« previous next »
Pages: [1]   Go Down

Author Topic: virus detected - how do I get rid of it???  (Read 4628 times)

0 Members and 1 Guest are viewing this topic.

bigclam

  • Guest
virus detected - how do I get rid of it???
« on: May 09, 2004, 09:45:37 PM »
My avast scanner popped up with a message that said I have a virus: VBS:redlof
However, none of the function buttons allow me to delete, repair, remove or otherwise get rid of it? HELP!!!!!
Logged

techie101

  • Guest
Re:virus detected - how do I get rid of it???
« Reply #1 on: May 10, 2004, 01:03:39 AM »
bigclam,

Where is the virus located on your computer...
What did Avast give as the path?

Sometimes Avast will not be able to "access" the file since it may be protected by the System Restore or if the infected file has woven itself into a sytem file directory.

Techie
Logged

techie101

  • Guest
Re:virus detected - how do I get rid of it???
« Reply #2 on: May 10, 2004, 01:13:08 AM »
bigclam,

Some additional info on the vbs redlof:

HTML.Redlof.A is a polymorphic, encrypted, Visual Basic script virus which infects .html, .htm, .asp, .php, .jsp, and .vbs files on all drives. Depending on the location of the Windows System folder, the virus copies itself to either %windir%\System\Kernel.dll or %windir%\System\Kernel32.dll. It changes the default association for .dll files.

The virus makes some nasty changes to your registry that will need to be corrected.

Symantec puts out a nice set of instructions that you can access by going to their site and doing a search for vbs redlof virus.
http://securityresponse.symantec.com/avcenter/venc/data/html.redlof.a.html

Have patience.  You can fix it in time.

Techie
« Last Edit: May 10, 2004, 01:20:11 AM by Techie101 »
Logged

armenioj

  • Guest
Re:virus detected - how do I get rid of it???
« Reply #3 on: June 15, 2004, 11:02:03 AM »
Hello

I have the same problem and did all the things that symantec reports
but the darm thing still there...

It´s only one file but i can´t delete, remove, rename nothing...

Any solution????


Tx for your time
Logged

whocares

  • Guest
Re:virus detected - how do I get rid of it???
« Reply #4 on: June 15, 2004, 11:31:09 AM »
Quote from: armenioj on June 15, 2004, 11:02:03 AM

It´s only one file


Please supply more info, e.g.:

Quote
Where is the virus located on your computer...
What did Avast give as the path?
Logged

armenioj

  • Guest
Re:virus detected - how do I get rid of it???
« Reply #5 on: June 15, 2004, 12:21:47 PM »
this is the path of the file and the file it self  C:\Documents and Settings\Administrador\Os meus documentos\ANTIVIRUS\outro\sysclean.exe

i alredy put the file in exclusion but it stil say VBS:Redlof

i walredy tried the symantec solution and others but no good

Dont know what to do??
Is something missing me??
Logged

whocares

  • Guest
Re:virus detected - how do I get rid of it???
« Reply #6 on: June 15, 2004, 03:12:31 PM »
Quote from: armenioj on June 15, 2004, 12:21:47 PM
 C:\Documents and Settings\Administrador\Os meus documentos\ANTIVIRUS\outro\sysclean.exe

Acoording to google, it could either be a false alarm in TrendMicro's VirusCleaner, or a backdoor/trojan; but then avast wouldn't say REDLOF, right ?

So, most probably a false alarm:
Do/did you ever have(use)  PcCillin or TrendMicros Onlinescan HouseCall ?

if Trendmicro/pccillin is not installed/active an the PC:
boot the PC in SafeMode or DOS, and then move the file to a new, empty folder..
scan it there ONLINE with Trend & KAV (see below) pause avast Shield for this

if the 2 above don't detect anything in it, then it's a false positive: please send it in to
virus@avast.com , best in a password-protected ZIP- or RAR-archive.
Include problem description and link to this topic + ZIP-password in the mailtext



Logged
Pages: [1]   Go Up
« previous next »