Virus Database

VBS.Redlof.a

Description VBS.Redlof.a

VBS. Redlof is written in Visual Basic Script (VBS) and encrypted as VBE (Visual Basic encoded script). On first being run, it creates a file with its executable code in the Windows system directory under the name Kernel.dll.
The virus also creates files under the name kjwall.gif in the System32 and Web directories. The virus also copies itself to all directories on other disks of the infected computer as folder.htt, a file which configures images and folders in MS Explorer.
Replication of the virus
The infected file folder.htt gains control and copies itself to all directories when viewed or opened using MS Explorer. If a directory already contains folder.htt, the directory will not be infected.
The virus writes itself into all HTM files in the Windowsweb directory and by doing so gains control over the following files when they are opened: iejit.htm, offline.htm, related.htm, tip.htm, folder.htm, wum.htm.

Check other viruses! Be aware! Use Antiviral Software

Predator.1035

Description Predator.1035

It's a harmless memory resident multipartite polymorphic virus. On execution of infected file the virus traces the interrupt vectors 13h, 21h and infects MBR of hard drive. Then it hooks INT 21h and writes itself at the end of COM- and EXE-files are accessed. It hooks INT 13h also and infects boot-sectors of floppies. On loading from infected sector it hooks INT 13h and waits for DOS loading, then it hooks INT 21h and starts to infection. This virus contains several encrypted text strings:
Predator virus #2 (c) 1993 Priest - Phalcon/Skism
THE PREDATOR
TORPNACSAELCFASVVAPC.VANOCED

The last string contains the part of the file names (written backward) which are not infected by this virus: *PROT, SCAN, CLEA*, VSAF, CPAV, NAV, DECO.

Predator.1063

Description Predator.1063

This is a dangerous memory resident parasitic virus. It hooks INT 13h, 21h and writes itself to the end of COM files that are executed or opened. By using INT 13h the virus checks the sectors that are read from disk, and sometimes it reverses one bit in the read buffer.
Thise virus contains the text strings:
Predator virus (c) Mar. 93
In memory of all those who were killedall
Wookies ain't the only ones that drop! Priest

Home