informis/textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/virus/NCSA/ncsa097.txt
root@procul 278a90f7ce Initial commit
2021-04-15 13:31:59 -05:00

72 lines
3.3 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
³ VIRUS REPORT ³
³ New Zealand-B ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ
Synonyms: Stoned-B.
Host Machine: PC compatibles.
Host Files: Remains resident. Infects boot sector of floppy disk and
partition table of hard disk.
OnScreen Symptoms: The screen will sometimes display "Your PC is now
stoned!"
Increase in Size of Infected Files: n/a.
Nature of Damage: Affects system run-time operation. Corrupts or
overwrites boot sector. Directly or indirectly corrupts file linkage.
Detected by: Scanv56+, CleanUp, F-Prot, IBM Scan, Pro-Scan.
Removed by: CleanUp, MDisk, F-Prot.
Derived from: New Zealand.
Scan Code: You can search at offset 043H for B8 01 02 0E 07 BB 00 02 33
C9.
This is a variation of New Zealand. Much of the code has been
reorganized. The only significant change in function, however, is that
the original boot sector is stored at track zero, head zero, sector seven
on a hard disk. The second string ("Legalise Marijuana!") is not
transferred when infecting a hard disk. The virus occupies space in the
hard disk's partition table.
The hard disk is infected as soon as an infected floppy is booted. No
intentional damage is done by New Zealand-B, except systems with RLL
controllers will frequently hang.
Removal instructions are the same as for the original New Zealand
virus for diskettes. However, an infected hard disk must be disinfected
by using MDisk with the /P parameter, with CleanUp, or NDD, because the
partition table has been infected.
ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
º This document was adapted from the book "Computer Viruses", º
º which is copyright and distributed by the National Computer º
º Security Association. It contains information compiled from º
º many sources. To the best of our knowledge, all information º
º presented here is accurate. º
º º
º Please send any updates or corrections to the NCSA, