Virus Database

Minsk.1075

Description Minsk.1075

It is a dangerous memory resident parasitic virus. It was received from Minsk (Belorussia). The virus hooks INT 21h and writes itself to the end of .COM and .EXE files that are opened. On every 20th reading from .DBF files the virus replaces the real information with the spaces. The virus has a dangerous bug - while executing any infected .EXE file the virus calls INT 15h (21 decimal) instead of INT 21h calls.

Check other viruses! Be aware! Use Antiviral Software

Nephew.2906

Description Nephew.2906

These are dangerous memory resident encrypted parasitic viruses. They hook INT 21h and write themselves to the end of COM and EXE files that are executed. The viruses delete the anti-virus data files: CHKLIST.MS, CHKLIST.CPS, ANTI-VIR.DAT, CHKLST.TAV, SMARTCHK.TAV. The viruses do not infect the files: HIEW, SAFE, SOS e.t.c. according to strings (four letters per name):
HIEWSAFESOS./WD.WARNCPAV
ADINANTIAIDSVIRUVIR.SCANRWEBLD.EGUARCLEA

The viruses also attempt to overwrite files from the second string (ANTI, AIDS, VIRU, VIR., SCAN, e.t.c.), but fail to do that because of a bug. They attempts to overwrite these files with a program that displays the message:
+--------------------------------------------------------------------+
| U N R E G I S T E R E D P R O G R A M ! |
+--------------------------------------------------------------------+
This version is NOT freeware, you MUST register it!
Call (+7-095)135-6253, 137-0150

The viruses scan DOS kernel, look for the DSKREET driver and patch its code with a call to virus routine. In this patch the virus sets some flags and depending on them writes some data to last disk directory sectors. It writes by using old style calls only and is able to do that only with disks with 32M or less disk space. The virus also uses
The virus also contains the text string:
(=) Big Nephew (=)

Net-Worm.Win32.Bozori.a

Description Net-Worm.Win32.Bozori.a
This network worm infects computers running Windows. The worm itself is a Windows PE EXE file 10366 bytes in size, written in C++ and packed using UPX. The unpacked file is approximately 20KB in size. The worm spreads via a vulnerability in Microsoft Windows Plug and Play. Details of theall

Home

Viruses from A to Z
0-9 A B Ñ D E F G H I J
K L M N O P Q R S T
U V W X Y Z



Auslandsjob
Amax FÄrgprodukter Ab
BÄckaskogs Anders Borg
StÄd & Fastighetsservice SÖren Norberg
BjÖrklinge FÄrg Aktiebolag

    Copyright © 2005 Virus-Database.com
© 2005 Virus-Database.com