Internet threat level: 1
Home→Descriptions→Virus.DOS.Glew.4283
Virus.DOS.Glew.4283
| Detected | Apr 08 1998 20:00 GMT |
| Released | Apr 08 1998 20:00 GMT |
| Published | Jun 22 2000 10:42 GMT |
Technical Details
This is a very dangerous memory resident parasitic polymorphic virus. It hooks INT 21h and writes itself to the end of EXE files that are executed, opened or closed. The virus does not infect several anti-virus programs (TBAV, FVIRU, F-PROT, AVP, e.t.c.) and COMMAND.COM according to the string:
TB FV F- VS AV VIR HIE OOLK UARD SCAN CLEA MMAN
The virus intercepts KEY and SIG files opening, looks for some program in the memory (anti-virus?) and patches its code.
On January 3, 9 and on July 19 the virus erases the hard drive sectors and displays the message:
A la Memoria de Cevallitos -= RATA de GLEW virus =-
Viruses replicate on the resources of the local machine.
Unlike worms, viruses do not use network services to propagate or penetrate other computers. A copy of a virus will reach remote computers only if the infected object is, for some reason unrelated to the virus function, activated on another computer. For example:
- when infecting accessible disks, a virus penetrates a file located on a network resource
- a virus copies itself to a removable storage device or infects a file on a removable device
- a user sends an email with an infected attachment.
Virus.
- Glew.
4283 (Kaspersky Lab) - Brass.
4283 (Panda) - Brass.
4275 (FPROT) - Glew.
4283 (DrWeb)
© 1997-2012 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.