Adin.1488
Description Adin.1488
This is harmless memory resident parasitic virus. It hooks INT 21h and writes itself at the end of COM and EXE files (except COMMAND.COM) and AIDSTEST.EXE.
It infects the files are renamed, closed, or accessed in some other ways.
Check other viruses! Be aware! Use Antiviral Software
BootCOM.PureText
Description BootCOM.PureText
This is memory resident multipartite virus. It hits COM files as well as system sectors (boot or/and MBR).
On execution of infected file this virus hooks INT 13h, 21h and writes itself at the end of COM-files on their execution or on access to file attributes. On writing on floppy the virus hits boot sector of that floppy. On loading from infected floppy the virus copies itself into video memory, hooks INT 13h, waits for DOS loading and then hooks INT 21h. The master copy of this virus contains the internal words:
PURE
TEXT
BootExe.331
Description BootExe.331
This is memory-resident harmless virus which hooks INT 13h and writes itself into EXE files and boot sectors of disks. The boot sector of the hard disk get infection when an infected file is started, the boot sector of floppies - during a reading from them. The original boot sector is saved on the hard disk at the location 0/0/11 (head/track/sector), on a floppy - at the location 1/0/3.
EXE files are infected in quite an original way: the virus analyzes the information read from the disk (INT 13h). If in the sector read from the disk there is an EXE file header (the first two bytes are 'MZ' and some conditions are also met) the virus writes itself into empty space in this header and saves the modified sector on the disk. It means: a) an infected file has the same length; b) no necessity to handle file attributes and time of its creation and fatal errors (INT 24h). The virus doesn't manifest itself in any observable way.
|