Win32.Spit.a
Description Win32.Spit.a
This is a benign non-memory resident parasitic Windows virus. It searches for PE EXE files in the current directory, then moves file data and code down by 2000h bytes (8Kb), and writes its code to the file top. While moving original file data, the virus encrypts it. To return control to the host program, the virus creates a temporary EXE file, disinfects the host file to there, and executes it.
The virus also searches for RAR archives and adds an infected dropper into them. To do this, the virus parses RAR internal formats and adds a new record with infected README32.EXE file in it.
On April 5th, the virus displays the message:
Virus Report rev2.1 SPIT.Win32 is a Bumblebee Win32 Virus
Feel the power of Spain and die by the SpiT!
Check other viruses! Be aware! Use Antiviral Software
CLL.947
Description CLL.947
It is not a dangerous memory resident parasitic virus. It hooks INT 10h, 21h and writes itself to the end of COM and EXE files that are executed. On any INT 10h call the virus writes zero to ports 200h, 220h, 240h, all, 2E0, on any INT 21h call the virus writes random data to ports 230h-233h and 250h-253h (disables soundblaster? Adaptec adapters?). The virus contains the text string:
Creative library link. Copyright(c) 1994 by Michael Carington.
CLME.Ming.1528
Description CLME.Ming.1528
It is not a dangerous nonmemory resident parasitic virus. It searches for EXE files and writes itself to the end of the file. It displays the message:
Written by Crazy Lord (Ming)allUsing CLME v0.61
|
Home
Viruses from A to Z
0-9
A
B
Ñ
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
|