Twin Peaks Virus


 Virus Name:  Twin Peaks 
 Aliases:    
 V Status:    Viron 
 Discovered:  September, 1992 
 Symptoms:    .COM programs overwritten; boot failures; program corruption; 
              message 
 Origin:      Australia 
 Eff Length:  1,310 Bytes 
 Type Code:   ONCK - Overwriting Non-Resident .COM Infector 
 Detection Method:  F-Prot, Sweep, IBMAV, NAVDX, PCScan, 
                    ViruScan, NAV, VAlert, ChAV, AVTK 7.68+, 
                    NShld, Sweep/N, IBMAV/N, Innoc, NAV/N, LProt, 
                    AVTK/N 7.68+ 
 Removal Instructions:  Delete hidden infected files 
 
 General Comments: 
       The Twin Peaks virus was received from Australia in September, 1992. 
       Twin Peaks is a non-resident, direct action overwriting virus which 
       infects .COM programs, including COMMAND.COM 
 
       When a program infected with the Twin Peaks virus is executed, this 
       virus will infect one .COM program located on the C: drive.  The 
       virus will then display the following text message, and return the 
       user to the DOS prompt: 
 
               "Welcome to Twin Peaks.. 
                Your PC now has the Twin Peaks virus" 
 
       Programs infected with the Twin Peaks virus will have the first 
       1,310 bytes overwritten.  There will be no change to the file's 
       date and time in the DOS disk directory listing.  The above 
       message text strings are visible within infected files, as are 
       the following additional text strings: 
 
               "*.com*" 
               "??????????? ????????com\" 
               "????????exe ????????com" 
 
       See:  VirDem 

Show viruses from discovered during that infect .

Main Page