Virus Database

DeadWin.1228

Description DeadWin.1228

These are memory resident encrypted parasitic stealth viruses. They hook INT 21h, and write themselves to the end of COM and EXE files that are executed or closed. When an infected file is opened, the viruses disinfect it. While infecting, the viruses can corrupt files.
The viruses check the names of files that are executed, and if the file name begins with "WI" (WIN.COM), they run their trigger routines (see below).
The virus checks the system date and time. If the system date is November 13th or June 21st, it formats the hard drive and displays the message:
hard disk destroyed!
On Fridays, when WIN.COM is executed, this virus checks the system timer, and if the hour counter is equal to the second counter, the virus displays the following message, and reboots the computer:
Dead to Windows!

Check other viruses! Be aware! Use Antiviral Software

ChaosYears Family

Description ChaosYears Family

These are dangerous memory resident parasitic viruses. They hook INT 21h and write themselves to the end of COM- and EXE-files on their opening or execution. Sometimes the viruses erase disk sectors and then decrypt and display the message:
YOUR DISK HAS BEEN DESTROYED BY THE " CHAOS YEARS " VIRUS all
ACCEPT MY SINCERE SYMPATHY !
SIGNED : THE DARK AVENGER .

Chapa Family

Description Chapa Family

These are memory resident parasitic viruses. They hook INT 21h and write themselves to the beginning of COM-files that are executed. The viruses contain the text strings:
"Chapa.447": ANTI "T.M.E.- VARNA",VIRUS BY MIK
"Chapa.448": V.Black LoveCM
"Chapa.450.a": CHAPA
"Chapa.450.b": T.M.E. - VARNA
"Chapa.450.c": *BY APAHC*
"Chapa.566": ANTI "T.M.E.- VARNA",VIRUS BY MIK.F;
"Chapa.572": 21/10/95 - "Black Love".
May Autor is Mr.Loverman T.M.E - Varna.
"Chapa.586": *"MG-VARNA" THE BEST SCHOOL ALL THE WORLD. BY APAHC*

All these viruses except "Chapa.450.a,c" also hook INT 13h and depending on the system timer corrupt the data that are stored on disk.

Home