Home / malwarePDF  


First posted on 08 December 2019.
Source: Microsoft

Aliases :

Virus:DOS/Sigru is also known as Grub, Virus.Boot.Nowrite.

Explanation :


This boot sector virus infects the master boot record (MBR) on hard disks and the DOS boot sector on floppy disks.

It uses stealth to hide traces of infection.

This virus is unlikely to run in operating systems later than Windows XP.

Spreads through

File infection

The virus copies itself to any floppy disks inserted into an infected PC. The virus then spreads to any other PC where the infected floppy disk is inserted.

We have seen it use stealth to hide its presence on your PC.


Corrupts files

This virus targets the "BIOS interrupt service". This can cause your files to become unstable.

It will also change "write" operations to "read" on the 31st day of each month.

Analysis by Vladimir Zubko

Last update 08 December 2019