OMT Virus

 Virus Name:  OMT 
 Aliases:     413, One More Thing 
 V Status:    Rare 
 Discovered:  May, 1992 
 Symptoms:    .COM file growth; long disk accesses; system hangs; 
              hard disk overwritten after 1992 
 Origin:      Australia 
 Eff Length:  413 Bytes 
 Type Code:   PNCK - Parasitic Non-Resident .COM Infector 
 Detection Method:  ViruScan, Sweep, AVTK, F-Prot, IBMAV, PCScan, 
                    NAV, NAVDX, VAlert, ChAV, 
                    NShld, Sweep/N, AVTK/N, NProt, IBMAV/N, Innoc, NAV/N 
 Removal Instructions:  Delete infected files 
 General Comments: 
       The OMT, One More Thing or 417, virus was discovered in Australia 
       in May, 1992 by Peter Ferrie.  The OMT virus is a non-resident, 
       direct action infector of .COM programs, including COMMAND.COM. 
       It is destructive when it activates after in years after 1992. 
       When a program infected with the OMT virus is executed, the OMT 
       virus will infect all of the .COM programs located in the current 
       directory.  Once it has completed infecting all of the .COM 
       programs, a system hang usually occurs.  The virus contains code 
       to infect the C: drive root directory, however it appears this 
       code isn't functional. 
       Programs infected with the OMT virus will have a file length 
       increase of 413 bytes with the virus being located at the end of 
       the infected file.  The program's date and time in the DOS disk 
       directory listing will not be altered. 
       OMT is an encrypted virus, so no text strings are visible within 
       the viral code in infected files.  The following text strings 
       are included in the virus: 
               "And one more thing... fuck you!" 
       The OMT virus activates when the year of the system date is after 
       1992.  At that time, the virus will overwrite the system hard disk 
       starting at side 0, cylinder 0, sector 1, when an infected program 
       is executed. 

Show viruses from discovered during that infect .

Main Page