?
Solved

VBS/REDLOF@M virus

Posted on 2003-03-25
8
Medium Priority
?
1,315 Views
Last Modified: 2008-03-10
hi,
Is there any fix or tool available for VBS/REDLOF@M virus.It's not getting cleaned even with Mcafee 4.51 Sp1 and Dat is 4253 with 4.2.40 engine.
0
Comment
Question by:rksharma98
8 Comments
 
LVL 41

Expert Comment

by:stevenlewis
ID: 8206216
0
 
LVL 1

Expert Comment

by:Hollmer
ID: 8220128
You will not get that cleaned.  That is a virus / worm.  

You can only clean files that have been infected themselves.  This never was a clean file to start with so ALL of the code is infected.  Basically if you were to "clean" this file, you'd end up with a zero byte file.

http://vil.nai.com/vil/content/v_99476.htm

Just delete this file.

By the way... I work for McAfee in the Anti-Virus group.

-Rick
0
 
LVL 11

Expert Comment

by:ghana
ID: 8220422
What do you mean with "not getting cleaned"? A single file/some files or your computer?

If you are not able to clean files then follow the advice of Hollmer and delete the files. If a file is the virus itself and the virus did not attach to another file then you have to delete it.

If you are not able to clean your computer then try to boot in safe mode and repeat scanning. By the way: Which operating system do you have?
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 

Author Comment

by:rksharma98
ID: 8222633
Hi,
I agree with Hollmer and ghana's point of deleting the Virus files.But what I was looking at was a Specific tool which could detect and clean virus from all the drives and remove enteries made by Virus in Registry. I found a solution which worked for me from undermentioned site.From here I downloaded sysclean.com file and lattest pattern file mentioned(in Zip format)and then followed as mentioned in three steps

http://www.trendmicro.com/download/tsc.asp


1) Create new folder then copy both these files in it.
2) Extract the contents of lpt492.zip file in the same folder.
3) Run sysclean.com file. It will clean this virus from all the drives.
0
 
LVL 1

Expert Comment

by:Hollmer
ID: 8222916
That file very well might work, but most scanners work so that if you delete a file manually off of you hard drive, and / or delete all of the infected files, the scanner will not even look at the registry.  The registry is not scanned (by McAfee) if a known virus pattern is not found.  So you could be doing yourself a disservice by manually deleting the file.

If you can't delete the file, it just means that it is locked by the system.  You will need to track down that process and kill it.  Then you should be able to re-scan and let your AV delete it for you.

Hope this helps a bit.

-R
0
 

Expert Comment

by:Azidburn
ID: 8401453
actually, sysclean.com will not entirely fix your computer but will only remove it.

in order to fix it permanently, you need to download the latest internet explorer patch from microsoft.
0
 
LVL 6

Expert Comment

by:akboss
ID: 10510387

============================
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:
PAQ/Refund Points
Please leave any comments here within the next four days.
 
PLEASE DO NOT ACCEPT THIS COMMENT AS
AN ANSWER!
 
akboss
EE Cleanup Volunteer
============================
0
 

Accepted Solution

by:
CetusMOD earned 0 total points
ID: 10537057
PAQed, with points refunded (50)

CetusMOD
Community Support Moderator
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PREFACE The purpose of this guide is to explain what the SEPC Status Utility is and how it works. I have written the utility using AutoIt and have included the source code for your review. You are welcome to modify the code to your liking, but I wi…
The purpose of this Article is to provide information for a newly released variant of malware – with the assumption that many EE Members will have need of the information. According to “Computerworld”, well over one million web sites have been co…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question