- April 16, 2002
- February 13, 2007 11:38:48 AM
Also Known As:
- VBS/Redlof@M [McAfee], VBS.Redlof [AVP], VBS_REDLOF.A [Trend], VBS/Redlof-A [Sophos]
VBS.Redlof.A is a polymorphic, encrypted, Visual Basic Script virus that infects the .html, .htm, .asp, .php, .jsp, .htt, and .vbs files on all the drives. Depending on the location of the Windows System folder, the virus copies itself to either %Windir%\System\Kernel.dll or %Windir%\System\Kernel32.dll. It changes the default association for the .dll files.
Note: Virus definitions dated prior to February 12, 2004 detect this threat as HTML.Redlof.A.
Antivirus Protection Dates
Initial Rapid Release version April 16, 2002
Latest Rapid Release version August 8, 2016 revision 023
Initial Daily Certified version April 16, 2002
Latest Daily Certified version August 9, 2016 revision 001
Initial Weekly Certified release date April 17, 2002
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Andre Post