Cascade.149 Viruses Definition - Viruses Spywares, Adwares, Viruses Reviews and Info

Main Menu

Categories

Adware
Adware Bundler
AOL Exploit
Backdoor
Browser Hijacker
Browser Plug-in
Commercial Key Logger
Commercial Remote Control
Cookie
Dialer
E-Mail Flooder
Hostile ActiveX Control
ICQ Exploit
Joke Program
Key Logger
Loader
Low Risk Adware
Misc
Nuker
P2P
Password Hijacker
Potential Privacy Risk
Potentially Dangerous Tools
RAT
Search Hijacker
Security Disabler
Spyware
Stealth Notifier
Surveillance
Toolbar
Trojan
Trojan Downloader
Trojan FTP
Trojan Telnet
Viruses
Worm

Cascade.149 Viruses Information

Name:	Cascade.149
Category:	Viruses
Description:	Details Cascade.1491 This is a memory resident virus. Its body except for the beginning (first 32 bytes) is encoded. As a key the length of the infected file is used. That is why two strains of the same virus in most cases will coincide only in the first 32 bytes. As an infected program is executed, the control of the JMP command is transferred to the beginning of the virus. By first commands the virus determines the length of the source file and deciphers its body. On creating its memory-resident copy the virus: copies its body into the highest addresses of the memory; moves the body of the main program into the highest addresses of the memory; moves the virus body into cleared area above the main program body; sets INT 1Ch, 21h, 28h to its own copy. � all � � ... � � ... � � ... � +---------� +---------� +---------� +---------� �Program � �Program �--+ �Free � +-->�Virus � � � � � � �memory � � � � � � � � � +---------� � +---------� +---------� +---------� +-->�Program � � �Program � �Virus �--+ �Virus � � � � � � � � � � � � � � � � +---------� � +---------� +---------� � +---------� � ... � +-->�Virus � �Virus �--+ � ... � �(copy) � � � +---------� +---------� � ... � � ... � The virus affects only COM files as it's loaded into the memory for execution. Infection is carried out by standard method. Most widely spread versions of this virus does not reinfect files. The virus changes interrupt vectors 1Ch, 21h and 28h. It also produces a specific video-effect: crumbling down of letters on the screen; does not have destructive functions. Sometimes it displays the message: IL SISTEMA � FOTTUTO!! S.E.K. VIRUS Made in ITALY RM 5iD G.Ferraris 90/91 (c) Then it erases the disk sectors. It also deletes CHKLIST.CPS file.

Top Viruses Visited Pages:

Invader. - 239 visits
not-a-virus:RiskWare.Tool.RegPatch. - 73 visits
Worm.P2P.Harex. - 66 visits
not-a-virus:RemoteAdmin.Win32.RAdmin.2 - 60 visits
Small.58. - 56 visits
Coito.64 - 54 visits
I-Worm.Mapson. - 48 visits
Win32.Hidra - 43 visits
Win16.Klon.1177 - 42 visits
Marine.500 - 35 visits

Random Viruses Pages:

I-Worm.Mydoom.
Mrvirus.50
ABC.237
Kommuna.80
TurboBasi
Yafo.32
Vis Famil
SPE.CyberWarrior.5300.
Predator.119
LR.288

� 2006-2008 spyware32.com - Privacy Policy