Q. I have Windows 98 SE installed on my PC. A few days back, I noticed two files, Folder.htt and Desktop.ini, recreated in every folder. I formatted the hard drive and recreated the partitions, but the problem persists. It causes an adverse effect on the system speed too. Apparently, the files
are also infected with the VBS/Redlof@M virus. Which virus scanner can I use to remove it?

A. This is a polymorphic, encrypted, VBScript virus that infects HTML-based and VBScript files on all drives. The virus also copies itself to either the Kernel.dll or Kernel32.dll files and changes the
default association for DLL files. It will then embed itself into every HTML e-mail you send. You can use any good virus scanner such as Norton AntiVirus to look for infected files. Before this, you should
modify the registry. Open the Registry Editor by running regedit from Start > Run and go to HKEY_Local_Machine\Software\ Microsoft\Windows\CurrentVersion\ Run. Delete the value Kernel32
under this. Next, browse to HKEY_Current_ User\Identities\[User ID]\Software\ Microsoft\Outlook Express\[Version] \Mail and delete the values Compose Use Stationery, Stationery Name and Wide
Stationery Name. Under HKEY_Current_ User\Software\Microsoft\Office\ 9.0\Outlook\Options\Mail, delete the EditorPreference value and finally, under HKEY_Classes_Root\dllFile, delete the keys Shell, ShellEx, ScriptEngine and ScriptHostEncode. Next, open Start > Settings > Folder Options and switch the view to Classic style instead of Web style. Restart the machine for the changes to take effect
and run the virus scanner.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s