Bait.425
Description Bait.425
This is a dangerous, non-memory resident encrypted parasitic virus. It searches for COM files, and writes itself to their ends. In September, it halts a PC, and contains the following internal text string:
DOS *.COM Bait Virus 2.0. Finland (C) 1994 JH
Check other viruses! Be aware! Use Antiviral Software
Autumnal.3072
Description Autumnal.3072
It is a very dangerous memory resident multipartite virus. It infects the MBR of the hard drive and writes itself to end of .COM and .EXE files. While executing an infected file the virus infects the MBR, hooks INT 8, 13h, 21h and stays memory resident by DOS call Keep (INT 27h). While loading from infected disk the virus decreases the size of the system memory (the word at the address 0000:0413), hooks INT 8, 13h, waits for DOS loading, then hooks INT 21h and restores the size of the system memory to hide its TSR block.
While accessing to the files by DOS functions Exec, Open, Rename, FindFirst/Next both FCB and ASCII the virus infects the files except CO*.* and IB*.*. While accessing to infected MBR the virus calls the stealth routine. When an infected file is loaded for debugging, the virus disinfects it. If and error occurs while disinfecting, the virus displays the message:
Error in File
The virus uses anti-debug tricks. On July 13th it deletes the files instead of infecting them.
The virus contains the text strings:
Ver 4.00
(C)Copyright Autumnal Water Corp. 1991
AV_CK.508
Description AV_CK.508
It's a harmless memory resident parasitic virus. It hooks INT 21h and writes itself at the end of EXE-files that are accessed. It contains the internal text string: "AV=CK".
|
Home
Viruses from A to Z
0-9
A
B
Ñ
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
Ipoh Land
Miranda Homes
Gravur Erstellen
Mappoint
Business Software
|