Virus Name: AntiEXE @ Matarese.com

Click here to find books related to 'computer virus'.

----------------------------------------------------------------------------- WildList Notes - (c)1995 Joe Wells - c1jwells@watson.ibm - wildlist@aol.com ----------------------------------------------------------------------------- Virus Name: AntiEXE Aliases: D3, Newbug, New Bug, CMOS4 Infects: MBR on first hard drive. DOS boot sector on floppy disks. Disk Size: 1 sector. Location: MBR or boot sector. Original MBR is stored at cylinder 0, sector 13, head 0. On floppy disks the virus accurately calculates the last sector of the root directory, and places the original boot sector there. Memory Size: The virus reserves 1k of memory by decrementing the available memory word at 40:13. On a 640k system the value will be changed from 280h to 27Fh. Chkdsk will report 654336 bytes (639k) of memory free. Location: In 1k reserved at top of conventional memory. Special: The virus is full stealth. Effects: Contains code to corrupt the MZ signature in an EXE file. Trigger: Detection of a specific EXE . Messages: None, but MZ is visible in the boot sector . Bugs: [unknown] Origin: Possibly Germany. Notes: As sectors are read, a check is made for a specific EXE file header. The "MZ" portion of the 8 test bytes is visible in the boot sector at offset 30, unless the virus is resident, in which case the infected sector is stealthed. This "signature" is: 4D 5A 40 00 88 01 37 0F. No one in the av industry seem to know what EXE file this is. If found by the virus, the MZ portion of that file will be corrupted. The virus copies the original interrupt 13h vector to the vector for interrupt D3h, which it then uses. Hence the alias "D3".

This page was created Thu Aug 12 00:15:58 EDT 1999
Using Linux version 2.0.32 on an i586

Main Page @ Matarese.com The Myth of the 2600Hz Detector @ Matarese.com Acquiring Account Information @ Matarese.com

Act2! by Symantec @ Matarese.com All hacks / Annoyance @ Matarese.com

Alt 2600 Group FAQ @ Matarese.com Hacking Angelfire @ Matarese.com

Anonymous E-Mail @ Matarese.com Anonymous FTP: Frequently Asked Questions (FAQ) @ Matarese.com

Virus Name: AntiCMOS @ Matarese.com

Maintaining Access - Implementing Backdoors @ Matarese.com How to Receive Banned Newsgroups FAQ @ Matarese.com

Hacking BBS's @ Matarese.com phreaking tutorial @ Matarese.com

The Bluebox @ Matarese.com List of Common Bugs @ Matarese.com

Things that go Bump on the Internet @ Matarese.com Hacking Calling Cards @ Matarese.com

Expanding the capacity of Caller ID Boxes @ Matarese.com What is Caller-ID? @ Matarese.com

Hacking Call Back Verify @ Matarese.com CULT OF THE DEAD COW @ Matarese.com

Cellular Roaming: The New Deals @ Matarese.com CELLULAR TELEPHONE PHREAKING PHILE SERIES @ Matarese.com

Cracking Unix passwords @ Matarese.com Hacking Webpages @ Matarese.com

The Matarese Circle @ Matarese.com Cisco Password Cracking Script @ Matarese.com

Customer Name and Address @ Matarese.com Cops and Robbers | UNIX Security @ Matarese.com

Cracking NT Passwords @ Matarese.com Odins cracking/coding and PPE resources @ Matarese.com

Credit Carding Part I @ Matarese.com How do I defeat Copy Protection? @ Matarese.com

What are the DTMF frequencies? @ Matarese.com Exploits FAQ @ Matarese.com

Making Free Calls @ Matarese.com FTP Bouncing @ Matarese.com

Hackers Encyclopedia @ Matarese.com The Conscience of a Hacker / Hacker Manifesto @ Matarese.com

Hacking from Windows9x FTP @ Matarese.com Hacking Tripod @ Matarese.com

Hacking Web Pages @ Matarese.com How to crack a UNIX password file. @ Matarese.com

Hacking Servers : A Begginners Guide @ Matarese.com TIPS FOR TRACKING HACKERS @ Matarese.com

Hacking Tutorial @ Matarese.com Hacking UNIX @ Matarese.com

How to Hack the WWWboard Message Board 2.0 @ Matarese.com Hackers Handbook @ Matarese.com

Guide to Harmless-Hacking @ Matarese.com All about security holes @ Matarese.com

Hacking Hotmail @ Matarese.com How to crack by +ORC complete tutorial in one file (BIG!) @ Matarese.com

