Dejmi Virus


 Virus Name:  Dejmi 
 Aliases:     Susenka 
 V Status:    Rare 
 Discovered:  July, 1994 
 Symptoms:    .COM file growth; file date/time changes; system hangs; 
              decrease in total system & available free memory 
 Origin:      Unknown 
 Eff Length:  862 Bytes 
 Type Code:   PRhCK - Parasitic Resident .COM Infector 
 Detection Method:  F-Prot, AVTK, IBMAV, ViruScan, Sweep, ChAV, 
                    NAV, NAVDX, VAlert, PCScan, 
                    NProt, AVTK/N, Sweep/N, IBMAV/N, Innoc, NShld, NAV/N, 
                    LProt 
 Removal Instructions:  Delete infected programs 
 
 General Comments: 
       The Dejmi virus was submitted in July, 1994.  Its origin or point of 
       isolation is unknown.  Dejmi is a memory resident infector of .COM 
       programs, including COMMAND.COM. 
 
       When the first Dejmi infected program is executed, this virus will 
       install itself memory resident at the top of system memory but below 
       the 640K DOS boundary, moving interrupt 12's return.  Total system and 
       available free memory, as indicated by the DOS CHKDSK program, will 
       have decreased by 1,024 bytes.  Interrupts 09, 1C, and 21 will be 
       hooked by the virus in memory. 
 
       Once memory resident, the Dejmi virus will infect .COM programs, 
       including COMMAND.COM, when they are executed.  Infected programs will 
       have a file length increase of 862 bytes with the virus being located 
       at the end of the file.  The program's date and time in the DOS disk 
       directory listing will have been updated to the current system date 
       and time when infection occurred.  No text strings are visible within 
       the viral code in infected files.

Show viruses from discovered during that infect .

Main Page