Web Wiz - Green Windows Web Hosting
Web Wiz Homepage Search Web Wiz

  New Posts New Posts RSS Feed - Any way to remove this virus?
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

Any way to remove this virus?
 Post Reply Post Reply
Author
  Topic Search Topic Search  Topic Options Topic Options
PrivateEye View Drop Down
Groupie
Groupie
Avatar

Joined: 21 March 2003
Location: United Kingdom
Status: Offline
Points: 168 		Post Options Post Options   Thanks (0) Thanks(0)   Quote PrivateEye Quote  Post ReplyReply Direct Link To This Post Topic: Any way to remove this virus?
    Posted: 23 September 2003 at 5:54am
I have dual boot OS 98 SE and Win2K. Few days back I saw number of folder.htt and desktop.ini files in different folders. I scaned hard disk with Norton Antivirus 2002 (Virus def. updated on 15 Sep. 2003), it detected it as VBS/RedLof virus. Surprisingly Norton was unable to remove the virus from files. I can't keep these files in "Quarentine" because I have to use those HTML and ASP pages. I installed AVG, it did the same like NAV, detects but unable to remove virus from infected files. If anyone know which Antivirus can remove VBS/Redlof virus, please tell me. Any quick help is highly appreciated.
The Judgement Day
Back to Top
Bluefrog View Drop Down
Senior Member
Senior Member


Joined: 23 October 2002
Location: Korea, South
Status: Offline
Points: 1701 		Post Options Post Options   Thanks (0) Thanks(0)   Quote Bluefrog Quote  Post ReplyReply Direct Link To This Post Posted: 23 September 2003 at 6:25am

HTML is never "infected" with a virus, nor is ASP. They can have exploits, but not virii.

The safest thing to do is delete the files. If you can't do that, open them up with some kind of a debugger or hex editor and then cripple the virus or remove it manually. (e.g. Softice)

That is best done from a command line though, and not Explorer.

 
Back to Top
eksimba View Drop Down
Groupie
Groupie


Joined: 23 April 2003
Location: United States
Status: Offline
Points: 48 		Post Options Post Options   Thanks (0) Thanks(0)   Quote eksimba Quote  Post ReplyReply Direct Link To This Post Posted: 23 September 2003 at 10:17am

Detailed instructions for removal can be found at Symantec's Security Response website dedicated to the HTML.Redlof.A virus.

The instructions say to delete the infected files.

Originally posted by Symantec Symantec wrote:

HTML.Redlof.A is a polymorphic, encrypted, Visual Basic Script virus that infects .html, .htm, .asp, .php, .jsp, and .vbs files on all drives. Depending on the location of the Windows System folder, the virus copies itself to either %windir%\System\Kernel.dll or %windir%\System\Kernel32.dll. It changes the default association for .dll files.
- eric
Back to Top
PrivateEye View Drop Down
Groupie
Groupie
Avatar

Joined: 21 March 2003
Location: United Kingdom
Status: Offline
Points: 168 		Post Options Post Options   Thanks (0) Thanks(0)   Quote PrivateEye Quote  Post ReplyReply Direct Link To This Post Posted: 23 September 2003 at 4:14pm
Thanks eksimba I trying to follow instructions at Norton website.
The Judgement Day
Back to Top
 Post Reply Post Reply

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 12.08
Copyright ©2001-2026 Web Wiz Ltd.

Become a Fan on Facebook Follow us on X Connect with us on LinkedIn Web Wiz Blogs
About Web Wiz | Contact Web Wiz | Terms & Conditions | Cookies | Privacy Notice

Web Wiz is the trading name of Web Wiz Ltd. Company registration No. 05977755. Registered in England and Wales.
Registered office: Web Wiz Ltd, Unit 18, The Glenmore Centre, Fancy Road, Poole, Dorset, BH12 4FB, UK.

Prices exclude VAT at 20% unless otherwise stated. VAT No. GB988999105 - $, € prices shown as a guideline only.

Copyright ©2001-2026 Web Wiz Ltd. All rights reserved.