Welcome to the Virus Encyclopedia of Panda Security.
|Effects: ||It does not have any destructive effects. Its only purpose is to spread to as many computers as possible. |
|Detection updated on:||Jan. 22, 2003|
Redlof.B.dll is a polymorphic worm with no destructive effects whose only purpose is to infect other computers.
To carry out infection, Redlof.B.dll copies its code to HTT files, which are used to view system folders as Web pages. From that moment on, when the affected user opens a folder, they will be running the worm without knowing. This worm also searches for and infects files with the following extensions: ASP, TML, HTT, HTM, VBS, PHP and JSP.
This worm spreads via e-mail very quickly. To do this, it hides its code in the file that serves as stationary for all the messages the affected user sends through the Outlook mail client.
Redlof.B.dll exploits the vulnerability affecting the VM ActiveX component, which allows a virus to be run simply when a web page that contains the viral code is viewed. More information about this vulnerability as well as the corresponding security patch can be found on Microsoft's website.
Redlof.B.dll shows no messages or warnings that indicate its presence on affected computers.