Jasmine Virus


 Virus Name:  Jasmine 
 Aliases:    
 V Status:    Viron 
 Discovery:   January, 1995 
 Symptoms:    .EXE files altered; file date/time/changes; message; 
              .EXE file corruption 
 Origin:      Unknown 
 Eff Length:  269 Bytes Overwriting 
 Type Code:   ONE - Overwriting Non-Resident .EXE Infector 
 Detection Method:  F-Prot, AVTK, IBMAV, ViruScan, Sweep, NAVDX, VAlert, 
                    NAV, PCScan, ChAV, 
                    AVTK/N, IBMAV/N, NShld, Sweep/N, NProt, NAV/N, LProt, 
                    Innoc 4.0+ 
 Removal Instructions:  Delete infected files 
 
 General Comments: 
       The Jasmine virus was received in January, 1995.  Its origin or 
       point of isolation is unknown.  Jasmine is a non-resident, direct 
       action overwriting virus which permanently corrupts the .EXE 
       files it infects. 
 
       When a program infected with the Jasmine virus is executed, this 
       virus will infect the first three .EXE files located in the 
       current directory, and then display the following message and 
       return the user to the DOS prompt: 
 
         "The Jasmine Virus is loose, better protect your computer.Beware! 
          There now it works! [JD]" 
 
       Files infected with the Jasmine virus will have the first 269 bytes 
       overwritten with the Jasmine viral code, thus permanently corrupting 
       the host program.  The file's date and time in the DOS disk directory 
       listing will have been updated to the current system date and time 
       when infection occurred.  In addition to the text string indicated 
       above as the virus' message, the following additional text strings 
       can be found within the viral code in all infected files: 
 
               "*.exe" 
               "Admiral Bailey [YAM]" 
 
       Programs infected with the Jasmine virus cannot be disinfected. 
       They should be deleted and replaced with uninfected copies.

Show viruses from discovered during that infect .

Main Page