Product Support
About Us
Products
File Updates
Support
Resellers
Purchase Now
Search GEAR
Contact Us
Virus Listing GoldBug - Virus Details

GoldBug

Aliases:
Size: 1024 KB
Frequency: 3

Characteristics:
  • Infects MBR
  • Infects diskette boot record
  • Infects EXE files
  • Infects as a companion
  • Memory resident
  • Multipartite virus
  • Full stealth
  • Encrypted (code and data)
  • Polymorphic
  • Uses tunneling
  • Contains clear text string or message
  • Modifies CMOS
  • Makes MBR inaccessible
  • Disables AV product(s)
  • Targets AV integrity information
Information:
    Text String: "CHKLST????", "107=0SLMTA" (This latter string is sent, in reversed order, to the modem so it answers incomming calls on the seventh ring.) CMOS Modification: Overwrites CMOS when certain antivirus programs are run. Prevents programs from running that end in "AN" to "AZ" (Including files like *SCAN, and *AV.) Targets: Removes integrity files of CPAV and MSAV. Notes: The virus can install itself in HMA memory. The virus overwrites the partition table in the MBR. The infected drive will be invisible to DOS if the system is booted from an uninfected floppy. Using fdisk /mbr will render the drive unbootable.
Virus List Back to the Virus List page

Virus Databases Virus Databases Virus Links Virus Links
Virus Research Virus Research Security Security



About Us
About
Us
 Products
Products

 File Updates
Updates

 Support
Support

 Resellers
Resellers

 Purchase
Purchase

 Contact Us
Contact
Us

 Home


Command Software · Inc
1061 East Indiantown Road · Suite 500
Jupiter · FL   33477
USA