|
Posted by =?Utf-8?B?U3VicmF0YW0=?= on July 5, 2005, 9:56 pm
If you were Registered and logged in, you could reply and use other advanced thread options
What I wanted to check if Redlof exists or not , as When VBS.Redlof.B runs,
it does the following:
1. Drops the following hidden files in multiple locations:
* Desktop.ini
* Folder.htt (viral code)
source :
http://securityresponse.symantec.com/avcenter/venc/data/vbs.redlof.b.html
Nothing more , but just a normal safety scan. :)
Regards
"David H. Lipman" wrote:
>
> | Is Folder.htt and Desktop.ini file is spreading in your computer? Try to
> | create a new folder and show hidden files and see if those two files are
> | created everytime you create a new folder. If that happens you have been
> | infected with Redlof . Do a download of Avast virus and run a complete scan
> | and that should clear Redlof. If there is the case otherwise then as said ,
> | leave those two files as they will be present in a computet but yes not in
> | each and every folders.
> |
> | Regards
>
>
> NO....
>
> VBS/Redlof@M -- http://vil.nai.com/vil/content/v_99476.htm
> "This is a file infecting VBScript that sets a default, infected, stationary
file for the
> Microsoft Outlook and Outlook Express email client programs. It exploits the
Microsoft VM
> ActiveX Component Vulnerability." --
> http://www.microsoft.com/technet/security/bulletin/MS00-075.mspx
>
> "Symptoms
> - Presence of KERNEL.DLL (11,160 bytes) in the SYSTEM directory
> - Increase in file size of .HTM and .HTT documents "
>
>
> It means 'paneerselvam' set folder options to show Hidden System files
revealing Folder.htt
> & Desktop.ini which are used to show folders in a specific fashion.
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
>
>
| 
XML site map