Welcome to the Virus Encyclopedia of Panda Security.
|Alias:||Fono, Win95/Inca, W95/Fono, W95/Inca.Boot, W95/Inca.Trojan|
|Effects: ||It infects Windows PE files and the boot sector of 1.4 MB floppy disks.
|Detection updated on:||Dec. 9, 1998|
|Yes, using TruPrevent Technologies
|Country of origin:||BRAZIL|
Inca is a polymorphic virus that goes memory resident. This virus uses executable files and the boot sector of floppy disks to spread and is considered to be a multipartite virus.
This virus has been designed to work under the operating system Windows 95. It installs itself in the form of a VxD driver. This driver is loaded in memory when Windows is started up. Then, it stays memory resident and carries out its infections.
Infection affects both Windows executable files (in PE format) and the boot sector of 1.4 MB floppy disks.
Similarly, it inserts programs with a COM extension (although it might well use files with an EXE extension). These files act as droppers and can be found within different types of compressed files (ARJ, ZIP, LHA or RAR).
If the MIRC32 program is used for IRC communications, the virus can send itself to other users of the same chat channel, without these users realizing.
Inca is difficult to recognize, as it does not display any warnings or messages that indicate that it has infected a computer.