 |
Amiga Antivirus Website www.vht-dk.dk |
 |
------------------------
Amiga Virus Encyclopedia
Neurotic Death 4 Inst.
------------------------
Name : Neurotic Death 4 Inst.
Other name : Mutagen 2E
Aliases : No Aliases
File name 1 : DMS WBENCH v2.04
File size 1 : 106.664 bytes
106.796 bytes
File name 2 : asl.library 39.4 (18.8.92)
File size 2 : 47.096 bytes
Original : -
Type : Trojan
Size : 2.936 bytes
Symptoms : No Sypmtoms
Discovered : June 1997
Way to infect: Data destruction: Every 3 reads from the current drive, the virus randomly
selects a number and overwrites a random sector with this number on the disk
with random data.
Hiding in memory: The virus detects the activity of popular antivirus programs
and does not infect if they are running. If an infected file is run and the
antivirus program is active, the virus installs itself in memory and waits for
it to finish. If the virus was launched before the antivirus program, it
detects the fact that it was launched, removes its modifications and waits for
the antivirus program to finish. In addition, the virus code is 95% encrypted
in memory.
Rating : Dangerous
Kickstarts : 1.3 infected programs hang
2.0
3.0
Damage : ND is *BIG*, *HIGHLY* polymorphic, partly stealth and destructive virus coded
in Poland. Virus patches LoadSeg() vector. Length is random; implemented
[MutaGen2]_E polymorphic module. ND (like 'Elbereth' viruses) kick out from
memory ANY patch installed on patched vectors in memory before virus by
calculation value of original adress of LoadSeg in ROM. Additionally DoIO()
vector was patched to annihilate Your HD.
Removal : VirusZ III with Xvs.library installed
Test made by : Jan Andersen - Virus Help Team
|
Denmark & Canada Copyright © All rights reserved www.vht-dk.dk |