Virus Database

Jackel Family

Description Jackel Family

These are dangerous memory resident parasitic viruses. They hook INT 21h and writes itself to the end of .COM files that are executed.
Jackel.654
Depending on the system time it beeps by internal system speaker and halts PC. It contains the strings:
DH
_àcKèL

Jackel.713
It copies itself to the memory at the address 8000:0100, and does not fix MCB list. It might halt PC. While infecting this virus disables some anti-virus monitors like TBSCAN and VSAFE. It deletes the files:
TI-VIR.DAT
CHKLIST.CPS
*._??
SCANVAL.VAL

It also contains the text string:
_àcKèL5Version 5.0a

Check other viruses! Be aware! Use Antiviral Software

Opera.1013

Description Opera.1013

This is a relatively harmless memory resident parasitic virus. The virus affects executable files of two different platforms: DOS COM files as well as Windows VxD drivers.
The virus installs itself into the DOS memory, allocates a block of memory, hooks INT 21h nnd 2Fh, and stays memory resident. The INT 2Fh hook is used by the virus only to detect its already installed TSR copy so as to prevent duplicate installing. The INT 21h hook is used to intercept file access functions such as file executing, opening, renaming, and file attributes read/write. When such a function is intercepted, the virus checks the file name extension and infects files that have a .COM or .VXD extension.
While infecting a DOS COM file, the virus moves a block of file code from the top to the file bottom, and writes its code to the file top. The host file code that is stored at the file bottom is written there in encrypted form.
A similar way is used while affecting VxD drivers, but the virus writes itself to the file middle at the address of a 16 bits VxD entry routine. The virus looks for the 16 bits entry in the VxD and infects only those that have such an entry. The virus then moves that routine to the file bottom and overwrites that address with its code.
On July 25th, and being run from an infected COM file, the virus decrypts and displays the following message:
Opera IX, Horned Beast/VADER

Opic family

Description Opic family

These are not dangerous nonmemory resident encrypted parasitic viruses. They search for EXE files in current and parent directories, then write themselves to the end of the file. "Opic.745" infects files on C: drive only.
Depending on the system date and time the viruses beeps by the PC speaker. The "Opic.727" virus then creates two subdirectories: "Odessa!" and "Opic" and writes to the end of CONFIG.SYS file the text:
REM-Odessa Virus (c) Opic [CodeBreakers 98]

The "Opic.745" virus also contains the text:
Odessa.B (c) Opic [Codebreakers 1998]

Home