Mugshot Virus

Virus Name: Mugshot Aliases: V Status: Rare Discovered: August, 1992 Symptoms: BSC; system boot failures Origin: India Eff Length: N/A Type Code: BR - Resident Boot Sector Infector Detection Method: AVTK, ViruScan, IBMAV, F-Prot, Sweep, NAV, NAVDX, VAlert, PCScan, ChAV Removal Instructions: DOS SYS on infected system diskettes General Comments: The Mugshot virus was received in August, 1992. It is originally from India. Mugshot is a memory resident infector of diskette boot sectors. When the system is booted from a diskette whose boot sector is infected with the Mugshot virus, the Mugshot virus will become memory resident. At this point, the boot process will usually fail. When the user then replaces the boot diskette, the newly inserted diskette will become infected if it is not write protected. The boot will still not complete. Mugshot infected diskettes will have the following text strings located within the viral code in the diskette boot sector: "Ref:vb. Greetings from Anil Rao!(snapé__ with graphics program) This prog is aimed at developping permanent vaccines forvirusesThis program is harmless it doesnt destroy data., affects only a:,b: drives.For info. contact Anil Rao. Bombay, India." The Mugshot will have moved the original boot sector to another location on the disk, where it will be immediately followed by several sectors of additional virus code. These additional sectors will include the following additional text strings: "For every vaccine thereis a virus" ".Do no pla" Mugshot is a poor replicator, we were unable to successfully boot the system from any infected diskettes, though we were able to replicate the virus.