Here is how you can check if your system is affected by the virus.
1. If you don't have Delphi 5, Delphi 6 or Delphi 7 on your system, you are not affected.
2. If you have Delphi 5-7 installed, check the $(Delphi)\Lib directory for SysConst.bak file.
If the SysConst.bak is not there, your system is not infected.
If you are infected here are the steps you can take to disinfect the system.
1. If you have downloaded the Delphi version of the libraries version 4.0.1 please download updated version 4.2 Prerelease 4 from www.mitov.com .
2. Delete the $(Delphi)\Lib\SysConst.dcu
3. Rename $(Delphi)\Lib\SysConst.bak to $(Delphi)\Lib\SysConst.dcu
4. Use an anti-virus scanner to scan your system for any other executables that may contain the compiled code.
Currently only some of the anti-virus software applications detect the virus. The online PandaSoftware scanner does not detect it as of today. I have detected it with Avast - http://www.avast.com/ as it seems to be the first AV package to detect this virus.
Avast has free 60 days trail, and can be used to detect any infected executable. There should be very small number of those since the virus does not infect executables, and only modifies the SysConst.dcu file.
Once again, we are really sorry for the problems, but we had no way of detecting the presence of the malicious code since no anti-virus software was able to detect it :-( .
With best regards,