Minzhou.1024
Description Minzhou.1024
It is a very dangerous memory resident parasitic virus. It writes itself to the end of .COM files. While installing into the system memory it infects the C:COMMAND.COM file, then it hooks INT 21h, intercepts FindFirst/Next FCB/ASCII calls, and infects .COM files that are accessed with these calls.
On 1st of any month that virus overwrites the .PRG files with the message:
This program is designed for the lady whom I will miss for ever,
her name is MINZHOU!
Now,Thank you use this program.PRGKILLER.SLOFTXC
The virus also contains the text strings:
Inva
l not found
C:COMMAND.COM
Check other viruses! Be aware! Use Antiviral Software
Bucharest
Description Bucharest
It is not a dangerous memory resident boot virus. It hooks INT 12h, 13h and writes itself to the MBR of the hard drive and to boot sector of floppy disks. Depending on the system date and time it decrypts and displays the message:
ENJOY THIS BUG! RP VirusLab Bucharest
Budo.890
Description Budo.890
These are memory resident dangerous overwriting viruses. On execution they type one of the messages:
"Budo.890": Run time error
Bad command or file name
"Budo.1000": Incorrect DOS version
Then "Budo.890" hooks INT 8 (timer) and INT 9 (keyboard). It waits several minutes and then searches for the .COM- and .EXE-file of the current directory and overwrites them.
"Budo.1000" hooks INT 21h and on execution of any file it searches and overwrites .COM- and .EXE-files of current directory.
These viruses contain the internal text strings "*.COM *.EXE" and:
"Budo.890": BUDO V1.2 TH-HV FINLAND
FLOW LIKE A RIVER - STRIKE LIKE A THUNDER
"Budo.1000": BUDO V1.0 April/92.
T-H & HV Finland.
Flow like a river - strike like a thunder.
|