| Description:
|
Details
Win32.Undertaker
It is a dangerous nonmemory resident encrypted parasitic Windows virus. It searches for PE EXE files (Windows32 executable) in current, Windows and Windows system directories, then writes itself to the end of the file to the last file section and increases its size. The virus has bugs in infection routine, and infected files in some cases cause standard Windows message about an error in application.
The virus deletes the anti-virus data files: AVP.CRC, IVP.NTZ, ANTI-VIR.DAT, CHKLIST.MS, CHKLIST.CPS, SMARTCHK.MS, SMARTCHK.CPS.
On 7th of any month it displays window with the text:
UNDERTAKER 1.0 (c) 1999 Lord Julus/[SLAM]
And the time of the Undertaker has come
call our funeral services at (666)-DEVIL.
Always open !!
The virus also contains the text:
UnderTaker v.1.0 (C) Lord Julus / [SLAM] 1999 |
