home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Collection of Hack-Phreak Scene Programs
/
cleanhpvac.zip
/
cleanhpvac
/
CASIOCOL.ZIP
/
WEEDV13.ZIP
/
WEED.NFO
< prev
next >
Wrap
Text File
|
1997-03-16
|
2KB
|
38 lines
Virus Author: Casio - RAiDERZ Coderz
Virus Name : WEED v1.3
PayLoad.....: BAIT file avoidance - FIles considered to be bait are destroyed
instead of being infected. VGA payload has a 1/10 chance
going off everytime an infected program is run. VGA payload
is an animated moving StarField. If the user presses \ while
the starfield is moving, The program will continue loading
as normal.
Virus Target: *.exe and *.com files. COMMAND.COM is avoided!
Virus Info..: WEED will disable vsafe/vscan if found in memory. WEED will
also infect files after the host has finished running. Good
example: pkzip and pkunzip.exe. Once pkunzip.exe is infected
any files it makes for you *.com and *.exe will become weed
carriers. That is, before you even have access to them.
Virus Size..: Varies. Depends on the host size and what weed feels like doing.
Encryption..: Oh yes, on host data... Encryption algorithm is much better
then previous version
Stealth.....: infected *.exe or *.com file will not notice infection while
in operation.
Tech Details:
This is the fourth generation of the WEED virus. (Will they ever end?)
WEED is now fully encrypted at all times! WEED will no longer infect
COMMAND.COM, this file is avoided. WEED will now target various checksum
files if found in the current directory. If these checksum files are found
WEED removes them before attempting to modify any files. All of the encryption
decryption routines have been changed from v1.2. The signature block has also
been changed for this version. A critical error handler has been introduced
as of v1.2, which prevents sharing violation errors as well as write protect
errors! Instead of infecting files smaller then WEED, they are destroyed -
they will either lockup the machine or reboot it when run.
There are no current plans to release the source to this virus. If you want to
see how it works that badly, test your skills at debugging it.