F-Secure: Be Sure
Main
F-Secure Logo - Be Sure
Select local site


Privacy Policy
Legal Notices
Contact Us

F-Secure Virus Descriptions : Reverse





NAME:Reverse
ALIAS:Red Spider, Redspide
TYPE:Resident COM/EXE-files
SIZE:948
REPAIR:Yes

Reverse stays resident in memory and infects COM and EXE files when they are accessed.

Reverese is encrypted with a variable key. The body of the virus contains two filenames written backwards: 

      moc.dnammoc
      exe.niamcn

COMMAND.COM is infected by overwriting a block of zeroes inside it. NCMAIN.EXE is not infected at all.

Reverse contains the following text, which is not displayed: 

      Reverse-948 Created by Renata G. from Lubin City in Sept 1993

VARIANT:Reverse.B

Similar and also 948 bytes, but contains this text: 

      Red Spider Virus created by Garfield from Zielona Gora in Feb 1993

[Analysis: Mikko Hypponen, F-Secure]