|
The Earthday Virus is a VCL generated encrypted computer virus which infects .COM files including COMMAND.COM. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation and corrupts program files. The virus contains anti-debugging code
 Research Earthday Virus
Eclipse 2000 is a network backdoor Trojan that communicates through port 3459.
Research Eclipse 2000
Eclypse 1.0 is a network backdoor Trojan that communicates through port 3801.
Research Eclypse 1.0
The Eclypse Virus is an encrypted computer virus which infects .COM and .EXE files including COMMAND. COM. The virus is loaded into memory by executing an infected program. The virus corrupts program or overlay files and data files.
Research Eclypse Virus
The ECV Virus is a computer virus which infects .EXE files. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation and corrupts program or overlay files.
Research ECV Virus
The Ed Virus is a computer virus which infects .COM and .EXE files including COMMAND.COM. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation and corrupts program or overlay files and data files.
Research Ed Virus
The Edcl Virus is a computer virus which infects .COM and .EXE files including COMMAND.COM. The virus is loaded into memory by executing an infected program. The virus corrupts program or overlay files and data files.
Research Edcl Virus
The EDV Virus is a computer virus which uses stealth techniques to avoid detection and which infects the fixed disk partition table. The virus is loaded into memory by booting from an infected disk and then affects the computer's runtime operation.
Research EDV Virus
The Egg Virus is a computer virus which infects .COM and .EXE files. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation and corrupts program or overlay files.
Research Egg Virus
The Ein Volk Virus is a computer virus which infects .COM files including COMMAND.COM. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation and corrupts program or overlay files.
Research Ein Volk Virus
The Einstein Virus is a computer virus which infects .EXE files. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation, corrupts program or overlay files.
Research Einstein Virus
The Ekoterror Virus is an encrypted computer virus which uses stealth techniques to avoid detection and which infects the fixed disk partition table. The virus is loaded into memory by booting from an infected disk. The virus corrupts data files.
Research Ekoterror Virus
The Eliza Virus is a computer virus which infects .COM files including COMMAND.COM. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation, corrupts program or overlay files.
Research Eliza Virus
The Elvirus Virus is a computer virus which infects .COM files. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation and corrupts program or overlay files.
Research Elvirus Virus
Email Password Sender is a network backdoor Trojan that communicates through port 25.
Research Email Password Sender
The Emmie Virus is a computer virus which infects .COM and .EXE files. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation and corrupts program files. The virus activates any time in September and displays the following message in the middle of the screen written in red: -= ERROR Virus Version 0.1B (C) 1994 JH =-
Research Emmie Virus
The EMO Virus is a computer virus which infects .COM files including COMMAND. COM. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation and corrupts program or overlay files.
Research EMO Virus
The Empire Virus is an encrypted computer virus which infects the fixed disk and diskette boot sectors . The virus is loaded into memory by booting from an infected disk and then affects the computer's runtime operation and corrupts program or overlay files.
Research Empire Virus
The End-of Virus is a computer virus which infects .COM files including COMMAND.COM. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation, corrupts program or overlay files.
Research End-of Virus
The Enigma Virus is an encrypted computer virus which infects .EXE files. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation and corrupts program files.
Research Enigma Virus
The Enola Virus is a computer virus which infects .COM and .EXE files including COMMAND.COM. The virus is loaded into memory by executing an infected program. The virus corrupts program or overlay files and data files.
Research Enola Virus
The Error Virus is a computer virus which infects .EXE files. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation and corrupts program files.
Research Error Virus
The Error 412 virus Virus is a computer virus which infects .COM files including COMMAND.COM. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation and corrupts program or overlay files.
Research Error 412 virus Virus
The Essex Virus is a computer virus which infects the diskette boot sector. The virus is loaded into memory by booting from an infected disk and then affects the computer's runtime operation and corrupts program or overlay files.
Research Essex Virus
The Estepa Virus is a computer virus which infects .COM and .EXE files including COMMAND.COM. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation and corrupts program or overlay files.
Research Estepa Virus
The ETC Virus is a computer virus which infects .COM files including COMMAND. COM. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation, corrupts program or overlay files and data files.
Research ETC Virus
The Europe-92 Virus is a computer virus which infects .COM files including COMMAND.COM. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation, corrupts data files.
Research Europe-92 Virus
Evil FTP is a network backdoor Trojan that communicates through port 23456.
Research Evil FTP
The Evil Genius Virus is a computer virus which infects .COM and .EXE files including COMMAND.COM. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation and corrupts program or overlay files and data files.
Research Evil Genius Virus
The EXE virus concept is as follows: first, the original Disk Transfer Address is preserved to avoid changing command-line text. Also initial values of the CS, IP, SS, SP DS and ES registers are saved (to be restored on exit from virus code). The virus is to be appended to the original code and, of course, has to be relocated before it's executed. Thus, the virus looks for an EXE file. Then it has to know if this is in fact an EXE (checking for the magic ' MZ' signature) and if there is any free space in the program's relocation table. This is checked by substracting the relocation table end (i.e. sum of table start and number of relocation items, multiplied by the table entry size) from the EXE header size. A smart virus shouldn't infect a file that's already infected. So the first four bytes of code to be executed are compared against the virus code. If they match one another, no infection takes place. Other signature methods are used, but this is the most common. Having found a suitable file, the virus computes
its code end and appends itself at the end of code, writing at an alignment to the last 512-bytes page boundary if necessary. The original start address is preserved inside the virus, and the CS:IP value in the EXE header is changed, so that the virus code is executed first. The number of pages is changed, together with the Last Page Size and Number Of Relocation Items. A new relocation item address is appended to the relocation table, pointing to the segment of the far jump in the virus (this is the jump the virus uses to return to the original code). Upon returning from the virus, all the saved registers and DTA are restored to reestablish the environment state as if no virus existed. The real trouble with EXEs is that DOS pays a little (if any) attention to the Last Page Size. Therefore EXE files ofen have this zeroed, even if they have some code on the last page. Writing to the last page can cause a system crash while an infected file is being executed. To solve the problem, one should first test if the EXE file really ends as the header
contents say and move to the last page end instead of appending any bytes, if possible. Another problem is infecting EXEs containg debug info. Debug info comes in various formats, and often contains vital information placed behind the actual code. This info gets destroyed when the file becomes infected, sometimes causing the infected program to crash.
Research Exe Virus Concept
The Exebug 1 Virus is a computer virus which uses stealth techniques to avoid detection and which infects the fixed disk partition table. The virus is loaded into memory by booting from an infected disk and then affects the computer's runtime operation.
Research Exebug 1 Virus
The Exebug 2 Virus is a computer virus which uses stealth techniques to avoid detection and which infects the fixed disk partition table. The virus is loaded into memory by booting from an infected disk and then affects the computer's runtime operation and corrupts program or overlay files.
Research Exebug 2 Virus
Executor is a network backdoor Trojan that communicates through port 80.
The Exper416 Virus is a computer virus which infects .COM files including COMMAND.COM. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation and corrupts program or overlay files.
Research Exper416 Virus
The Explode Virus is a computer virus The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation and corrupts program or overlay files and data files.
Research Explode Virus
The Exterminator Virus is a computer virus which infects .COM and .EXE files including COMMAND.COM. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation, corrupts data files.
Research Exterminator Virus
The Eziarch Virus is a computer virus which infects .COM and .EXE files including COMMAND.COM. The virus is loaded into memory by executing an infected program and then affects the computer's runtime operation and corrupts program or overlay files.
Research Eziarch Virus
|
Abbreviations
Computer Viruses
