DataLock/920 virus

 


             *********************************************

             ***   Reports collected and collated by   ***

             ***            PC-Virus Index             ***

             ***      with full acknowledgements       ***

             ***            to the authors             ***

             *********************************************



  Date:    15 November, 1990

  From:    Padgett Peterson <padgett%tccslr.dnet@uvs1.orl.mmc.com>

  Subject: New MS-DOS Virus (PC)


  Have just had an opportunity to examine (briefly) a new virus as yet

  unnamed (DataLock/920 ?). This does not appear to be a very great

  threat since it does apparently nothing to hide itself (but then,

  neither does the Jerusalem).


  The virus infects a machine by running an infected file. It goes

  resident in the Top Of Memory reducing a CHKDSK return by 2048 bytes

  (a 640k machine will return 653312 bytes total memory instead of

  655360. Int 12 is not affected so a comparison will result in a

  mismatch similar to the 4096. Each time an .EXE file is executed, it

  will increase in size by 920 bytes. The virus will only infect a

  file once but will infect any .EXE executed.  The string "DataLock

  version 1.00" was found in clear near the end of an infected test

  file & at location 9000:fca8 in memory on my 640k isolation machine.


  The virus appears to trap INT 21 and determines if it is in memory

  by returning a value of 1234 in AX if INT 21 is called with function

  BE.


  The current version of SCAN (v67c) does not yet detect this but all

  of you do check the "three bytes", don't you.


  Further information will be posted as discovered.


                             Padgett, just back from the

                    CSI Conference in Atlanta and had a great time.



  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

  ++++++++++++++++++++++++++ end of reports ++++++++++++++++++++++++

  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Comments

Post a Comment

Popular posts from this blog

BOTTOM LIVE script

                                  BOTTOM                                   ======                     by Adrian Edmondson and Rik Mayall                                 Bottom Live                                 ===========                               Richie  Rik Mayall                                Eddie  Adrian Edmondson Introduction ------------ [Opening shot of theatre, with huge pictures of Richie and Eddie. Caption: "Live from the Mayflower Theatre, Southampton".] Vox Pop 1:  So I'm hoping that this is a lot ruder than the TV, because             they can get away with it. [Cut to Ade's dressing-room door. It opens to reveal a clothes rail, its only contents a brown jacket.] Vox Pop 2:  I just think they're ace, you know, absolutely excellent. [Cut to dressing-gown, pan across a pair of glasses and a revolver.] Vox Pop 3:  It couldn't be too rude, I mean that's what young people want. [Rik's dressing-room door.]
Read more

Evidence supporting quantum information processing in animals

              Evidence supporting quantum            information processing in animals                    James A. Donald                    1068 Fulton Av                    Sunnyvale, CA 94089-1505                    USA I show that quantum systems can rapidly solve some problems for which finite state machines require a non- polynomially large time. This class of problems is closely related to the class of problems that animals can solve rapidly and effortlessly, but are intractable for computers by all known algorithms. 1. Introduction      Animals, including very simple animals, can rapidly and effortlessly perceive objects, whereas computers take nonpolynomial time to do this by all known algorithms [1, 2, 3, 4, 5, 6]. Our persistent inability to emulate perception gives reason to doubt the current paradigm and to look for an alternative paradigm.      Penrose[7] and many others [8, 9, 10] argue from practical considerations, Godel's theorem, and
Read more

ARMIES OF CHAOS

                          ARMIES OF CHAOS -      Before anyone proposes more gun control, he or she should know  about a simple, deadly weapon 4 times as powerful as Dirty Harry's  legendary .44 Magnum -- and at least twice as concealable -- that  _can't_ controlled.        This simple, deadly weapon can be made by anyone -- even a  child -- with unpowered hand tools in an hour's time using $5 worth  of materials, most of which are available around the house anyway.   In traditional form it's reusable an unlimited number of times, and  modern plastics have rendered its disposable version electronically  undetectable.  You can clear a room with such a weapon (more of a  hand-held directional grenade than a gun -- sort of a recycleable  Claymore mine) and it's just one of hundreds of similar time-proven  designs.        Complete instructions for building this simple, deadly weapon  could be given in half the space I'm using here and not require a  single illustrat
Read more