Dewdz Virus


 Virus Name:  Dewdz 
 Aliases:    
 V Status:    Rare 
 Discovered:  November, 1991 
 Symptoms:    .COM file growth; message; system hangs; boot failure 
 Origin:      Unknown 
 Eff Length:  601 Bytes 
 Type Code:   PNCK - Parasitic Non-Resident .COM Infector 
 Detection Method:  ViruScan, Sweep, AVTK, F-Prot, ChAV, 
                    NAV, IBMAV, NAVDX, VAlert, PCScan, 
                    NShld, LProt, Sweep/N, Innoc, NProt, AVTK/N, 
                    NAV/N, IBMAV/N 
 Removal Instructions:  Delete infected files 
 
 General Comments: 
       The Dewdz virus was received in November, 1991 from an unknown 
       origin.  This virus is a non-resident, direct action infector of 
       .COM files, including COMMAND.COM.  It is based on the Burger 
       group of viruses, and some anti-viral utilities will identify it 
       as such. 
 
       When a program infected with Dewdz is executed, the virus will 
       search the C: drive root directory for an uninfected .COM program 
       to infect.  If one is found, it will become infected.  Dewdz 
       infected programs will have a file length increase of 601 bytes 
       with the virus being located at the beginning of the file.  There 
       will be no change to the file's date and time in the DOS disk 
       directory listing.  The following text strings can be seen within 
       the viral code in infected programs: 
 
               "OUSE BBSTEMP" 
               "*.com *" 
 
       Infected programs may display the text "Kewl Dewdz!" when they 
       are executed, and the system will then appear to be hung.  If the 
       system user presses CTRL-C, processing will usually continue. 
 
       Systems may also experience boot failures when the Dewdz virus has 
       previously infected COMMAND.COM on the boot drive. 
 
       See:   Burger 

Show viruses from discovered during that infect .

Main Page