Groove OW Virus

 Virus Name:  Groove OW 
 V Status:    Viron 
 Discovered:  December, 1992 
 Symptoms:    .EXE files overwritten & truncated; file date/time changes; 
              graphic display; lost clusters; C:\COMMAND.COM replaced; 
              boot failures; programs fail to function properly 
 Origin:      Unknown 
 Eff Length:  1,214 Bytes OW 
 Type Code:   PNEK - Non-Resident Overwriting COMMAND.COM &.EXE Infector 
 Detection Method:  ViruScan, Sweep, AVTK, F-Prot, IBMAV, 
                    NAV, NAVDX, VAlert, PCScan, ChAV, 
                    NShld, Sweep/N, AVTK/N, LProt, NAV/N, IBMAV/N, 
                    Innoc, NProt 
 Removal Instructions:  Delete infected files 
 General Comments: 
       The Groove OW virus was submitted in December, 1992.  Its origin or 
       point of isolation is unknown.  Groove OW is a non-resident direct 
       action overwriting virus which infects .EXE programs and the copy 
       of COMMAND.COM located in the C: drive root directory.  It is not 
       related to the  Groove  virus. 
       When a program infected with the Groove OW virus is executed, this 
       virus will infect the copy of COMMAND.COM located in the C: drive 
       root directory as well as one .EXE program located in the current 
       drive's current directory.  It will then display a graphic with 
       the name "Sara's Groove". 
       Programs infected with the Groove OW virus will have a file length 
       of 1,214 bytes and will contain pure viral code.  The file's date 
       and time in the DOS disk directory listing will be the system date 
       and time when infection occurred.  The following text strings can 
       be found within the viral code in all Groove OW infected programs: 
               "*.exe c:\ .. Darkest avenger" 
               "Isnt dedicated to Sara Gordon" 
               "Its dedicated to her GROOVE!" 
       Disks infected by the Groove OW virus will have a large number of 
       lost clusters.  The virus creates three additional lost clusters 
       each time an infected program is executed.  System boot failures 
       will also occur when the user attempts to boot from the system 
       hard disk. 

Show viruses from discovered during that infect .

Main Page