I loaded avast last night to determine a virus problem last night and it found two files that were false but I deleted those files and on restart xp asks for reactivation, I have no hardware in device mgr and therefore cant get online. Windows help is gone. Can anyone help me to get back up?
What do you mean by “false”? Do you mean that it found two infected files? What were the names of the files that you deleted?
Kuang and redlof .After deleting these files my computer retarts but my internet ia gone and there are no listings in device mgr
Hmm…it appears that redlof copies itself onto the computer as kernel32.dll or kernel.dll, and I would imagine that a few things might not work right if you deleted that file.
Do you have your operating systems CDs available? If so, restore your kernel file, which will be one of these:
* %Windir%\System\Kernel.dll
* %Windir%\System\Kernel32.dll
In fact, it would probably be best just to use the removal instructions found at the Symantec site.
http://securityresponse.symantec.com/avcenter/venc/data/vbs.redlof.a.html
Did Avast provide any removal instructions that you’re aware of?
By the way, if you actually had one of the other variants of redlof then you should look up the specific removal instructions just in case they are different.
John
I’m sorry, I now just have cancelled the Avast download now, because you made a MAJOR bug report post!!! :o
I really hope that problem is gone shortly. ???
The “kernel” filename that Redlof uses is not the same as the system kernel DLL, so deleting it shouldn’t do much harm.
It would be useful to know what was the real name of the intected file.
RJARRRPCGP: what exactly is the major bug?
Ok here we go RJARRRPCGP Idon’t think there is a bug with this version of Avast. After 3 days of trying to work this out I think that Bugbear b is part of the problem. I think that Kuang and Redlof were false positives because Avast says that Panda and other antivirus services don’t close up their database avast detects it as a real virus. But just now at 22:29 PDT 4/24 I detected the bugbear b virus and attempting to repair it. I can’t even get to the xp cd to do a repair. You can see the gray line go across the bottem of the screen that usually indicates a virus. I don’t know enough about xp OS but everything works except RPC and device manager. I also can’t get to SFC via cmd line. I haven’t checked Avast for removal instructions but this is one ugly virus.standby for more info
Rand
The fact that the person was saying that it literally gave a false alarm on a Windows system file and started deleting Windows system files!
First you/they have to determine if it was a false alarm or not
avast doesn’t delete things automatically, unless you set it up to do so. It requires user intervention (especially in the Home version).
but I deleted those files
It looks like bugbear b (The virus appears to be in an outlook msg labeled "another Proof) and nimda are on the computer. It won’t let my firewall (kerio) load and No matter how many times I scan I can’t get it off.The vrdb is not complete is there a way to download on my laptop and load it to the desktop?
The VRDB is generated from the files on your HDD and can’t be downloaded to another computer and transferred.
Are you using MS Outlook or Outlook Express? - In either case take care, deleting the file using avast could kill the email folder not just the email. Whilst avast should be able to extract the individual email from a .dbx email database file, it could corrupt it, so manual deletion in OE is perhaps best, then clear the deleted items folder.
You have to take care deleting anything in MS Outlook as it could take out your .pst (not sure if that’s correct for Outlook, I don’t use it) file, but everything. If you can identify the email you can delete the email from within MS Outlook, then clear the deleted items folder.
Then do another scan.
ok I will try that. It may be why I had this problem in the first place but it wont let kerio load or device manager and I get a rpc error also.Thx
Rand
Ok it looks like the PST is gone I have no email or addresses but that doesn’t matter I just want to get back up and get internet working and the rest of windows working.The virus is still there any ideas on how to pin it down?By the way this started as a rundll.exe error when I attempted to open various programs.
Thx
Rand
The virus is still there any ideas on how to pin it down?By the way this started as a rundll.exe error when I attempted to open various programs.
Where? - example (C:\windows\system32\infected-filename.xxx)?
Have you tried scheduling a boot-time scan from within avast or with RejZor’s AEC avast! External Control program?
David,
I have recovered almost everything on my computer. I did not have to reinstall. I searched based on an entry from Panda Active scan and found an old archive of Black Viper(too bad he’s gone cuz he helped me immensely!) I ran a boot scan when I dpwloaded Avast the first time. It did find two virues but they were false positives. I did delete these files and that’s how I lost my services and that’ why I couldn’t get online etc So during my search for the solution I used active scan and it turned up the Bugbear B virus and Mywebsearch. It also found 2 files that were suspicious in the recycler file that Panda said were not a virus but it was difficult to delete them.I am almost back to normal but I have one last issue. When I attempt to open Control panel and MS keyboard and mouse driver I get the "Windows cannot access the device,file or path-You may not have the appropriate permissions.This is preceded by a Rundll32.exe error when I attempt to open the wireless mouse icon on the desktop.I can open Control panel but I can’t open anything in the panel.It just gives me the “Windows cannot access the device,file or path-You may not have the appropriate permissions” but does not precede it with the rundll32.exe error.So I have typed all this because hopefully it will help someone else. I have never had this much trouble getting rid of a virus,malware!So does anyone recognize these symptoms and have any ideas how to get rid of what’s in my computer? I like Avast but an concered by it’s failure to get rid of the Bugbear virus.It could not repair and choosing delete didnot work either and maybe I didn’t use the program correctly.Any thoughts? Thx to miller and everyone else who helped me with a very bad situation.
Rand