| Alias: | --- |
| Strain: | --- |
| detected when: | August 1990 |
| where: | New York |
| Classification: | File infector (Desktop only) |
| Length: | Resource fork extension: 510 bytes |
Preconditions | |
| Operating System(s): | MacOS proprietary |
| Version/Release: | All |
| Computer model(s): | Apple Macintosh: all models |
| Caroname: | CDEF |
Attributes | |
| Easy identification: | Additional CDEF 1 resource in Desktop file; Desktop shouldn't have one. |
Type of Infection: | Desktop files only |
| Infection Technique: | Desktop File: CDEF 1 1836 Bytes |
| Infection Trigger: | Executing an infected Desktop file |
| Storage Media affected: | |
| Interrupts hooked: | --- |
| Stealth: | |
| Tunneling/Selfprot: | |
| Oligo/Polymorphism: | |
| Encoding Method: | |
| Damage: | --- |
| Damage Trigger: | --- |
| Particularities: | --- |
| Similarities: | WDEF |
Agents | |
| Countermeasures: | 1. Use a commercial anti-viral product or public domain utility such as Virus Detective, VirusRx, Interferon or Disinfectant (can't remove it) to scan for CDEFs signature. 2. Use protection INIT called Eradicat'Em that prevents CDEF (and WDEF) infection. |
| Standard means: | |
Acknowledgements | |
| Location: | Virus Test Center, University Hamburg, Germany |
| Classification by: | Ronald Greinke |
| Documentation by: | Ronald Greinke |
| Date: | 15-July-1991 |
| Information Source: | --- |
(c) 1996 Virus-Test-Center, University of Hamburg