Tamper Virus


 Virus Name:  Tamper 
 Aliases:    
 V Status:    New 
 Discovered:  July, 1994. 
 Symptoms:    .EXE file growth; TSR 
 Origin:      Unknown 
 Eff Length:  1,400 - 1,414 Bytes 
 Type Code:   PRsE - Parasitic Resident .EXE Infector 
 Detection Method:  AVTK, Sweep, ViruScan, NAV, PCScan, 
                    NAVDX, VAlert, 
                    AVTK/N, Sweep/N, NShld, NAV/N, LProt 
 Removal Instructions:  Delete infected files 
 
 General Comments: 
       The Tamper virus was received in August, 1994.  Its origin or point 
       of isolation is unknown.  Tamper is a memory resident infector of 
       .EXE files. 
 
       When the first Tamper infected program is executed, this virus will 
       install itself memory resident as a low system memory TSR of 1,744 
       bytes.  Interrupt 21 will be hooked by the virus in memory. 
 
       Once the virus is memory resident, it will infect .EXE files when they 
       are executed.  Infected programs will have a file length increase of 
       1,400 to 1,414 bytes with the virus being located at the end of the 
       file.  The program's date and time in the DOS disk directory listing 
       will not be altered.  The following text string is visible within 
       the viral code in all Tamper infected programs: 
 
               "WARNING: Do not tamper with this code !!!  Systems & 
                Mgt. Dynamics, Inc." 
 
       It is unknown what Tamper does besides replicate. 

Show viruses from discovered during that infect .

Main Page