wleung@matrox.com (Wai Hung Leung) (02/12/90)
I am posting this for a friend who does not have news.
Please respond to him directly in the email address below.
Thanks.
======== start include message ==========
I've just encountered the "Stoned" virus.
This is the virus whose message is
Your PC is Stoned!
It's not so bad, except that it corrupts the Floppys that
you write to by moving the boot sector of the disk to say
Sector 12 and replacing by it's own boot sector with that
message and a statement to Legalize marijuana.
If there is someone who knows how to get rid of this virus
from my hard disk without reformating I will be really
grateful. Thanks so much.
Wah Keung Chan
email: chanwak@vax2.concordia.ca or chanwak@conu2.bitnet
========== end include message =================
--
Wai Hung Leung wleung@matrox.com matrox!wleung j@bucsf.bu.edu (James Allard) (02/13/90)
In article <437@matrox.com> wleung@matrox.com (Wai Hung Leung) writes:
I've just encountered the "Stoned" virus.
This is the virus whose message is
Your PC is Stoned!
It's not so bad, except that it corrupts the Floppys that
you write to by moving the boot sector of the disk to say
Sector 12 and replacing by it's own boot sector with that
message and a statement to Legalize marijuana.
If there is someone who knows how to get rid of this virus
from my hard disk without reformating I will be really
grateful. Thanks so much.
Nope, haven't heard of it. I'd be psyched to get a copy to tear into
though....:-)
J. Allard
34 Buswell Apt 29
Boston, MA 02215stevek@hp-ptp.HP.COM (Steve_Kite) (02/13/90)
Try looking in the comp.virus section of notes. There are a lot of good ideas there.
yjkim@milton.acs.washington.edu (Yong Kim) (02/14/90)
I was told that there is a nonstandard(?) virus which peneterates into your CMOS memory(backed up by battery). Romor said that it cannot be detected by "scan" or other detecting software. Is this true? I notice that too many goships about virus...
frisk@rhi.hi.is (Fridrik Skulason) (02/14/90)
In article <1888@milton.acs.washington.edu> yjkim@milton.acs.washington.edu (Yong Kim) writes: >I was told that there is a nonstandard(?) virus which peneterates >into your CMOS memory(backed up by battery). There is NO SUCH VIRUS!! I have heard this rumor too, but it is incorrect. The code would never be executed. The CMOS memory is too small for a virus - A working wirus needs at least 150-200 bytes. -- Fridrik Skulason - University of Iceland, Computing Services. frisk@rhi.hi.is Technical Editor, Virus Bulletin.
jdudeck@polyslo.CalPoly.EDU (John R. Dudeck) (02/15/90)
>>I was told that there is a nonstandard(?) virus which peneterates >>into your CMOS memory(backed up by battery). > >There is NO SUCH VIRUS!! >I have heard this rumor too, but it is incorrect. > The code would never be executed. > > The CMOS memory is too small for a virus - A working wirus needs > at least 150-200 bytes. Obviously what is being referred to is a virus which CLOBBERS your CMOS, not one which resides in CMOS. Somewhere in the rumor pipline the rumor got hosed... -- John Dudeck "You want to read the code closely..." jdudeck@Polyslo.CalPoly.Edu -- C. Staley, in OS course, teaching ESL: 62013975 Tel: 805-545-9549 Tanenbaum's MINIX operating system.
kabra437@pallas.athenanet.com (Ken Abrams) (02/16/90)
In article <1515@krafla.rhi.hi.is> frisk@rhi.hi.is (Fridrik Skulason) writes: >In article <1888@milton.acs.washington.edu> yjkim@milton.acs.washington.edu (Yong Kim) writes: >>I was told that there is a nonstandard(?) virus which peneterates >>into your CMOS memory(backed up by battery). > >There is NO SUCH VIRUS!! > The code would never be executed. > The CMOS memory is too small for a virus - A working wirus needs > at least 150-200 bytes. Let's see if I can word this so it won't come off flaming (pilot light,maybe). The original post did not say (nor imply) that the virus would DO anything (ie. executable code) within the CMOS once it got there. If we accept that the author was only asking about a virus that would WRITE to the CMOS RAM, then I think your conclusion that there is no such thing is slightly off base. Judging by your signature, I'm sure that you know a lot more than I do about invasion programs (call them virus or trojan or whatever) but I have heard of at least one "strain" that attempts to change the CMOS data. -- ======================================================== Ken Abrams uunet!pallas!kabra437 Illinois Bell kabra437@athenanet.com Springfield (voice) 217-753-7965
frisk@rhi.hi.is (Fridrik Skulason) (02/18/90)
In article <295@pallas.athenanet.com> kabra437@pallas.UUCP (Ken Abrams) writes: >The original post did not say (nor imply) that the virus would DO anything >(ie. executable code) within the CMOS once it got there. Well, if it does not do anything then it is, by definition, not a virus. A *trojan* that writes to the CMPS is an entirely different matter - I have heard of one or two such programs. The reason I said (in my earlier note) >> THERE IS NO SUCH VIRUS!!!! is that I am getting a bit tired of the virus vs. trojan confusion. A program is not a virus unless it replicates - and since the code in CMOS can never be executed it would take a co-operating process to produce a virus. A virus might corrupt the data in the CMOS, but it would be useless to place executable code there. -- Fridrik Skulason - University of Iceland, Computing Services. frisk@rhi.hi.is Technical Editor, Virus Bulletin (UK).