AIDS II (computer virus)

AIDS II (computer virus)

Computer virus
Fullname = AIDS II
Common name = AIDS 2
Technical name = AIDS II.8064
Family = AIDS II
Aliases = AIDS-II, Aids.8064, AIDS_8064, AIDS_II.8064
Classification = Virus
Type = DOS
Subtype = EXE to COM companion. General nuisance.
IsolationDate = 1990
Isolation = Unknown
Origin = Unknown
Author = WOP & PGT of DutchCrack

AIDS II is a companion computer virus, which infects COM files. It was first discovered in April 1990, and is a variant of AIDS which itself is a derivative of the nVIR strain. Unlike other generic file infectors, AIDS II was the first known virus to employ what could be called a "corresponding file technique" of infection so that the original target EXE file is never changed. The virus takes advantage of the DOS feature where if a file exists in both COM and EXE form, the COM file is executed. When an "infected" file is executed, since a corresponding COM file exists, the COM file containing the viral code is executed. The virus first locates an uninfected EXE file in the current directory and creates a corresponding (or companion) COM file with the viral code. These COM files will always be 8,064 bytes in length with a file date/time of the date/time of infection. After creating the new COM file, the virus then plays a melody and displays the following message:

:"Your computer is infected with ... :`xff`x03 Aids Virus II `xff`x03 :- Signed WOP & PGT of DutchCrack -"

AIDS II then spawns to the EXE file that was attempting to be executed in the first place, and the program runs without problem. After completion of the program, control returns to the virus. The melody is played again with the following message displayed:

:"Getting used to me? :Next time, use a Condom ....."

Since the original EXE file remains unaltered, CRC programs cannot detect this virus having infected a system. One way to manually remove AIDS II is to check the disk for programs which have both a .EXE and .COM file, with the COM file having a length of 8,064 bytes. The COM files thus identified should be erased.

According to Symantec, AIDS II may play a melody and display the following string:

:"Your computer is infected with AIDS VIRUS II"

The displayed text strings do not appear in the viral code.

The AIDS II virus is not to be confused with the AIDS trojan or the AIDS virus.

External links

* [http://www.probertencyclopaedia.com/L21.HTM Computer Viruses (A)] , by Probert Encyclopedia
* [http://vil.nai.com/vil/content/v_98149.htm AIDS II virus] , by McAfee
* [http://securityresponse.symantec.com/avcenter/venc/data/aids.ii.html AIDS II] , by Symantec


Wikimedia Foundation. 2010.

Игры ⚽ Нужно сделать НИР?

Look at other dictionaries:

  • AIDS (computer virus) — Computer virus Fullname = AIDS Common name = AIDS Technical name = AIDS Family = N/A Aliases = AIDSB, AIDS II, AIDS II, AIDS92, Hahaha, Taunt Classification = Virus Type = DOS Subtype = COM to EXE infector. Corrupter. IsolationDate = circa 1990… …   Wikipedia

  • NVIR (computer virus) — Computer virus Fullname = nVIR virus family Common name = nVIR Technical name = Mac OS/nVIR virus Family = nVIR, three predominant strains: nVIR A, nVIR B, nVIR C Aliases = AIDS, Fuck, Hpat, Jude, nVIR, MEV#, MODM, nCAM, nFLU, kOOL, SHIT, prod… …   Wikipedia

  • AIDS (trojan horse) — AIDS Trojan Common name PC Cyborg Trojan Technical name Aids Info Disk/PC Cyborg Trojan Aliases AIDS!Trojan, Aidsinfo. A trojan, Aidsinfo. B trojan, Cyborg, Trj/AidsInfo. A, Trojan. AidsInfo.a, Trj/AidsInfo. B, Trojan. AidsInfo.b, Trojaids!Trojan …   Wikipedia

  • AIDS (disambiguation) — AIDS and aids and similar can mean: * For the disease Acquired Immune Deficiency Syndrome, see AIDS. * For the cues given by riders to their horses, see riding aids. * For the aviation system, see AIDS (aviation). * An acronym for Alien… …   Wikipedia

  • virus — viruslike, adj. /vuy reuhs/, n., pl. viruses. 1. an ultramicroscopic (20 to 300 nm in diameter), metabolically inert, infectious agent that replicates only within the cells of living hosts, mainly bacteria, plants, and animals: composed of an RNA …   Universalium

  • virus — 01. He got really sick after catching some kind of [virus] from a co worker. 02. They got some kind of computer [virus] which deleted all the data on their hard drive. 03. The old man came down with [viral] pneumonia, and died soon after. 04. HIV …   Grammatical examples in English

  • virus — noun 1 sth that causes disease; a disease ADJECTIVE ▪ deadly, killer, lethal ▪ nasty ▪ virulent ▪ infectious ▪ …   Collocations dictionary

  • virus — [[t]va͟ɪ͟ərəs[/t]] ♦♦♦ viruses 1) N COUNT A virus is a kind of germ that can cause disease. There are many different strains of flu virus. ...HIV, the virus believed to cause AIDS. 2) N COUNT In computer technology, a virus is a program that… …   English dictionary

  • computer — computerlike, adj. /keuhm pyooh teuhr/, n. 1. Also called processor. an electronic device designed to accept data, perform prescribed mathematical and logical operations at high speed, and display the results of these operations. Cf. analog… …   Universalium

  • AIDS — I. /eɪdz / (say aydz) noun a disease caused by a retrovirus (HIV) which destroys the body s white cells, resulting in reduced immunity and therefore a susceptibility to infections, tumours, etc. {a(cquired) i(mmune) d(eficiency) s(yndrome)} II.… …  

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”