StarDot 789 Virus
Virus Name: StarDot 789
V Status: Rare
Discovered: September, 1991
Symptoms: .COM & .EXE growth; system hangs
Eff Length: 789 - 805 Bytes
Type Code: PNAK - Parasitic Non-Resident .COM & .EXE Infector
Detection Method: ViruScan, F-Prot, Sweep, AVTK, ChAV,
NAV, IBMAV, NAVDX, VAlert, PCScan,
LProt, Sweep/N, NShld, Innoc, NProt, AVTK/N,
Removal Instructions: Delete infected files
The StarDot 789 virus was submitted in September, 1991. Its origin
is unknown. StarDot 789 is a non-resident, direct-action infector
of .COM and .EXE files, including COMMAND.COM.
When a program infected with StarDot 789 is executed, this virus
will search the current directory for an uninfected .EXE file to
infect. If one is found, it will be infected. If an uninfected
.EXE file is not found, the virus will then search the current
directory for an uninfected .COM program to infect, and infect
it if found.
StarDot 789 infected files will have a file size increase of 789
to 805 bytes with the virus being located at the end of the
infected file. There will be no change in the file's date and
time in the DOS disk directory.
Systems infected with StarDot 789 may experience system hangs
when the user attempts to execute infected .COM files.
It is unknown what StarDot 789 does besides replicate.
See: StarDot 600 StarDot 801