caesa
Webroot Antivirus: The best protection against viruses, spyware data theft and hackers.
Description:
Details
Caesar
This is a harmless, non-memory resident encrypted parasitic DOS virus. It infects DOS EXE files and creates its "dropper" in the C:\WINDOWS directory.
When an infected file is run, the virus creates the infected CAESAR.EXE file (virus dropper) in the C:\WINDOWS directory and overwrites the WINSTART.BAT file with an instruction that will run the virus dropper. As a result, virus dropper is activated each time Windows is started up. The virus then returns control to the host program and does not infect any other files.
When the virus dropper takes control, it searches for *.EXE files on all drives and infects them. While infecting, it writes itself to the end of the file. The virus checks file names and avoids infecting the following files:
AN*, AD*, DR*, PR*, NC*, WI*
Because of its method of infection, the virus is functional only when Windows is installed exactly in the C:\WINDOWS directory.
Copyright @2006 caesa