Virus Database

Pest.2728

Description Pest.2728

This is a very dangerous memory resident parasitic polymorphic virus. It traces INT 13h, hooks INT 21h, and writes itself to the end of COM and EXE files that are executed. The virus checks the file names by using the text string:
ASCECLHVSPF-ACPRVINWI

and does not infect files with names that begin with: SCA, CLE, VSH, F-P, CPA, VIR, and WIN. While infecting a file, the virus also checks it for some specific code and pathes it.
Under a debugger, or on the 13th of any month, and depending on the system timer, the virus corrupts the hard drives sectors and reboots the computer. Starting from the 4096th (1000h) infection, the virus overwrites the data saved on the disk with the following text:
PRIEST V.D.G.I. hopes you can recover your data !!!

The virus also contains the text string:
Pest (c) 12/10/93 by (and best wishes from) PRIEST Int., Gbw/Germany

Check other viruses! Be aware! Use Antiviral Software

Sailor.Boot

Description Sailor.Boot

It is a harmless memory resident stealth boot virus. It hooks INT 13h and writes itself to the MBR of the hard drive and boot sector of floppy disks. The virus contains the text strings:
Sailor.Jupiter b0z0/iKx

Sair.1150

Description Sair.1150

It is a dangerous memory resident parasitic virus. It hooks INT 21h and writes itself to the end of COM and EXE files that are executed. It encrypts the disk sectors, and then displays:
Ben bir garip virusum
Disket disket gezerim
Bugun kismet sendeymis
Yarin belki kimdeyim
Sair virus

It also contains the text:
Fuck Serb Virus (C) 1993 by Turkey Boys!

Home