The Toothless virus

 


             *********************************************

             ***   Reports collected and collated by   ***

             ***            PC-Virus Index             ***

             ***      with full acknowledgements       ***

             ***            to the authors             ***

             *********************************************



  Vesselin Bontchev reported in May 1990:


  The Toothless virus (V534) - Listed as: W13-534

  ===============================================


  This virus came from the Soviet Union and is probably created there.

  I have a Russian program against it. In the accompanying

  documentation the virus is called "a version of the 648 (Vienna)

  virus, made by a clumsy programmer". This definition is quite exact.

  The virus is really very similar to the Vienna one, with some parts

  of code removed and other slightly changed.  It is a non-resident

  virus. It infects only .COM files in the current and in the root

  directory.  The directories, listed in the PATH variable are *not*

  searched - the code for finding this variable in the environment is

  entirely removed.  The destructive function is also removed.  The

  infected files are marked not with a 62 seconds mark in their time

  of last update. Instead, a month equal to 13 in the date of last

  update is used. This is rather boring, since it can be easily seen

  (by obtaining a directory listing) and some programs (e.g., Norton

  Utilities) treat such things as "not a proper directory entry".  The

  virus increases the length of the infected files by 534 bytes.  Only

  files with length between 256 and 64000 bytes are attacked (the

  first of these numbers was 10 in the Vienna virus).  The virus is

  not very virulent - I have only one report about it.  The man who

  reported it brought me an infected COMMAND.COM and said that its

  length had changed once a bit - "about 500 bytes" - and the month in

  the file date has changed to 13.  When I was able to confirm that

  this is indeed a new virus, I checked all his files, but found

  nothing more than that infected COMMAND.COM.


  If the virus infects a file with the ReadOnly attribute set, this

  attribute is cleared after the infection. This is due to a bug in

  the virus code.


  The virus is assembled with a strange assembler (A86?).  Its

  disassembly listing cannot be assembled back with MASM or TASM to

  produce exactly the same code.



  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

  ++++++++++++++++++++++++++ end of reports ++++++++++++++++++++++++

  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Comments

Post a Comment

Popular posts from this blog

BOTTOM LIVE script

                                  BOTTOM                                   ======                     by Adrian Edmondson and Rik Mayall                                 Bottom Live                                 ===========                               Richie  Rik Mayall                                Eddie  Adrian Edmondson Introduction ------------ [Opening shot of theatre, with huge pictures of Richie and Eddie. Caption: "Live from the Mayflower Theatre, Southampton".] Vox Pop 1:  So I'm hoping that this is a lot ruder than the TV, because             they can get away with it. [Cut to Ade's dressing-room door. It opens to reveal a clothes rail, its only contents a brown jacket.] Vox Pop 2:  I just think they're ace, you know, absolutely excellent. [Cut to dressing-gown, pan across a pair of glasses and a revolver.] Vox Pop 3:  It couldn't be too rude, I mean that's what young people want. [Rik's dressing-room door.]
Read more

Fawlty Towers script for "A Touch of Class"

Fawlty Towers A Touch of Class Written by John Cleese and Connie Booth First of first series, first broadcast on September 19, 1975 on BBC2 Transcribed by Jason R. Heimbaugh (jrh@uiuc.edu) on October 10, 1993 Basil Fawlty  John Cleese Sybil Fawlty  Prunella Scales Manuel        Andrew Sachs Polly         Connie Booth Major Gowen   Ballard Berkeley Miss Tibbs    Gilly Flower Miss Gatsby   Renee Roberts Lord Melbury  Michael Gwynn Danny Brown   Robin Ellis Sir Richard   Morris Martin Wyldeck Mr Watson     Lionel Wheeler Mr Wareing    Terence Conoley Mr Mackenzie  David Simeon               [The Fawlty Towers reception lobby. The main entrance is at the               back, with the stairs to the right. The entrance to the dining               room is in the right wall; on the left, the reception desk               running along the left wall, with the entrance to the office               behind it. The entrance to the bar is beyond the desk.] Basil         [on th
Read more