Cherry.2266
Description Cherry.2266
It is a dangerous memory resident encrypted parasitic virus. Being executed it cuts the block of system memory, copies itself to there, hooks INT 8 (timer) and returns the control to the host program. Some time after the virus hooks INT 21h and starts to infect the files that are opened or are accessed by FindFirst DOS function (that function is also called while executing a file). The virus writes itself to the end of .COM and .EXE files. The virus has a bug and in some cases halts the system.
Depending on its counter the virus manifests itself by some video effect (that code is corrupted in my sample of the virus), displays the messages:
Enter your name :all.
_____ ____________ _--STEALTH MUTANT-- Best< >
_¦ _________+__+____¦Arkhangelsk'95
_____+______¦__¦ __++ÇâÆô/¥ÅÅ/IV
---+-+-+--+-+ -+ -+ Hi
[Note: contains high ASCII chars that cannot be properly displayed with HTML]
Check other viruses! Be aware! Use Antiviral Software
FCruncher.296
Description FCruncher.296
It is a very dangerous memory resident overwriting virus. It hooks INT 21h and overwrites COM and EXE files that are executed or opened. The 255th generation of this virus formats the hard drive sectors. The virus displays the messages:
File Cruncher!!
Bad command or filename
-<([CRUNCH])>-
Fdate1111.537
Description Fdate1111.537
This is a not memory-resident encrypted parasitic virus which searches for EXE files of the current directory and writes itself to their ends.
It contains the text "*.EXE".
It changes the date and time of creation of infected files to August, 17th, 1991, 2.08am (1111h) but doesn't manifest itself in any other way.
|