BootExe.Stalker.310
Description BootExe.Stalker.310
This is memory-resident harmless virus which hooks INT 13h and hits MBR of hard drive. After infection of hard drive the computer hands. After loading from infected hard drive the virus starts to infect EXE files.
EXE files are infected in quite an original way: the virus analyzes the information read from the disk (INT 13h). If in the sector read from the disk there is an EXE file header (the first two bytes are 'MZ' and some conditions are also met) the virus writes itself into empty space in this header and saves the modified sector on the disk. It means: a) an infected file has the same length; b) no necessity to handle file attributes and time of its creation and fatal errors (INT 24h). The virus doesn't manifest itself in any observable way.
It contains the encrypted string:
*Stalker*
Check other viruses! Be aware! Use Antiviral Software
Student.776
Description Student.776
It is a harmless memory resident parasitic encrypted virus. It hooks INT 21h and writes itself to the end of COM and EXE files that are executed or opened. It contains the text strings:
MREI
(C) Student 1993
Stunning.1234
Description Stunning.1234
It is not a dangerous memory resident parasitic encrypted virus. It hooks INT 21h and writes itself to the end of EXE files that are executed or opened. It deletes *.CPS files. Depending on the system date it hooks INT 8 (timer), manifests itself by a video and sound effect and displays the message:
Stunning Blow all Running Ghost (R) v00
|