]How to Hack from from Harlequin and Archangel @ Matarese.com Improve security by breaking into your site @ Matarese.com

Ch1can0 BEOWULF @ Matarese.com Internet Security @ Matarese.com

Bugs and Backdoors in IRC clients, scripts and bots @ Matarese.com IRC Hacking @ Matarese.com

FAQ for Trading For FileZ in IRC @ Matarese.com Creating a Xdcc offer bot for irc @ Matarese.com

Integrated Systems Digital Network @ Matarese.com Everything you should know about computer viruses @ Matarese.com

Lan Technology Scorecard @ Matarese.com Local Area Signalling Services (LASS) and Custom Calling Feature Control Codes @ Matarese.com

Harmless Hacking - Linux @ Matarese.com INDEX @ Matarese.com

Loops wanted! @ Matarese.com Mail Spoofing Explained @ Matarese.com

Microsoft IIS Vulnerability @ Matarese.com Microsoft(Yuk) Index Server exposes IDs and Passwords @ Matarese.com

Intresting Microsoft Access 7.0 Trick @ Matarese.com MS Money 2.0 Back Door @ Matarese.com

Mind Your Own Business (MYOB) @ Matarese.com Nameserver listing! @ Matarese.com

Newbies handbook / HOW TO BEGIN IN THE WORLD OF H/P @ Matarese.com Bugs in Windows NT (Too many to list here completely...) @ Matarese.com

This Hack is for the OptiChat Original Chat Room @ Matarese.com Internet Outdials @ Matarese.com

Pager Frequencies @ Matarese.com Password Recovery Techniques @ Matarese.com

How to Steal Local Calls from Most Payphones @ Matarese.com PBX's (Private Branch Exchanges) and WATS @ Matarese.com

Cryptography / PGP @ Matarese.com The PHF bug @ Matarese.com

Introduction to the Internet Protocols @ Matarese.com Analysis of QueSO Performance @ Matarese.com

Finger - ATTACKING FROM THE OUTSIDE @ Matarese.com The PPP protocol (Point-to-Point Protocol) @ Matarese.com

Scam news / Hacking / Phreaking / Anarchy / Virii @ Matarese.com Hacking your school computers @ Matarese.com

L0pht Security Advisory - Sendmail 8.7.5 @ Matarese.com Sniffer FAQ V 1.7 @ Matarese.com

THE COMPLETE SOCIAL ENGINEERING FAQ! @ Matarese.com Socket Services @ Matarese.com

Softice Manual @ Matarese.com Softice Manual 2 @ Matarese.com

Softice Manual 3 @ Matarese.com Softice Manual 4 @ Matarese.com

Softice Manual 5 @ Matarese.com SSPING/JOLT patches @ Matarese.com

THE ULTIMATE BEGINNER'S GUIDE TO HACKING AND PHREAKING @ Matarese.com @ Matarese.com

@ Matarese.com TCP/IP Services (Phrack Stuff) @ Matarese.com

Telenet The Secret Exposed @ Matarese.com WORKING OUT-TELNETS @ Matarese.com

Covering your tracks, Theory @ Matarese.com How to defeat the Tripod Advertisement on your webpage. @ Matarese.com

BT Basics @ Matarese.com BT Phreaking @ Matarese.com

The Psychotic Internet Services' Unix Bible @ Matarese.com The Psychotic Internet Services' Unix Bible @ Matarese.com

UNIX FAQ @ Matarese.com Gibe's UNIX COMMAND Bible @ Matarese.com

How to become a Unix Hacker @ Matarese.com Cracking that Passwd File @ Matarese.com

Hacking Commands, and Some Hints On Their Usage @ Matarese.com How do I post to a moderated newsgroup? @ Matarese.com

Virii 101 @ Matarese.com What You Should Know About Computer Viruses @ Matarese.com

How can I protect myself from viruses and such? @ Matarese.com What is a trojan/worm/virus/logic bomb? @ Matarese.com

VMS Info (Password Cracking) @ Matarese.com Bug in Windows for Workgroups, Win95 beta @ Matarese.com

HACKING THE WAL-MART ARMORGUARD COMPUTER PROTECTION SYSTEM @ Matarese.com Using web proxies to disguise your IP address @ Matarese.com

Dig up hidden CD Keys @ Matarese.com X-Windows Security @ Matarese.com

A Known Plaintext Attack on the PKZIP Stream Cipher @ Matarese.com

Copyright (C) 1999 - Matarese.com