Summary
This is an encrypted resident infector of EXE files. It infects files when run and also stays resident and infects when other files are accessed. Amount of free memory is not decreased.
Virus contains this text:
CLAWS (C)1994-95 WereWolf
Virus is encrypted with a variable 32-bit key. It deletes checksum databases belonging to several different antivirus packages.
Disinfection & Removal
Allow F-Secure Anti-Virus to disinfect the relevant files.
For more general information on disinfection, please see Removal Instructions.
Description Created: Mikko Hypponen, F-Secure
Submit a sample
Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)
F-Secure Community
Give advice. Get advice. Share the knowledge on our free discussion forum.