Main Menu
Home
Bookmark
Contact Us

Categories
  Adware
  Adware Bundler
  AOL Exploit
  Backdoor
  Browser Hijacker
  Browser Plug-in
  Commercial Key Logger
  Commercial Remote Control
  Cookie
  Dialer
  E-Mail Flooder
  Hostile ActiveX Control
  ICQ Exploit
  Joke Program
  Key Logger
  Loader
  Low Risk Adware
  Misc
  Nuker
  P2P
  Password Hijacker
  Potential Privacy Risk
  Potentially Dangerous Tools
  RAT
  Search Hijacker
  Security Disabler
  Spyware
  Stealth Notifier
  Surveillance
  Toolbar
  Trojan
  Trojan Downloader
  Trojan FTP
  Trojan Telnet
  Viruses
  Worm
 


 
Loz Famil Viruses Information

Name: Loz Famil
Category: Viruses
Description: Details
Loz Family

These are dangerous memory resident encrypted parasitic viruses. Some of them use the polymorphic technology. They hook INT 21h and write themselves to the end of COM and EXE files that are accessed (the earlier versions infect COM files only). These viruses alter the first 4 bytes of COM files (JMP Loc_Virus, DB '+'). While creating a resident copy they decrease the value of system memory (the word at 0000:0413).
"Loz.1018,1023" viruses modify system information in boot sectors of floppies (set to zero the word corresponding to the number of disk drive heads). When the AIDSTEST.EXE (soviet antiviral program) is run the viruses display: "Welcom to demo version (C) Zherkov", (thereafter in Russian) "Lozinsky - STUPID, AIDSTEST-RUBBISH" (D.Lozinsky - author of a popular Russian anti-virus program). The "Loz.1018" virus deletes the AIDSTEST.EXE program. The "Loz.1882,1915" viruses delete the AIDSTEST.EXE file as it is run and display the following message (in Russian):
+-----------------------+
¦"INVARIATRON" JV ¦
¦Antiscientific centre ¦
¦Version 5 of 11.12.90 ¦
¦Lozinsky - STUPID ¦
¦Moscow, tel. 03 ¦
+-----------------------+
The full explanation see in the next AIDSREAD.ME.

"Loz.2968" sometimes displays the following picture:
________ ___ ___ ___ ___
¦¦¦ ¦¦¦ ¦¦¦ ____ ¦¦¦ _________¦¦¦___________________¦¦¦__
¦¦¦ ¦¦¦ ___ _____¦¦¦ ________ ¦¦¦ ________ ________ ¦¦¦
¦¦¦__¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦ ¯¯¯ ¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦ ¯¯¯ ¦¦¦
¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦ ¯¯¯¯¯¦¦¦ ¦¦¦ ¦¦¦__¦¦¦ ¯¯¯¯¯¦¦¦ ¦¦¦
¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦ ___ ¦¦¦ ¦¦¦ ¦¦¦
¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦__¦¦¦ ¦¦¦__¦¦¦ ¦¦¦ ¦¦¦__¦¦¦ ¦¦¦__¦¦¦ ¦¦¦
¦¦¦¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¦¦¯¯¯¯¯¯¯¯¯
¦¦¦ ¦¦¦¯¦¦¦ ¦¦¦¯¦¦¦ ¦¦¦¯¯¯¯ ¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦ ¦¦ ¦¦¦¯¦¦¦
¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦¯¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦ ¦ ¦¦¦ ¦¦¦¯¦¦¦ ¦¦¦_¦¦¦
¦¦¦ ¦¦¦_¦¦¦ ¦¦¦_¦¦¦ ¦¦¦_¦¦¦ ¦¦¦_¦¦¦ ¦¦¦_¦_¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦ ¦¦¦
___________ ¦¦¦ ________________¦¦¦ _________________________

"Loz.2435" detects the virtual mode which is used by debuggers on 80x86 computers and disables debugging.
Loz.724
It is a dangerous memory resident parasitic virus. It hooks INT 21h and writes itself to the end of COM files (except COMMAND.COM) that are executed. The virus creates a counter in the MBR of the hard drive and increases it on installing into the system memory. On 100th installing the virus hooks INT 9, then it depending on pressed keys writes some data to a hard drive port. The virus contains the text string:
by ShADow Al



Top Viruses Visited Pages:
Invader. - 239 visits
not-a-virus:RiskWare.Tool.RegPatch. - 72 visits
Worm.P2P.Harex. - 66 visits
not-a-virus:RemoteAdmin.Win32.RAdmin.2 - 60 visits
Small.58. - 56 visits
Coito.64 - 54 visits
I-Worm.Mapson. - 48 visits
Win16.Klon.1177 - 42 visits
Win32.Hidra - 42 visits
Marine.500 - 35 visits

Random Viruses Pages:
Small.58.
June8.191
Oxana.141
Exploit.HTML.Mh
Jolter.219
Faggot.100
Future.318
Moctezuma Famil
Macro.Word.VisuaLan
Macro.Word97.TheSecon


 

© 2006-2008 spyware32.com - Privacy Policy