TK0GRM1@NIU.BITNET (Gordon Meyer) (05/31/89)
A couple of weeks ago I reported an ST boot virus to digest readers. At that point the virus had just been discoverd and I knew very little about it. I sent a copy of the virus to George Woodside, author of the public domain VKILLER, in hopes that he could identify it. He could. The virus I had was the "mouse inversion" virus. It copies itself to the bootsector of disk, keeping a counter of it's activities. When the counter reaches five it inverts the vertical movements of your mouse. When it reaches five again it puts everything back to normal. This cycle just keeps repeating. No damage is done other than stomping on various boot sectors. Woodside's latest version of Vkiller (2.20 May 1989) *will* recognize this virus. The version I had (2.01) would not. As far I know VKILLER 2.20 is not yet available on CIS or GEnie. A couple things to note: When VKILLER 2.20 recognizes this virus it says that it (the virus) checks for executable boot sectors and doesn't write over any that it finds. My experience does *not* confirm this as the *#&$ thing stomped on an executable boot sector of mine! Woodside's FLU.PRG, a virus simulator, is a handy thing to have. I know it's available via FTP from one of the Atari archives. I can't FTP from NIU so I don't know much more. FLU.PRG demonstrates, in a non-harmful manner, what the known 15 ST viruses do. Not only does it help in identifying them, but it helps to satisfy ones morbid curiousity about such things w/out having to actually get an infected disk. In summary: I was infected by a known virus. It wasn't "new", as I thought it might be, it's just that the version of VKILLER I was running couldn't identify it. - -=->G<-=- PS: Please don't ask me to uuencode the file and send it to you. Such things don't work at this site. If I get information on when/where the newest version of VKILLER is available I'll post a short note here. - -------------------------------------------------------------------- | Gordon R. Meyer, Northern Illinois University, Dept of Sociology | | GEnie: GRMEYER, CIS: 72307,1502, Phone: (815) 753-0555 | | Bitnet: Tee-Kay-Zero-Gee-Are-Em-One AT Enn-Eye-You.bitnet | |__________________________________________________________________|