Unkempt.134

Details
Unkempt.1342

It is a very dangerous memory resident parasitic virus. It hooks INT 21h and writes itself to the end of COM files that are executed or opened. When a file is created, the virus checks the filename extension with the list:
DOC TXT PAS C H PRG TEX COB FOR MOD LIS CLA PRO DBF

and saves the file’s handle. While writing to these newly created files the virus depending on its counter replaces the random selected characters according to the strings:
szzsa?e�i�o�ugjEeAaIiUuOoyikcck1223344556677889
<>><= '":=&|!~/*+--+*/^/{ 12233445566778899104}

The odd characters are replaced with the even ones: 's' -> ‘z’, ‘<' -> ‘>’.
The virus also contains the text strings:
com
riS

Share and Enjoy:These icons link to social bookmarking sites where readers can share and discover new web pages.