DREG (Digital Hackers’ Alliance Randomized Encryption Generator) is a virus
constructor. It creates virus source codes (ASM files), then runs TASM and
TLINK to compile these source to executable files. DREG creates nonmemory
resident encrypted COM viruses. They search for COM files in the current
directory and write themselves to the end of files.
While creating new viruses DREG uses several variants of code and adds
junk instructions sequences. DREG also used several anti-heuristic tricks.
The DREG constructor has several bugs, as a result in some cases it creates
buggy viruses that may halt the system or corrupt the files while infecting