- Virus.Win32.Neshta.a
-
This malicious program identifies and infects executable files. The program
is a Windows PE EXE file, written in Delphi. The file is 41472 bytes in size.InstallationThe virus searches the Windows system directory (%WINDIR%) forsvchost.com,
which it ...
-
- Virus.Win32.Mockoder.1120
-
This is a silly Win32 encrypted parasitic virus. It looks for PE EXE files
in current and Windows directories and infects them. While infecting, the virus
writes its code to the Fixup section and overwrites original files in there.
Disinfection is p...
-
- Virus.Win32.Mudant.887
- This is a harmless encoded Win32 virus.It searches for and infects Win32 applications (PE.exe files) in the current
directory.When infecting, it writes its code to the end of the file.It does not re-infect already infected files.The virus does not ma...
-
- Virus.Win32.Mental
-
This is a dangerous per-process memory resident parasitic and
polymorphic Win32 virus. The virus looks for PE EXE files with .EXE,
.SCR, and .CPL extensions in current, Windows and Windows system directories
and infects them. While infecting a fil...
-
- Virus.Win32.Maya.4106
- To get access to Windows functions the virus scans KERNEL32 export table,
gets the GetProcAddress function address and then by using this value gets
addresses of necessary functions:KERNEL32.DLL:GetModuleHandleA GetProcAddress CreateFileA WriteFile G...
-
- Virus.Win32.Melder
-
Melder is a harmless nonmemory resident parasitic Win32 virus. The virus itself
is a Windows PE EXE file, written in Delphi. The virus size is about 46KB.The Melder virus infects .EXE files in the Kazaa file sharing network download
directory. In ca...
-
- Virus.Win32.Magic.1590
-
It is a harmless nonmemory resident parasitic Win32 virus. It searches for
Windows PE EXE files in the directory tree on current drive, and on the C:
drive, moves victim file body down and writes itself to the file top. To
release control to the hos...
-
- Virus.Win32.MTV.4608.a
-
This is a very dangerous parasitic Win32 virus that stays in the Windows memory
as a usual application, then looks for PE EXE files in all C: drive directories
and infects them. The virus uses the "prepending" infection method: while
infecting a ...
-
- Virus.Win32.Kenston.1895.a
- It is not a dangerous nonmemory resident parasitic Win32 virus. It is
encrypted with lite method (XOR-bytes loop). When an infected programs
runs, the virus takes control, searches for PE EXE files in the
subdirectory tree on the current disk, then w...
-
- Virus.Win32.Killis.a
-
Killis.a is a primitive, encrypted, non resident Win32 virus.It infects PE EXE files with '*.?XE' and '*.SC?' extensions. The virus searches
the current directory, Windows directory and Windows system directory for these
files.When infecting, th...
-
©Virus-Encyclopedia.com. All Rights Reserved..
