Virus Database

I-Worm.Loding

Description I-Worm.Loding

This is an Internet worm written using VBS script language, and it is embedded into a Web-page on the Internet.
The worm infects the system when an infected web-page is opened with Internet Explorer 4+ (and if its security settings are not set to "HIGH").
The script sends a link to itself by email to all recipients listed in Microsoft Outlook Address Book attached to the following message:
Subject: "Computer Secrets !"
Message body:
If you are using Win9x/Me, visit the following page will upgrade your pc
performance. If you are not using Win9x/Me or don't want to upgrade your
pc, only forward this page to your friends.
Maybe your friends need it.
http://xxxxxxxxx.topcities.com/xxxxxxxxxxxxx
This URL points to the infected HTML page.
This worm uses a special way of replicating, because it sends only a link to itself in the message instead of sending the whole worm.

Check other viruses! Be aware! Use Antiviral Software

Bad.389

Description Bad.389

It's a harmless memory resident parasitic virus. It hooks INT 21h and infects .COM-files that are loaded into the memory. On the first start it types "Bad command or file name" and returns to DOS.

BadBoy.1000.a

Description BadBoy.1000.a

This is a harmless memory resident parasitic encrypted virus. It hooks INT 21h and writes itself at the beginning of COM files are executed. This virus uses System File Table on infection. It is divided on 9 blocks of code and data (installation block, data block, INT 21h block e.t.c.). When the virus installs itself into the memory, 8 of these 9 blocks can be rearranged in any order depending on the system timer. On infection the virus saves encrypted image of its TSR copy into the file, so orders of code blocks in two infected file can be different.
This virus displays on 10th infection:
The bad boy halt your systemall
And then halts it.
The virus contains the text:
The Bad Boy virus, Copyright (C) 1991.

Home