textfiles/virus/mcaffvirus.txt

            VIRUS CHARACTERISTICS LIST  V56
                                 Copyright 1989, McAfee Associates
                                                 408 988 3832

	The following list outlines the critical characteristics of the known
IBM PC and compatible viruses.  

==========================================================================

Infects Fixed Disk Partition Table-------------------+
Infects Fixed Disk Boot Sector---------------------+ |
Infects Floppy Diskette Boot --------------------+ | |
Infects Overlay Files--------------------------+ | | |
Infects EXE Files----------------------------+ | | | |
Infects COM files--------------------------+ | | | | |
Infects COMMAND.COM----------------------+ | | | | | |
Virus Remains Resident-----------------+ | | | | | | |
Virus Uses Self-Encryption-----------+ | | | | | | | |
                                     | | | | | | | | |
                                     | | | | | | | | |  Increase in
                                     | | | | | | | | |   Infected
                                     | | | | | | | | |   Program's
                                     | | | | | | | | |     Size
                                     | | | | | | | | |      |
                                     | | | | | | | | |      |
Virus               Disinfector      V V V V V V V V V      V        Damage
-----------------------------------------------------------------------------
Taiwan                 CleanUp       . . . x . . . . .     708       p
Chaos                  MDISK         . x . . . . x x .     N/A       B,O,D,F  
Virus-90               CleanUp       . x . x . . . . .     857       P
Oropax                 CleanUp       . x . x . . . . .    2773       P,O
4096                   CleanUp       . x x x x x . . .    4096       D,O,P,L
Devil's Dance          CleanUp       . x . x . . . . .     941       D,O,P,L
Amstrad                CleanUp       . . . x . . . . .     847       P
Payday                 CleanUp       . x . x x x . . .    1808       P
Datacrime II-B         CleanUp       x . x x x . . . .    1917       P,F
Sylvia/Holland         CleanUp       . x . x . . . . .    1332       p     
Do-Nothing             CleanUp       . . . x . . . . .     608       p 
Sunday                 CleanUp       . x . x x x . . .    1636       O,P
Lisbon                 CleanUp       . . . x . . . . .     648       P
Typo/Fumble            CleanUp       . x . x . . . . .     867       O,P
Dbase                  CleanUp       . x . x . . . . .    1864       D,O,P 
Ghost Boot Version     MDISK         . x . . . . x x .     N/A       B,O
Ghost COM Version      CleanUp       . . . x . . . . .    2351       B,P 
New Jerusalem          CleanUp       . x . x x x . . .    1808       O,P
Alabama                CleanUp       . x . . x . . . .    1560       O,P,L 
Yankee Doodle          CleanUp       . x . x x . . . .    2885       O,P 
2930                   CleanUp       . x . x x . . . .    2930       P
Ashar                  CleanUp       . x . . . . x . .     N/A       B
AIDS                   CleanUp       . . . x . . . . .    Overwrites Program 
Disk Killer            CleanUp       . x . . . . x x .     N/A     B,O,P,D,F
1536/Zero Bug          CleanUp       . x . x . . . . .    1536       O,P
MIX1                   CleanUp       . x . . x . . . .    1618       O,P
Dark Avenger           CleanUp       . x x x x x . . .    1800       O,P,L
3551/Syslock           CleanUp       x . . x x . . . .    3551       P,D   
VACSINA                CleanUp       . x . x x x . . .    1206       O,P
Ohio                   MDISK         . x . . . . x . .     N/A       B
Typo (Boot Virus)      MDISK         . x . . . . x x .     N/A       O,B
Swap/Israeli Boot      MDISK         . x . . . . x . .     N/A       B 
1514/Datacrime II      CleanUp       x . . x x . . . .    1514       P,F
Icelandic II           CleanUp       . x . . x . . . .     661       O,P
Pentagon               MDISK         . . . . . . x . .     N/A       B
3066/Traceback         M-3066        . x . x x . . . .    3066       P
1168/Datacrime-B       CleanUp       x . . x . . . . .    1168       P,F
Icelandic              CleanUp       . x . . x . . . .     642       O,P
Saratoga               CleanUp       . x . . x . . . .     632       O,P
405                    CleanUp       . . . x . . . . .    Overwrites Program
1704 Format            CleanUp       x x . x . . . . .    1704       O,P,F
Fu Manchu              CleanUp       . x . x x x . . .    2086       O,P
1280/Datacrime         CleanUp       x . . x . . . . .    1280       P,F
1701/Cascade           CleanUp       x x . x . . . . .    1701       O,P
1704/CASCADE-B         CleanUp       x x . x . . . . .    1704       O,P
Stoned/Marijuana       CleanUp       . x . . . . x . x     N/A       O,B,L
1704/CASCADE           CleanUp       x x . x . . . . .    1704       O,P
Ping Pong-B            CleanUp       . x . . . . x x .     N/A       O,B
Den Zuk                MDISK         . x . . . . x . .     N/A       O,B
Ping Pong              CleanUp       . x . . . . x . .     N/A       O,B
Vienna-B               CleanUp       . . . x . . . . .     648       P
Lehigh                 CleanUp       . x x . . . . . .  Overwrites   P,F 
Vienna/648             M-VIENNA      . . . x . . . . .     648       P
Jerusalem-B            CleanUp       . x . x x x . . .    1808       O,P
Yale/Alameda           CleanUp       . x . . . . x . .     N/A       B
Friday 13th COM        CleanUp       . . . x . . . . .     512       P
Jerusalem              CleanUp       . x . x x x . . .    1808       O,P
SURIV03                CleanUp       . x . x x x . . .               O,P   
SURIV02                CleanUp       . x . . x . . . .    1488       O,P
SURIV01                CleanUp       . x . x . . . . .     897       O,P
Pakistani Brain        CleanUp       . x . . . . x . .     N/A       B


Legend:

Damage Fields -	B - Corrupts or overwrites Boot Sector
				O - Affects system run-time operation
				P - Corrupts program or overlay files
				D - Corrupts data files
				F - Formats or erases all/part of disk
				L - Directly or indirectly corrupts file linkage

Size Increase -	The length, in bytes, by which an infected
               	program or overlay file will increase

Characteristics - x - Yes
                  . - No

Disinfectors -	SCAN/D 	 - VIRUSCAN with /D option
             	SCAN/D/A	 - VIRUSCAN with /D and /A options
             	MDISK/P	 - MDISK with "P" option
              	All Others - The name of disinfecting program
           Note:
                  The SCAN /D option will overwrite and then delete the
                  entire infected program.  The program must then be
                  replaced from the original program diskette.  If you wish
                  to try and recover an infected program, then use the
                  named disinfector if available.
[3] Tfiles: (1-8,?,Q) :