Security Basics mailing list archives
RE: virus removal help
From: "Hagen, Eric" <ehagen () DenverNewspaperAgency com>
Date: Fri, 7 Nov 2003 11:53:02 -0700
This probably belongs in a tech-support group rather than a security discussion group... The virus you're probably talking about is called HTML.Redlof.A according to Symantec. It is installed in user files, such as HTML, PHP, ASP, JSP and VBS files as well as in the Kernel.dll and Kernel32.dll. Formatting the hard-disk will COMPLETELY destroy this virus. Upon reinstalling windows, your BIOS antivirus checking erroniously reports "potential virus activity" because the system is trying to write to the boot record, which is not typical behavior BUT is NORMAL for the Windows installation procedure. The problems with your system folders and with the Primary Controller (probably the hard disk controller??) is likely more to do with drivers or with the Installation procedure than what happened with the virus. Make sure you install a modern virus scanner and keep it updated to prevent future infections. Eric Hagen -----Original Message----- From: komal [mailto:agencies_ad1 () sancharnet in] Sent: Friday, November 07, 2003 7:56 AM To: security-basics () securityfocus com Subject: virus removal help Hi! My computer was infected by html.redoff virus. I deleted every html and at last format my computer but while installing windows I receive warning message that your boot sector is about to be modified if I press yes then at next reboot my system directory is deleted and I am unable to start my machine if I press other keys then I boot and work but in device manger my primary controller is disabled (I.e yellow icon) .I have installed latest anti virus . Any help will be appreciated Thank you komal --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- virus removal help komal (Nov 07)
- <Possible follow-ups>
- RE: virus removal help Hagen, Eric (Nov 07)