💾 Archived View for spam.works › mirrors › textfiles › virus › avirus.txt captured on 2023-06-16 at 21:01:12.
-=-=-=-=-=-=-
THE SCA VIRUS: --------------------- The original. The one that started all this craziness. It hids in memory, attaching itself to ANY disk you boot off of.Prints the infamous "Something wonderful has happened...",etc., etc. Install all disks that have it and then reboot from a cold start or from a warm start HOLDING down the LEFT miuse button.This puts it to death. BYTE BANDIT VIRUS: --------------------- What the Byte Bandit virus does is once it's in memory, it copies itself to just above the high memory pointer on the first hunk of RAM it can find (Which means it's not always in the same place), wedges itself into the Interrupt Server chain, into the Trackdisk.device's vectors,and creates itself a Resident structure so it can hang around after reboot. It watches EVERY disk inserted, and will write itself to ANY bootable disk that is inserted! This one can spread like wildfire - every disk you insert into your external drive during a session with this Virus loaded will result in all those disks being infected. Ouch. Also, if you Install a disk while this virus is going, it will just copy itself back to the disk - which is why it has to be wiped from memory to be destroyed. The REVENGE VIRUS: ---------------------- This virus is not yet common in North America (I think Steve Tibbett is the first person here to have a copy of it), but it is apparently making the rounds in Sweden and Germany.What this virus does, is everything that the Byte Bandit virus does,PLUS, after infecting a disk, it will wait one minute after every reboot, and change your mouse pointer into an image of a certain part of the Male anatomy. 8-) I think the reason this virus is called the "Revenge" virus is because it looks specifically for the Byte Bandit and for the SCA Virus. If it finds either of these, it Rigs THAT virus so that it will CRASH the machine unless THIS virus is loaded first. Note that I might be wrong about this - that's the way it looks from the disassembly,- but be warned,in case it pops up later or something. He stays in RAM via changing the CoolCapture vector to point to his own code. He then intercepts the DoIO() call and watches for any attempts to rewrite or to read the boot block and acts accordingly.He also has an interrupt around counting VBlanks until it's time to bring up his sicko pointer. To get this virus out of memory is Simple - Hold down the Joystick button (Plug a joystick into port 2, and hold down the button while you are rebooting), and the screen will briefly turn RED during the boot, and it's out of memory. (If you hold down Joystick button AND mouse button, it will half-remove himself from RAM and turn the screen Blue). THE BYTE WARRIOR VIRUS: ------------------------- The Byte Warrior Virus is a lot like the Byte Bandit virus, except it is not designed to hurt anything - it will start an "Alarm" sound if it sees another virus (or at least I think it does - it hasn't for me), but other than that, it will write itself to any disk inserted. There is also a hidden message in it, asking us to spread it around and not to erase it. Ya, right. THE NORTH STAR AntiVIRUS: -------------------------- This virus alerts you to the presence of other viruses.I think this sort of idea is stupid because it can do just as much damage as the rest of them. THE OBELISK SOFTWARE CREW VIRUS: THE PENTAGON CIRCLE VIRUS: THE SYSTEMZ VIRUS: ---------------------------------- More of the same. THE IRQ VIRUS: ------------------------- The FIRST non boot-block virus! This one is murder! Since it does not attach itself to the boot block it is not a simple think to find. This baby attacks the FIRST executable file in your startup-sequence or,if it can't get at that file, it will attack the DIR command in your C directory! Get and read the fine writeup of this virus by S.Tibbett included with his VIRUSX utility. Anyway....the saga continues...... I highly recommend that you get a copy of Steve Tibbett's excellent utility, VIRUSX (the current version as of 9/16/89 is VIRUSX3.20 ). This fine utility detects all 16 known viruses and kills them on the disk and in RAM. The built-in sector-viewer allows you to see the virus on the disk and to also observe any unusual boot block code.