How to stay protected?
You may want to create \Lib\SysConst.bak file (file’s content doesn’t matter) to prevent further infections. This particular virus creates a backup copy of dcu-file before infection and uses it as “infection completed” flag (such a nice guy, eh?). So, if you create SysConst.bak manually - this will prevent virus from messing with dcus, as it will think that his work is done here.
But I afraid that the only 100%-reliable way to be protected is to keep an eye on your Delphi’s folder. Just do periodic compares with backup’s copy. I’m not sure if it is an overkill, but putting it in SVN may be not-so-bad idea. If your anti-virus software has some sort of file-changes-tracking capabilities – then you’d better put \Lib and \Source folder under it’s control.
Partager