Details
Dotter.3961

It is not a dangerous memory resident encrypted parasitic virus. It hooks INT 21h and writes itself to the end of EXE files that are executed. While infecting a file the virus creates temporary file NCTEMP.TMP. Depending of system date the virus displays one of messages in Russian (total - about 3K of messages).

Details
Dot.944

This is a dangerous non memory-resident virus which analyses the ENVIRONMENT block, looks there for the string “COMSPEC=” and infects COMMAND.COM (or its substitutor) via this string. After that the virus writes itself into .COM-files of the current directory by standard way. The virus intercepts INT 16h (keyboard) and depending on symbols entered from the keyboard, launches on the 25th screen line, from the right to the left and backward the symbol of a funny face (ASCII 1). The movement of the “face” is accompanied by a buzzing sound. The virus fairly rudely treats INT 16h, might hang up the system, removes the “read-only” attributes, sets file time to 62 sec.

Details
Dosver.2062

It’s a harmless memory resident parasitic virus. It hooks INT 21h and writes itself to the end of COM- and EXE-files that are executed. On installation this virus checks the DOS version and in case of its number the virus sets the INT 20h, 21h, 25h, 26h, 27h to their original address in the DOS kernel.

Details
Doshunter.483

This is a very dangerous memory resident parasitic COM-infector. It hooks INT 21h, and writes itself to the file beginning upon execution. On June 26th, it erases the disk C: FAT sectors then it types “DOSHUNTER I ACTIVE. (C) ACORN.” and hangs the computer.

Details
Dos7.342

These are harmless not memory resident parasitic viruses, they search for .COM-files and write themselves to their beginnings. They contain the internal text message: “is infected!oy, are you ever dumb! MSDOS 7 (C)1993 ANARKICK SYSTEMS DOS 6 Antivirus sucks. It missed this one!”.

Details
DOS32.Daber.728

It is DOS32 parasitic virus. It looks for DOS32 EXE files that are compiled with “Adam Seychell” DOS32 extender and infects them.
The virus looks for these files in current directory, as well as looks for two more files: C:\DOS\DLINK.EXE and C:\DOS32\DLINK.EXE
While infecting the virus parses format of that DOS32 extender header, modifies it and writes virus code to the end of the file. As a result when infected file is run virus code gets control. The virus then infects more files and returns control to the host program.
The virus does not manifest itself in any way.
The virus contains the text string:
DOS32 Succubus
Dark Fiber [NuKE]

Details
DoS.Win32.DieWar

This program is a realized DoS attack on one of the more popular ftp-servers for Windows 95/98/NT - War-FTPD v1.70. It makes many connections to an ftp-server resulting in a denial of service. This program also can disturb the operation of other ftp’s in a Unix system - wu-ftpd, proftpd, ftpd-BSD.

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA06-270A

Microsoft Internet Explorer WebViewFolderIcon ActiveX Vulnerability

Original release date: September 27, 2006
Last revised: –
Source: US-CERT

Systems Affected

* Microsoft Windows
* Microsoft Internet Explorer

Overview

The Microsoft Windows WebViewFolderIcon ActiveX control contains an
…

Read more at checksum.org…

Details
Dos.184.a

It’s a harmless not memory resident parasitic virus. It searches for .COM-files and writes itself to their ends. On infection it uses FCB file access. It contains the internal text string: “DOS-1″.

Details
Doperland.490

It is not a dangerous memory resident parasitic virus. It copies itself into Interrupt Vectors Table, hooks INT 21h and writes itself to the end of COM-files that are executed. While terminating of the files the virus hits the C:\COMMAND.COM file. On December, 25th the virus displays the message:
Happy Birthday Doperland!!!

The virus also contains the text strings:
c:\command.com
Trif

Details
Doomsday.715

These are not memory resident dangerous encrypted parasitic viruses which search for a .COM-files of a current directory and infect them by a standard manner. They contain the texts:
\*.com
A scion to none
Certainly no fun
Total destruction when done
Introducing DOOMSDAY ONE
Written in Orlando, FL on 05/13/91

Sometimes they encrypt the contents of the logical sectors of the current disk and type:
Your disk is dead!
Long live DOOMSDAY 1.0

Details
DoomMbr.406

It is not a dangerous memory resident multipartite virus. It contains the text: “DOOM”. It infects the MBR of the hard drive, boot sector on floppy disks, COM and EXE files. When an infected file is executed the virus infects the MBR of the hard drive and returns to the host program. While loading from infected disk the virus hooks INT 13h, waits for DOS loading process and hooks INT 21h. The virus then overwrites boot sector on floppy disks that are accessed. It also writes itself to the end of COM and EXE files when data&time stamp for these files is set (while copying to new files, for example).

Details
Doom.442

This is a very dangerous memory-resident encrypted parasitic virus. It hooks INT 21, and INT 08h or 1Ch. It writes itself to the end of COM and EXE files. It erases random sectors of the hard disk. Periodically the virus reboots the computer. It also contains the following texts:
\COMMAND.COM
DOOM II (c) Dr.Jones, NCUall

Details
Donbass.803

This is a harmless memory resident parasitic virus. It hooks INT 21h and writes itself to the end of EXE files that are accessed. The virus contains the text strings:
(c) Black Jack 97, Ver 1.0
+——————————+
| (c) Black Jack 97, Ver 1.0 |
| +à-?”Ç– - L–?ái |
+——————————+

Details
Donbass.444

This is a harmless non memory-resident encrypted parasitic virus. It searches for the COMMAND.COM file, then for COM files of the current directory, then writes itself to the end of the file. The virus contains the text string:
Donbass3 COMSPEC= *.COM