Virus Database

CriCri.4616

Description CriCri.4616

This is very dangerous memory resident polymorphic and stealth multipartite virus. It hooks INT 13h, 21h and writes itself to the end of COM and EXE files that are executed or closed, and to the boot sector of floppy disks that are accessed. The virus does not infect the files that have digit or 'V' character in their names as well as TB*.*, SC*.*, F-*.* and GU*.* files. The virus has a bug and may corrupt the files while infecting them. On June 4th the virus displays the message and halt the system:
Cri-Cri ViRuS by Griyo96 allTried, tested, not approved.
The Implant virus is related to the CriCri family.

Check other viruses! Be aware! Use Antiviral Software

MemEater

Description MemEater

It is not a dangerous memory resident boot virus. It hooks INT 13h and writes itself to the boot sectors of floppy disks that are accessed.
While infecting the floppy disk the virus stores in its code the current day and month. While loading from that disk the virus decreases the size of the system memory by 1K, if the system is loading from the floppy disk that has been infected on the same day. In another case the virus decreases the system memory by 2K, and stores new date and month, then by 3K, 4K, e.t.c.
As the result, each day the virus "eats" more system memory, than the day before.

MemLapse.323

Description MemLapse.323

These are harmless parasitic viruses. They infect the files at their ends. The viruses contain the internal text string "Copyright (c) 1993 Memory Lapse". Some of them use System File Table on file infection.
"MemLapse.323,375,406" are not memory resident viruses. "MemLapse.375" is the encrypted virus. They search for .COM-files of the current directory and hit them.
"MemLapse.366,407,449" are not memory resident viruses. They search for .EXE-files and hit them.
"MemLapse.465,385,605,787,820,839,845," are memory resident viruses. They hook INT 21h and hit COM- and EXE-files ("MemLapse.385,465" infect COM-files only). "MemLapse.787,845" disinfect the files in their opening.
The "MemLapse" viruses also contain the internal text string:
"MemLapse.323": *ML.C?M COMMAND.Memory_Lapse.323A (05/28/93)
"MemLapse.366": Memory_Lapse.366A (07/01/93)
"MemLapse.375": *ML.C?M Memory_Lapse.375A (05/29/93)
"MemLapse.385": [Chromosome Glitch] v3.0
"MemLapse.406": *.COM .. [Chromosome Glitch] v1.0
"MemLapse.407": *M.EXE [Chromosome Glitch] v2.0
"MemLapse.449": *.EXE [Chromosome Glitch] v2.0 Copyright (c) 1993 Memory Lapse
"MemLapse.465": [Golgi Testicles] v1.0
"MemLapse.605": [Golgi Testicles] v2.0
"MemLapse.787": [Nympho Mitosis] v2.0 Phalcon/Skism Canada
"MemLapse.820": [Golgi Testicles] v3.0
"MemLapse.839": [Nympho Mitosis] v1.0
"MemLapse.845": [Nympho Mitosis] v1.0

Home