"Form" Virus

 


             *********************************************

             ***   Reports collected and collated by   ***

             ***            PC-Virus Index             ***

             ***      with full acknowledgements       ***

             ***            to the authors             ***

             *********************************************


 

======= Computer Virus Catalog 1.2: "Form" Virus (5-June-1990) =======


Entry.................. "Form" Virus

Alias(es).............. ---

Strain................. ---

Detected: when......... February 1990

          where........ Zuerich, Switzerland (reported to be very

                        widely spread amongst the Swiss schools in

                        canton Zug)


Classification.........  Boot sector virus Length of Virus........

                         Exactly 03F9h bytes (approx.  2 sectors)


------------------------ Preconditions---------------------------------


Operating System(s).... MS-DOS

Version/Release........ Any

Computer models........ IBM-PS and compatibles


-------------------------- Attributes----------------------------------


Easy identification.... The boot sector will contain the following

                        text (amongst others): "The FORM-Virus sends

                        greetings to everyone who's read this text.".

                        (See also:  Damage)


Type of infection...... Direct action: at boot time the virus will

                               attempt to infect the hard disk.

                               Indirect: At every read from a floppy,

                               an attempt will be made to infect it.


Infection trigger...... Every read any time.


Media affected......... Any floppy and the first active partition on

                        a harddisk.


Interrupts hooked...... Int 13 (disk) and Int 9 (keyboard) on every

                        24th of the month.


Damage................. The virus makes the keys click and delays key

                        action slightly.


Particularities........ Economically programed. It is a rare example

                        of both direct and indirect action in the same

                        virus.


Similarities........... ---


-------------------------- Agents------------------------------------


Countermeasures........


 - ditto - successful.. Most checksumming programs that check the boot

                        sector.


Standard Means......... The text mentioned above will be found in a

                        cluster marked as bad. Disks can usually be

                        disinfected by booting from a write protected

                        clean boot disk, and using the SYS command on

                        any infected disk.


--------------------- Acknowledgements-------------------------------


Location............... Virus Test Center, University of Hamburg, FRG

Classification by...... Morton Swimmer

Documentation by....... Morton Swimmer

Date................... 5-June-1990

Information source..... Ralf Brown's interrupt list.



===================== End of "FORM" Virus ===========================



  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

  ++++++++++++++++++++++++++ end of reports ++++++++++++++++++++++++

  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Comments

Post a Comment

Popular posts from this blog

BOTTOM LIVE script

                                  BOTTOM                                   ======                     by Adrian Edmondson and Rik Mayall                                 Bottom Live                                 ===========                               Richie  Rik Mayall                                Eddie  Adrian Edmondson Introduction ------------ [Opening shot of theatre, with huge pictures of Richie and Eddie. Caption: "Live fro...
Read more

Evidence supporting quantum information processing in animals

              Evidence supporting quantum            information processing in animals                    James A. Donald                    1068 Fulton Av                    Sunnyvale, CA 94089-1505                    USA I show that quantum systems can rapidly solve some problems for which finite state machines require a non- polynomially large time. This class of problems is closely related to the class of problems that animals can solve rapidly and effortlessly, but are intractable for computers by all known algorithms. 1. Introduction      Animals, including very simple animals, can rapidly and effortlessly perceive objects, whereas computers take nonpolynomial time to do this by all...
Read more

ARMIES OF CHAOS

                          ARMIES OF CHAOS -      Before anyone proposes more gun control, he or she should know  about a simple, deadly weapon 4 times as powerful as Dirty Harry's  legendary .44 Magnum -- and at least twice as concealable -- that  _can't_ controlled.        This simple, deadly weapon can be made by anyone -- even a  child -- with unpowered hand tools in an hour's time using $5 worth  of materials, most of which are available around the house anyway.   In traditional form it's reusable an unlimited number of times, and  modern plastics have rendered its disposable version electronically  undetectable.  You can clear a room with such a weapon (more of a  hand-held directional grenade than a gun -- sort of a recycleable  Claymore mine) and it's just one of hundreds of similar time-proven  designs. ...
Read more