"Form" Virus

 


             *********************************************

             ***   Reports collected and collated by   ***

             ***            PC-Virus Index             ***

             ***      with full acknowledgements       ***

             ***            to the authors             ***

             *********************************************


 

======= Computer Virus Catalog 1.2: "Form" Virus (5-June-1990) =======


Entry.................. "Form" Virus

Alias(es).............. ---

Strain................. ---

Detected: when......... February 1990

          where........ Zuerich, Switzerland (reported to be very

                        widely spread amongst the Swiss schools in

                        canton Zug)


Classification.........  Boot sector virus Length of Virus........

                         Exactly 03F9h bytes (approx.  2 sectors)


------------------------ Preconditions---------------------------------


Operating System(s).... MS-DOS

Version/Release........ Any

Computer models........ IBM-PS and compatibles


-------------------------- Attributes----------------------------------


Easy identification.... The boot sector will contain the following

                        text (amongst others): "The FORM-Virus sends

                        greetings to everyone who's read this text.".

                        (See also:  Damage)


Type of infection...... Direct action: at boot time the virus will

                               attempt to infect the hard disk.

                               Indirect: At every read from a floppy,

                               an attempt will be made to infect it.


Infection trigger...... Every read any time.


Media affected......... Any floppy and the first active partition on

                        a harddisk.


Interrupts hooked...... Int 13 (disk) and Int 9 (keyboard) on every

                        24th of the month.


Damage................. The virus makes the keys click and delays key

                        action slightly.


Particularities........ Economically programed. It is a rare example

                        of both direct and indirect action in the same

                        virus.


Similarities........... ---


-------------------------- Agents------------------------------------


Countermeasures........


 - ditto - successful.. Most checksumming programs that check the boot

                        sector.


Standard Means......... The text mentioned above will be found in a

                        cluster marked as bad. Disks can usually be

                        disinfected by booting from a write protected

                        clean boot disk, and using the SYS command on

                        any infected disk.


--------------------- Acknowledgements-------------------------------


Location............... Virus Test Center, University of Hamburg, FRG

Classification by...... Morton Swimmer

Documentation by....... Morton Swimmer

Date................... 5-June-1990

Information source..... Ralf Brown's interrupt list.



===================== End of "FORM" Virus ===========================



  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

  ++++++++++++++++++++++++++ end of reports ++++++++++++++++++++++++

  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Comments

Post a Comment

Popular posts from this blog

WHAT THE WATCH TOWER BIBLE AND TRACT SOCIETY OF PENNSYLVANIA HAD TO SAY ABOUT WHAT WERE SUPPOSED TO HAVE HAPPENED in 1874

  AWAKEN                                                     Issue #33   1874 - WHAT THE WATCH TOWER BIBLE AND TRACT SOCIETY OF PENNSYLVANIA        HAD TO SAY ABOUT WHAT WERE SUPPOSED TO HAVE HAPPENED THEN.   This issue will comprise mainly of quotes from Watch Tower publications. Present day Jehovah's Witnesses are unlikely to be aware of any of this material. Why ? The Watch Tower had changed it's theology and does not bother to let it's followers know facts about the past especially since the present theology is totally contradictory to what was promoted in the past. Both sets of incompatible conjectures were promoted as being found  and proven in Scriptures. Prior to 1943 if a follower of the Watch Tower questioned any of the Watch Tower's teaching about 1874, that person risked getting kicked out of the group ...
Read more

Uninterruptable Power Source (UPS) FAQ

Article 61549 of news.answers: Xref: freenet.carleton.ca comp.misc:25723 comp.sys.hp.hardware:5708 comp.sys.sun.hardware:24796 comp.sys.sgi.hardware:9261 comp.sys.next.hardware:16000 comp.sys.dec:27561 comp.unix.admin:28511 comp.answers:8765 news.answers:33422 Path: freenet.carleton.ca!cunews!nott!bcarh189.bnr.ca!bcarh8ac.bnr.ca!bnr.co.uk!pipex!howland.reston.ans.net!news.cac.psu.edu!news.pop.psu.edu!hudson.lm.com!netline-fddi.jpl.nasa.gov!phoebe.jpl.nasa.gov!root From: ups@navigator.jpl.nasa.gov Newsgroups: comp.misc,comp.sys.hp.hardware,comp.sys.sun.hardware,comp.sys.sgi.hardware,comp.sys.next.hardware,comp.sys.ibm.hardware,comp.sys.dec,comp.unix.admin,comp.answers,news.answers Subject: Uninterruptible Power Source FAQ Followup-To: comp.misc Date: 10 Dec 1994 13:09:38 GMT Organization: Jet Propulsion Laboratory, Pasadena, CA Lines: 1346 Approved: news-answers-request@MIT.Edu Distribution: world Message-ID: <3cc9ai$fus@phoebe.jpl.nasa.gov> Reply-To: npc@minotaur.j...
Read more

Blade Runner FAQ

Archive-Name: movies/bladerunner-faq Version: 1.4 (May 1993) -------------------------------------------------------------------------------                                  BLADE RUNNER                            Frequently Asked Questions                        Copyright (C) 1993 Murray Chapman ------------------------------------------------------------------------------- Compiled by Murray Chapman (muzzle@cs.uq.oz.au), from sources too numerous to mention.  Thank-you one and all.                                INTRODUCTION                                ------------ The movie "Blade Runner"...
Read more