Copy Link
Add to Bookmark
Report

CHAPTER 1: THIS WEEK'S VIRUS ALERT

(Dark Avenger in Disguise and biting hard!)

eZine's profile picture
Published in 
the virus informer
 · 2 years ago

FACT: Did you know that there are over 586 Unique viruses and over 1300 total viruses including strains?

Thank you ...

Thank you for waiting for this new version of THE VIRUS INFORMER. Some of you might know that my wife and I had our first child, a big boy, and I took time off from the newsletter to be with my new family member.

THE DARK AVENGER is becoming quite popular these days among computer virus watchers and anti-virus programmers. What has made this virus, which interestingly enough is among the older computer viruses discovered way back in 1989, a BIG worry among those in the virus industry?

For starters, the Dark Avenger has recently evolved into what is commonly known today as the 'Dark Avenger Mutation Engine.' Similar as to what it sounds, this ENGINE is a new kind of computer virus and a threat, indeed.

This MUTATING ENGINE can be used by virtually anyone to create a mutating virus, or what some call a polymorphic virus. Unfortunately to the good name of BBSes, this Engine, or program, was discovered and distributed via BBSes. Anyone can get their hands on it.

In addition, this virus uses some fancy encryption procedures that make it very difficult to even detect. Believe it or not, and as this engine is readily available, conventional viruses are turning up at a rate of 10 to 20 new viruses per week. According to Steve Gibson in a recent issue of INFOWORLD, "the sophistication of the Mutation Engine is amazing and even staggering."

HISTORY OF DARK AVENGER: Discoverd first in the U.S. in 1989 by UC Davis, the Dark Avenger had it origin seated back in Bulgaria. It has many alias names such as: Black Avenger, Boroda, Eddie, Diana, Rabid Avenger, VAN Soft, Dark Avenger 1801, Evil Men, PS!K0, and Dark Avenger-C.

Dark Avenger is not a Mr. Nice Guy in any sense of the word. It is a viscious and damaging computer virus. It infects quickly one's .COM and .EXE type files including overlay files and your Command.com file.

This virus even becomes memory resident and will install itself into your system memory becoming memory resident even after you turn your power off. And as you might already know, many of your DOS files have the etension of .EXE and .COM. So using your DOS COPY command or XCOPY would greatly spread this virus around quickly.

Once your file(s) is infected by the Dark Avenger virus, it will randomly overwrite a sector on your disk with a portion of this virus code poisoning your files. And if the randomly chosen sector is a portion of one of your programs, forget it! Programs and data files once infected by a sector being overwritten are permanently damaged and cannot be repaired since the original sector has now been lost.

HOW TO KNOW YOU'VE GOT IT? Generally once infected many of your files will increase in size by lengths of an additional 1800 bytes. Also, messages such as, "The Dark Avenger, copyright 1988, 1989," as well as "This program was written in the city of Sofia. Eddie lives ... somewhere in Time!" Crazy!

If your computer and files do become infected with this virus, power off your system and then reboot with a CLEAN WRITE PROTECTED boot diskette, usually your original DOS disk as it's write protected. Following, carefully use a disinfector like McAfee's CLEAN program. Make sure to re-scan all files again and floppies. Stick a big RED STICKER on those floppies that are clean and have been checked out okay.


WANT TO KNOW IF ANTIVIRUS SOFTWARE CAN ACTUALLY DETECT THIS VIRUS?

Read chapter 4 of this issue of THE VIRUS INFORMER for an informative look into this virus written by William S. McKiernan, Vice President of McAfee Associates--world leaders in antivirus protection.

- end -

next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT