mrahul
01-11-2007, 05:59 AM
dear friends,
One of my friend was badly affected by redlof virus. Itz really a dangerous virus, it doesn't get detected once it gets uploaded to ftp but it stops & troubles thro' out the way.
What it does is :
Damage
* Payload: Will be inserted into all new e-mail messages created by an infected user.
o Modifies files: Infects .html, .htm, .asp, .php, .jsp, and .vbs files
Distribution
* Target of infection: .html, .htm, .asp, .php, .jsp, and .vbs files
It renames your index.html/index.php files to itz own one & renames your current file to _index.html/_index.php
You will be really puzzled, so what I suggest is if you have given access to your ftp to some of your members ask them to run antivirus check regularly, preferably if you find any of this problem just take a complete back up of ur ftp & remove all the corrupted files.
Usually corrupted files are in the following format :
a.php, a.asp, a.pl, a.jsp, help.zip, index.html, index.php - Just make sure you look at the last modified date as you can find only based on that details.
More info can be found over here : http://www.sarc.com/avcenter/venc/data/html.redlof.a.html
Just provided this information incase some one comes up with such a problem. Make 100% sure your users have their viruses cleared from their systems.
One of my friend was badly affected by redlof virus. Itz really a dangerous virus, it doesn't get detected once it gets uploaded to ftp but it stops & troubles thro' out the way.
What it does is :
Damage
* Payload: Will be inserted into all new e-mail messages created by an infected user.
o Modifies files: Infects .html, .htm, .asp, .php, .jsp, and .vbs files
Distribution
* Target of infection: .html, .htm, .asp, .php, .jsp, and .vbs files
It renames your index.html/index.php files to itz own one & renames your current file to _index.html/_index.php
You will be really puzzled, so what I suggest is if you have given access to your ftp to some of your members ask them to run antivirus check regularly, preferably if you find any of this problem just take a complete back up of ur ftp & remove all the corrupted files.
Usually corrupted files are in the following format :
a.php, a.asp, a.pl, a.jsp, help.zip, index.html, index.php - Just make sure you look at the last modified date as you can find only based on that details.
More info can be found over here : http://www.sarc.com/avcenter/venc/data/html.redlof.a.html
Just provided this information incase some one comes up with such a problem. Make 100% sure your users have their viruses cleared from their systems.