SYLVIA VIRUS

 


             *********************************************

             ***   Reports collected and collated by   ***

             ***            PC-Virus Index             ***

             ***      with full acknowledgements       ***

             ***            to the authors             ***

             *********************************************



  SYLVIA VIRUS

  ============


  Sylvia contains a message, not displayed:


  "This program is infected by a HARMLESS Text-Virus V2.1


         Send a FUNNY postcard to : Sylvia Verkade,

                                    Duinzoom 36b,

                                    3235 CD Rockanje

                                    The Netherlands.


         You might get an ANTIVIRUS program....."


  The message is checksummed and, if altered, a rude message is then

  displayed to the effect:


                          "F*** you, Lamer"

 

                   ************* MORE ***************


======= Computer Virus Catalog 1.2: "Sylvia 2.1" (5-June-1990) ======


Entry...............: Sylvia V2.1

Alias(es)...........: Holland Girl Virus

Virus Strain........: Sylvia

Classification......: File Virus (Not RAM-resident), infects COM-files

Length of Virus.....: 1332 bytes


-------------------- Preconditions -----------------------------------

Operating System(s).: PCDOS/MSDOS

Version/Release.....: 2.xx upward

Computer model(s)...: IBM-PC, XT, AT and compatibles


-------------------- Attributes --------------------------------------


Easy Identification.: Typical texts in Virus body (readable with

                      Hexdump-facilities) :

                           1. "39 38 39 38 4F 45 4F 52 61 59

                               1E 56 5D 5A 52 61 62" (encoded text)

                           2. 'Text-Virus V2.1'

                           3. 'Sylvia Verkade'


Type of infection...: The virus infects only COM-files with less

                      than 30 KB; it does not infect COMMAND.COM,

                      IBMBIO.COM, IBMDOS.COM.

                      1301 bytes of the virus-code are written

                      in front of and 31 bytes are written behind

                      the original code; files are only infected once,

                      because the virus checks the existence of its

                      signature (808h) at the beginning of the file.


Infection Trigger...: When an infected file is started, the virus

                      tries to infect 5 COM-files on default drive.


Interrupts hooked...: INT24h


Damage..............: The virus displays the following message :

                      "FUCK YOU LAMER !!!! (CRLF)  system halted..."

                      and stops system by jumping into an endless

                      loop.  The message is encoded in the program.

                      In this version (V2.1), the message typical for

                      original Sylvia virus ("This program is infected

                      by a HARMLESS ...  ") is NOT displayed.


Damage Trigger......: After being activated, the virus checks itself

                      by creating a check-sum of the first 144 words.

                      When the check-sum is incorrect (# 46A3h) the

                      damaging part of the virus is activated.


-------------------- Agents ------------------------------------------


Countermeasures.....: The virus will be detected by :

                             VIRSUCH 2.15 (D. Hoppenrath)

                             F-FCHK 1.08  (F. Skulason)

                             SCAN 2.3 & 3.1 (McAfee)


Countermeasures successful:  F-FCHK 1.08 successful disinfects

                              programs


------------------- Acknowledgement ---------------------------------


Location............: Virus Test Center, University Hamburg, FRG

Classification by...: Jrg Steindecker

Documentation by....: Jrg Steindecker

Date................: 5-June-1990



==================== End of Sylvia V2.1 Virus ========================



  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

  ++++++++++++++++++++++++++ end of reports ++++++++++++++++++++++++

  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Comments

Post a Comment

Popular posts from this blog

BOTTOM LIVE script

                                  BOTTOM                                   ======                     by Adrian Edmondson and Rik Mayall                                 Bottom Live                                 ===========                               Richie  Rik Mayall                                Eddie  Adrian Edmondson Introduction ------------ [Opening shot of theatre, with huge pictures of Richie and Eddie. Caption: "Live fro...
Read more

Evidence supporting quantum information processing in animals

              Evidence supporting quantum            information processing in animals                    James A. Donald                    1068 Fulton Av                    Sunnyvale, CA 94089-1505                    USA I show that quantum systems can rapidly solve some problems for which finite state machines require a non- polynomially large time. This class of problems is closely related to the class of problems that animals can solve rapidly and effortlessly, but are intractable for computers by all known algorithms. 1. Introduction      Animals, including very simple animals, can rapidly and effortlessly perceive objects, whereas computers take nonpolynomial time to do this by all...
Read more

ARMIES OF CHAOS

                          ARMIES OF CHAOS -      Before anyone proposes more gun control, he or she should know  about a simple, deadly weapon 4 times as powerful as Dirty Harry's  legendary .44 Magnum -- and at least twice as concealable -- that  _can't_ controlled.        This simple, deadly weapon can be made by anyone -- even a  child -- with unpowered hand tools in an hour's time using $5 worth  of materials, most of which are available around the house anyway.   In traditional form it's reusable an unlimited number of times, and  modern plastics have rendered its disposable version electronically  undetectable.  You can clear a room with such a weapon (more of a  hand-held directional grenade than a gun -- sort of a recycleable  Claymore mine) and it's just one of hundreds of similar time-proven  designs. ...
Read more