Brainy Virus

 Virus Name:  Brainy 
 V Status:    Rare 
 Discovery:   November, 1991 
 Symptoms:    .COM file growth; decrease in total system & available 
              free memory; system hangs 
 Origin:      Bulgaria 
 Eff Length:  768 - 1,531 Bytes 
 Type Code:   PRsCK - Parasitic Resident .COM Infector 
 Detection Method:  AVTK, Sweep, F-Prot, NAV, ViruScan, IBMAV, NAVDX, 
                    VAlert, PCScan, ChAV, 
                    NShld, LProt, Sweep/N, Innoc, NProt, AVTK/N, NAV/N, 
 Removal Instructions:  Delete infected files 
 General Comments: 
       The Brainy virus was received in November, 1991.  It is originally 
       from Bulgaria.  Brainy is a memory resident infector of .COM 
       programs, including COMMAND.COM.  It is based on the Warrior virus. 
       The first time a program infected with Brainy is executed, the 
       Brainy virus will install itself memory resident at the top of 
       system memory but below the 640K DOS boundary.  Interrupt 21 will 
       be hooked by the Brainy virus.  Interrupt 12's return will not have 
       been moved.  Total system and available free memory, as indicated 
       by the DOS CHKDSK program, will have decreased by 1,552 bytes. 
       After the Brainy virus has installed itself memory resident, it will 
       infect all .COM programs which are executed, including COMMAND.COM. 
       Infected programs will have a file length increase of 768 to 
       1,531 bytes.  Unlike most viruses, the Brainy virus will have 
       inserted itself into the file, possibly in the middle.  The following 
       text string can be found at the end of the viral code in all 
       Brainy infected programs: 
       Brainy infected programs will usually not execute properly on a 
       386 based processor, and may hang the system. 
       It is unknown if Brainy does anything besides replicate. 
       See:   Warrior 

Show viruses from discovered during that infect .

Main Page