Threat Encyclopedia

Selected viruses, spyware, and other threats: sorted alphabetically

Monte Carlo

This is a family of resident, parasitic EXE infectors. They are encrypted by means of the XOR with constant. The Version II has a variable decryptor. The first version is activated when the number of seconds equals thirteen. The second version is activated when the value of hours, minutes and seconds is equal. After activation colourful rectangles with the following signs appear on the screen:

* C A S I N O - Monte Carlo *
POZOR : Nevypinajte pocitac ! Data z vasho disku su teraz v RAM pamati Jedina moznost ich zachrany je pokracovat v tejto HRE (c) by ILU & QAR. Nelegalne kopirovanie tohto viru sa tresta smrtou.
(Meaning: ATTENTION: Do not turn the computer off! Data from your disk are now in the RAM memory. The only way how to save them is to continue in this GAME(c) by ILU & QAR. Illegal copying of this virus is punished by capital penalty.)

But the virus has only 9 sectors from the zero side read into memory and there are more possibilities of saving them. After a keystroke the virus asks us to bet a certain number of sectors into the game

Konto : 254 stôp Vklad : 001 stôp
(Meaning: Account: 254 sides Bet:001 side)

If you press the key F6 at this instant the virus “cleans up” and resets the computer. Without any damage being done. If you decide to play you alter your bet by means of arrows. After confirming it by ENTER the virus deals the cards. In a better case it announces:

Vyhral si: 001 stop Svindlujes
(Meaning: You won: 001 sides. You are cheating)

That means you saved the sides you had bet. By now. In the worse case the virus performs LOW LEVEL FORMAT of nine sectors on side 0 and 1 of the disk. It announces this by writing the note:

Prehral si: 001 stop Formatujem
(Meaning: You have lost: 001 sides. I am formatting)

This thrilling fun continues till you have any suitable sides left. When the game is over the virus politely gives the zero side back to its place (because it had written a part of Video-RAM there as a warranty) and resets the computer.

© 1992-2004 Eset s.r.o. All rights reserved. No part of this Encyclopedia may be reproduced, transmitted or used in any other way in any form or by any means without the prior permission.