frisk@rhi.hi.is (Fridrik Skulason) (12/03/90)
>>On Tue, 20 Nov 90 14:11:00 +0100, Peter van der Landen <LANDEN atHROEUR5> sai d: >> I have experimented quite a bit with Jerusalem-B but I have never seen >> it survive a warm boot. >Neither did I. Possibly the originial contribution has confused it with >some other virus that indeed can survive a warm boot. Jerusalem does not survive warm boot, and makes no attempt to do so, but there are several viruses known which attempt it, and also the following two cases: The Pentagon "virus" from the Philippenes contains code clearly intended to survive Ctrl-Alt-Del, and if it worked at all (instead of being totally unable to infect anything) we would have a virus which could survive warm boot. Fu Manchu intercepts Ctrl-Alt-Del, but will not survive the boot process. - -- Fridrik Skulason University of Iceland | Technical Editor of the Virus Bulletin (UK) | Reserved for future expansion E-Mail: frisk@rhi.hi.is Fax: 354-1-28801 |
SESPC374@YSUB.YSU.EDU (12/06/90)
On November 16, A colleague and I found a strain of the Jerusalem B
virus (at least that's what virusscan said it was) which upon being
cleaned locks the machine and trashes the disk. It also seems to
survive a warm boot. Can anyone explain why or send me any
information on how to deal with this mutation? I would appreciate the
help. I am currently doing research on viruses for a class of mine.
Thanks.
Michael J. Walp
Send replies to :
Michael J. Walp
Student Programming Consultant
Youngstown State University
mjw/MJW
BITNET ADDRESS: SESPC374@YSUB.YSU.EDU
Disclaimer:
MY comments are just that, MINE. Nobody elses, MINE!