Virus Database


Radyum.448

Description Radyum.448

These are harmless nonmemory resident encrypted parasitic viruses. They search for .COM files and write themselves to the end of the file. They contain the text strings:
radyum, the attitude adjuster, brought to you by ViRuLeNT GRaFFiTi
*.COM

"Radium.503,509" contains the string:
lythyum, the attitude adjuster, ViRuLeNT GRaFFiTi

Some of "Radium" create HELLO.RAD ot LITHIUM.HI! files and write into it the messages:
"Radium.698":
radyum-b, by the attitude adjuster,
brought to you by ViRuLeNT GRaFFiTi
07/31/92 Greets to Gary Watson!
look for us again in the future.

"Radium.707":
radyum, version 2, by the attitude adjuster,
brought to you by ViRuLeNT GRaFFiTi
07/31/92 Greets to Gary Watson!
look for us again in the future.

"Radium.860":
radyum-c, by the attitude adjuster,
brought to you by ViRuLeNT GRaFFiTi
08/18/92
6 out of 16 bytes will keep the same
position and value, not too bad in my
book! greets to patti hoffman, i love you!

"Radium.1072" leaves the memory resident program which hooks INT 8 (timer) and displays the messages:
Unsuspecting user, 12 o'clock!
Get readyall 'cause... THERE'S A VIRUS IN YOUR SOUP!
From the guys that brought you Lythyum, Radyum, and VioLite comes
The Soupy Virus, (k) 1992 VG Enterprises, 216/513/602/914/703
By The Attitude Adjuster & AccuPunk!
Hurry! Hire an Anti-Virus Professional! Increase Wallet Space!
...hmmm, ya' know, I think I'll halt now...
[Soupy]
The Attitude Adjuster & AccuPunk, VG
08/23/92 to 12/02/92
Bad command or file name

Rael.3211

Description Rael.3211

This is a dangerous memory resident parasitic polymorphic virus. It hooks INT 21h, and writes itself to the end of COM files (except COMMAND.COM) that are executed or opened. It also infects files when searching DOS functions FindFirst/Next ASCII.
The virus contains the text strings:
c:dossys.com
c:dosdosshell.com
c:dosformat.com
c:doskeyb.com

and infects these files when an infected file is executed. Depending on the system timer, this virus infects the files with a Trojan program that erases the disk sectors being executed.
On the 14th of every month, it deletes files after infection, and starting from 12:00, it displays the following message:
___ __ ___ _
_ _ _ _ _ _
___ ____ ___ _
_ _ _ _ _ _
_ _ _ _ ___ ____
IMPERIAL AEROSOL KID
V 01/NOV/93 por RAEL

It also contains the text strings:
com
COMMAND
command
RAEL-IMPERIAL AEROSOL KID VIRUS III
-Buenos Aires-Argentina-
allRael, Imperial Aerosol Kid-exits in the daylight, spraygun head...
- SaTaNiC BRaIn B.B.S. 383-7480 Las 24 Horas -

RagDoll.942

Description RagDoll.942

It is not a dangerous memory resident parasitic virus. It copies itself into EMS memory, hooks INT 21h and writes itself to the end of EXE files that are executed. Being debugged the virus halts PC. The virus detects TBAV memory resident anti-virus monitor, and displays:
TbDriver, TBAV TSR utilities driver (C) Copyright 1992-94 Thunderbyte BV.
_ Program not supported.

The virus also contains the text string:
Rag Doll Virus by Sx (c) 1995 AeroSmith Rulze!!

Rager.1383

Description Rager.1383

These are dangerous memory resident parasitic viruses. They hook INT 21h and write themselves to the end of EXE files that are executed. On executing the LOGIN utility the virus depending on the system timer decrypts and displays the message, and then reboots the computer:
********** Warning ! **********
Novell NetWare report : Hardware A30 error detected.
Registers :
AX :2134 BX :3C23 CX :1841 DX :5421
CS :2451 DS :2023 ES :538A SS :6C8B
SI :46AE DI :94B4 SP :4541 BP :491C
Try restart file-server,if it will not give effect,
switch off your network and call trained service-people.
Press any key to restart this computer.

The virus also contains the text:
NetWare virus from Avenge (tm) family .
(C)Rager , Simferopol State University

Raiden.1433

Description Raiden.1433

It is not a dangerous memory resident multipartite virus. When an infected file is executed, the virus infects the MBR of the hard drive. While loading from infected MBR the virus hooks INT 13h, 1Ch, 4Fh, waits for DOS loading process and hooks INT 21h. By hooking INT 21h the virus intercepts EXE files execution and opening, and writes itself to the end of the file. By hooking INT 13h the virus intercepts accessing to infected MBR and calls stealth routine.
In some cases (depending on the command line) the virus disinfects the host file. On INT 4Fh AX=666h calls the virus displays the message:
+---------------------------------------+
MBR VIRUS V.01 NECROSOFT CORPORATION
WRITEN BY RAIDEN COPYRIGHT (C) 1996
+---------------------------------------+

Home

Viruses from A to Z
0-9 A B D E F G H I J
K L M N O P Q R S T
U V W X Y Z



Seo Marketing
Cheap Ipods
Carmen Electra
Recipes
Fg Marder

    Copyright © 2005 Virus-Database.com
© 2005 Virus-Database.com