Bloody Warrior Virus

 Virus Name:  Bloody Warrior 
 V Status:    Rare 
 Discovery:   April, 1994 
 Symptoms:    .COM & .EXE file growth; 
              decrease in total system & available free memory 
 Origin:      Italy 
 Eff Length:  1,344 Bytes 
 Type Code:   PRhAK - Parasitic Resident .COM & .EXE Infector 
 Detection Method:  F-Prot, ViruScan, AVTK, Sweep, IBMAV, NAV, 
                    NAVDX, PCScan, 
                    NShld, NProt, AVTK/N, Sweep/N, IBMAV/N, NAV/N, LProt 
 Removal Instructions:  Delete infected files 
 General Comments: 
       The Bloody Warrior virus was received in February, 1994.  It appears 
       to be from Italy.  This virus is a memory resident infector of .COM 
       and .EXE programs, including COMMAND.COM. 
       When the first Bloody Warrior infected program is executed, this 
       virus will install itself memory resident at the top of system 
       memory but below the 640K DOS boundary, not moving interrupt 12's 
       return.  Total system and available free memory, as indicated by 
       the DOS CHKDSK program, will have decreased by 2,768 bytes. 
       Interrupt 21 will be hooked by the virus is memory. 
       Once the Bloody Warrior virus is memory resident, it will infect 
       .COM and .EXE programs when they are executed.  Infected programs 
       will have a file length increase of 1,344 bytes with the virus 
       being located at the end of the file.  The program's date and time 
       in the DOS disk directory listing will not be altered.  The 
       following text strings are encrypted within the Bloody Warrior's 
       viral code: 
               "FUCK YOU" 
               "I am the Bloody Warrior.  Nice to meet you.  What about 
                this virus ? Funny ?" 
               "There is no hope for you.  This virus was released in 
                Milan 1993. Bloody Warrior" 
       It is unknown what Bloody Warrior does besides replicate. 

Show viruses from discovered during that infect .

Main Page