rickf@pnet02.cts.com (Rick Flower) (06/19/89)
I've been having some "software failures" lately at random times.. I assumed that the problem was something to do with the PAL's not having the grounding mod (but the system has been working for 3 years flawlessly!).. Also, I read a message from Joanne Dow that said she replaced the CPU with a CMOS version (68HC000P8) and that helped out.. So, I installed my NEW 68k processor and that was when things started doing wierd things! Anyway, I later found that my system was infected with the above mentioned virus and I was wondering if this is a virus that "attaches" itself to programs and is executed everytime a program is run?? I checked all of my disks that I've used recently and found that of 30 disks tested, it had infected 9 of those and there was a 10th virus that was unknown to the latest version of VirusX that was on comp.amiga.binaries... Hmm.. If anyone knows anything about this particular virus and what it "likes" to do once it has infected a system, I would appreciate a reply to this message! Thanks in advance.. +-----------------------------------------------------------------------------+ | Caution, Assembly Language Programmer at Play! | | | | UUCP: {ames!elroy, <backbone>}!gryphon!pnet02!rickf | | INET: rickf@pnet02.cts.com | +=============================================================================+
rodneyc@spinifex.eecs.unsw.oz (Rodney Campbell) (07/05/89)
The Byte Warrior virus is another of the bootblock type viruses which writes
itself to the first 2 blocks of the disk if it can (unwriteprotected disk)
It can be seen using a disk editor and the string DASA appears in the
boot block. It doesn't do much initially but after a while it usually
ends up trashing your disk and you get a df1: bad error message.
As for the virus that attaches itself to programs which get
executed - that is the IRQ virus which usually looks at the first command
executed by your startup sequence and infects it if it can. A number
of good checkers are available to combat this. KV check a single file
for the IRQ virus and POPDIR has an IRQ checker to check all files in a
directory.
Hope that helps,
==============================================================================
___ Rodney Campbell :: University of New South Wales
/ /
/ / / ACSnet,CSNET: rodneyc@spinifex.eecs.unsw.oz
/__/ ___ ___/ UUCP: {uunet,mcvax}!spinifex.eecs.unsw.oz!rodneyc
/ | / / / / Snail: 34 Harbourne Road, Kingsford, 2032.
/ |_/__/_/__/ N.S.W. Australia. PH +61 02 663 3917
=============================================================================