Energy
Description Energy
"Energy" is a dangerous memory resident boot stealth virus. It writes itself to the MBR of the hard drive and to boot sectors of floppy disks. While infecting the hard drive the virus stuffs the 'Y' key into the keyboard buffer to fool BIOS virus protection. The virus has bugs in floppy disk infection routine - it infects correctly only 1.4M floppy disks and corrupts data on 360K, 720K and 1.2M disks. To run its infection and stealth routines the virus hooks INT 8, 13h, 2Fh.
In one month after infection the virus displays the message:
INT 13h points to => xxxx:xxxx Virus detected! (c) 1997 »-» ¡Energy!
Boot anti-virus! For details & upgrades call : Tel: (401) 778.08.48
where "xxxx:xxxx" is the address of INT 13h handler.
Check other viruses! Be aware! Use Antiviral Software
Fans.560
Description Fans.560
It's a memory resident harmless parasitic encrypted virus. It hooks INT 01, 21h. It disables the tracing mode by using INT 01. INT 21h is used for the file infection. The virus infects COM-files on their execution. It encrypts the virus body and writes it to the file end. The decryption routine is saved into the file beginning - so the virus consist of two parts: the decryption part (at the file beginning) and the main virus body (at the file end). This virus contains the internal text string: "COMEXE Fans Ver 0.01".
Fantasma.1000
Description Fantasma.1000
It is a very dangerous memory resident parasitic virus. It hooks INT 21h and writes itself to the end of .COM and .EXE files that are executed or opened. Starting from 2000, on March 5th the virus overwrites the MBR and the first boot sector of the hard drive with a trojan program that decrypts and displays while booting:
Internal Error
The virus also contains the encrypted text:
Virus FANTASMA. Mexico 1996
|