiddy software done right.

It has flagged an entry though and placed it in the MBAM quarantine. The file name is delus.bat.

I'm wondering if I need to do further action in order to remove the file and it ability to execute on my PC? I'm also wondering if it could be tied to the failure of my graphics display driver (intel 45 mobile) and/or the cause for the OS freeze during the Windows Logo at boot if I update the Intel graphics display driver (unless I boot in safe mode afterwards).

Thanks for any information in advance.

:)
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,188 posts
  • MVP
delus.bat could be evil
Example: http://www.sophos.co...jmultidrer.html

but it is also a common name used in programming tutorials for a file that is used in uninstalls. (The name means DELete US and it is used to remove the last traces of an install since it is supposed to erase itself when it is done.)
Example:
http://www.catch22.net/tuts/selfdel

The only way to know for sure is to edit the file in notepad and look to see what the file is trying to do. In your case it sounds like a false positive since you say it appears after an intel update.

Usually when a file is put in quarantine they move it to a new hidden system folder and tack a new extension on the end. Something like delus.bat.vir and you can still edit it in notepad. Really paranoid anti-malware programs can change the permissions on the folder they hide it in so no one can see it except them but I think this is rare.

Enable Show Hidden Files and Folders

If using Windows XP:

* Close all programs so that you are at your desktop.
* Double-click on the My Computer icon.
* Select the Tools menu and click Folder Options.
* After the new window appears select the View tab.
* Put a checkmark in the checkbox labeled Display the contents of system folders.
* Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
* Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
* Remove the checkmark from the checkbox labeled Hide protected operating system files.
* Press the Apply button and then the OK button and exit My Computer.
* Now your computer is configured to show all hidden files.


If using Windows Vista or Windows 7:

* Close all programs so that you are at your desktop.
* Open the Control Panel menu and click Folder Options.
* After the new window appears select the View tab.
* Put a checkmark in the checkbox labeled Display the contents of system folders.
* Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
* Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
* Remove the checkmark from the checkbox labeled Hide protected operating system files.
* Press the Apply button and then the OK button and exit My Computer.
* Now your computer is configured to show all hidden files.


[Online tutorial covering both of the above: http://www.bleepingc...tutorial62.html]

Copy and paste the text of the delus.bat file here and I'll be glad to look at it.

Ron
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP