TurboExe.846
Description TurboExe.846
These are very dangerous memory resident parasitic viruses. They hook INT 21h and write themselves to the end of COM and EXE files that are executed. While changing a current directory the viruses search for the first EXE file, and infect it. When the TURBO.EXE file is executed the viruses disable writing to the disk (INT 21h, AH=40h) and do not return any error flag. As a result the user is sure that the data are saved, but they are not. The viruses enable writing when TURBO.EXE exits to DOS.
"TurboExe.1129" does not disables writing, but writes the text "DAMAGE INC." instead of original text.
The viruses contain the text strings, all texts in "TurboExe.1129" are encrypted:
"TurboExe.846": TURBO.EXE
"TurboExe.854": turbo.EXE
"TurboExe.1129": COMMAND.COMTURBO.EXE
Check other viruses! Be aware! Use Antiviral Software
June24.570
Description June24.570
It is a dangerous memory resident parasitic virus. It hooks INT 21h and writes itself to the end of COM- and EXE-files that are created and then closed. On June, 24th the virus erases CMOS.
June8.1919
Description June8.1919
It is a very dangerous memory resident encrypted parasitic virus. It hooks INT 9, 1Ch, 21h and writes itself to the end of COM and EXE files that are opened or renamed. Under debugger, or on June 8th it erases disk sectors. When Alt-Ctrl-Del keys are pressed at the same time and depending on its counters the virus plays a (Chinese?) tune. The virus contains the text string:
EXECOM
|