Vampire Virus


 Virus Name:  Vampire 
 Aliases:    
 V Status:    Viron 
 Discovered:  July, 1994 
 Symptoms:    .COM file corruption; message; file date/time changes 
 Origin:      Unknown 
 Eff Length:  417 Bytes Overwriting 
 Type Code:   ONCK - Overwriting Non-Resident .COM Infector 
 Detection Method:  ViruScan, NAV, NAVDX, AVTK 7.68+, 
                    NShld, NAV/N, AVTK/N 7.68+ 
 Removal Instructions:  Delete infected files 
 
 General Comments: 
       The Vampire virus was received in July, 1994.  Its origin or point of 
       isolation is unknown.  Vampire is a non-resident, direct action 
       overwriting virus which infects .COM files, including COMMAND.COM. 
 
       When a program infected with the Vampire virus is executed, this virus 
       will infect one .COM file located in the current directory.  Infected 
       programs will have the first 417 bytes overwritten by the viral code. 
       The program's date and time in the DOS disk directory listing will 
       have been updated to the current system date and time when infection 
       occurred.  The following text strings are visible within the viral 
       code in all infected files: 
 
               "[Vampire] [DS] [OEC-G001] NJ Memory stack overflow." 
               "Insuffiscient memory." 
               "Program too big to fit into memory." 
               "*.COM" 
 
       Execution of infected programs will also usually result in the 
       third message above being displayed, and the user returned to the 
       DOS prompt.

Show viruses from discovered during that infect .

Main Page