QMU

Virus Name: QMU

Other names: None

Virus Type: Multi-partite Virus

Virus Length:.COM 1513 bytes.

Executing Procedure:
1) The virus checks if it is memory resident. If it isn't, it loads itself into memory by hooking INT 21h.
2) It then executes the original file.
3) Once in resident memory it will infect any uninfected file that is executed.

Damage: Hard disk cannot be booted after the virus internal counter reaches 100.

Detecting Method: Increases infected file size by 1513 bytes.

Note: Loads itself resident in memory. An error message occurs if there is an I/O error (such as write protect).


Quicky

Virus Status:

Origin :

Eff Length : 1376 bytes

Type Code : Polymorphic Virus

Symptoms :

Increase of 1376 bytes in size of EXE files and decrease of 1760 bytes in the available memory.

General Comments:

Quicky will infect all EXE files that are executed, opened or copied. Infected files will have an increase of 1376 bytes in their sizes. It is also Memory Resident which resides in the MCB Chain.

On first infection, it will decrypt 1275 bytes of its code and then will allocate 1760 bytes. It will also hook INT 13 and 21. After doing this, it will run the host program and after executing it, it will Terminate and Stay Resident in the MCB Chain.

This virus may interfere with some anti-virus programs as it alsocontains text string pertaining to some anti-virus overlay files.

This text is found in the virus code:

"Quicky"