J&M Virus


 Virus Name:  J&M 
 Aliases:     Jimi, Jimmy 
 V Status:    New 
 Discovery:   December, 1997 
 Symptoms:    decrease in total system & available free memory; 
              MBR altered; diskette boot sectors altered 
 Origin:      Unknown 
 Eff Length:  N/A Bytes 
 Type Code:   BRtX - Memory Resident Boot Sector & MBR Infector 
 Detection Method:  ViruScan 3.14 3101+, NAV 3.11 9710+, NAVDX 4.0 9710+ 
 Removal Instructions:  FDisk /MBR or DOS SYS command, or use anti-viral 
              software 
 General Comments: 
       The J&M virus was received in December, 1997, though it has been 
       reported to be "in the wild" in Europe for some time.  J&M is a 
       memory resident infector of the hard disk master boot record as 
       well as diskette boot sectors. 
 
       When a system is first booted with a J&M infected diskette, the 
       J&M virus will infect the system hard disk master boot record. 
       Then later, when the system is booted from the infected hard 
       drive, the virus will install itself memory resident.  Total 
       system and available free memory will have decreased by 2,048 
       bytes, and interrupt 12's return will have been moved. 
 
       Once the J&M virus is memory resident, it will infect diskette 
       boot sectors when unwrite-protected diskettes are accessed on 
       the system.  The virus contains the following unencrypted 
       text string: 
 
           "J&M"

Show viruses from discovered during that infect .

Main Page