| Description:
|
Details
Bolero.1000
These are very dangerous memory resident encrypted parasitic viruses. They hook INT 21h and write themselves to the end of .COM files (except COMMAND.COM) that are executed, opened or accessed with FindFirst/Next DOS functions. The viruses have bugs, and may corrupt the files while infecting them, and infect data files.
The viruses also hook Write DOS function, and depending on the system timer corrupt the files that are saved on disk. The viruses overwrite them with the strings:
"Bolero.1000.a": RAVEL - BOLERO.
"Bolero.1000.b": HANDEL - Carmelite Vesperes.
"Bolero.1254": Divide Overflow
"Bolero.1300": divide overflow
"Bolero.1470": Divide Overflow
Being executed "Bolero.1300" also infects C:DOSFORMAT.COM. When any of the CHKDSK.EXE, SCANDISK.EXE, NDD.EXE programs are executing, this virus does not perform any action with the files. |
