Virus Database

Pathhunt.1231

Description Pathhunt.1231

It is a dangerous nonmemory resident encrypted parasitic virus. It searches for .COM and .EXE files and writes itself to the end of the file. While infecting the virus converts the EXE files to COM format, it also renames the file being infected to the name 'PATHHUNT', infects it, and then renames back to original name. The virus corrupts the .DBF files, contains the text:
*.COM *.DBF *.EXE PATHHUNT PATH=

Check other viruses! Be aware! Use Antiviral Software

SofiaTerminator.839

Description SofiaTerminator.839

These are parasitic viruses. Being executed they trace INT 13h, 21h, hook INT 21h and stay memory resident. They write themselves to the end of COM files that are accessed. They contain the text string:
Sofia 1993 by TERMINATOR

"Sofia_Terminator.839" is a dangerous virus. Depending on the system timer it formats several random selected disk sectors.
"Sofia_Terminator.887,889,1369" search at the end of the file for zero area 887/889/1369 bytes of length. If there is such area, the virus overwrites it. In this case the file length does not grow.
"Sofia_Terminator.1369" also infects EXE files. Depending on the system time it formats the hard drive sectors.

Sojourn.1369

Description Sojourn.1369

It is not a dangerous memory resident parasitic virus. It hooks INT 21h and writes itself to the end of COM and EXE files that are executed. It does not infect anti-viruses and utilities SCAN, CLEAN, F-PROT, GUARD, COMMAND, TB*. Depending on the system time it appends to the C:CONFIG.SYS file the instruction: "DOS=SINGLE".
The virus also contains the text strings:
^Have you ever been to Sweden?^
CLEASCANF-PRGUARCHKDCOMMTB
^VIRAL SOJOURN (c)96 Evil Elk^

Home