yes.. you have been hit with REDLOAF virus.. folder.htt and one more file desktop.ini keeps on regenerating. VBS/Roor-A is a virus that may infect HTML or text files.
***Quick heal is the only solution. ***
****Quick heal is the only solution. ****
VBS/Roor-A infects files with file extension HTM, HTML or HTT in the folder in which it is run.
VBS/Roor-A creates dropper files for the virus with the names DESKTOP.INI and FOLDER.HTT in the current folder, the Windows folder, the Windows system folder, the Windows Desktop and the subfolder WEB of the Windows folder. Dropper files may also be created in the root folders of any other drives.
On the 26th of September, the virus may attempt to shut down
Windows.
VBS/Roor-A makes the following changes to the system registry:
HKCU\Software\Microsoft\Internet Explorer\Main
Start Page
about:error
HKLM\Software\Microsoft\Internet Explorer\AboutURLs
error
http://
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
NoFolderOptions
1
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
Hidden
0
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
ClassicShell
0
The virus deletes the following registry entry:
HKLM\Software\Microsoft\Windows\CurrentVersion\ExtShellViews{5984FFE0-28D4-11CF-AE66-08002B2E1262}
Quick heal is the only solution.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment