Virus Name: 981 Virus Type: Highest Memory Resident, File Infector Virus (infects .COM and .EXE files) Virus Length: 981 bytes (COM), about 1010 bytes (EXE) PC Vectors Hooked: INT 21h (AX=4B00h) (execute program), INT 24h Infecting Procedure:
1) The virus checks the DOS version. If it is earlier than 3.0, the message: " This program requires MS-DOS 3.0 or later " appears.
2) The virus checks to see whether it is already loaded resident in memory. If it isn't, it loads itself into resident memory (highest memory) by hooking INT 21h.
2) It then executes the original file.
3) Now loaded into resident memor, it will infect any uninfected file that is executed. Damage: None. Detection Method: Infected .COM file size increases by 981 bytes, .EXE file size increases by 1010 bytes. Note: The 981 virus hooks INT 24h when infecting files. It omits I/O errors (such as write protect).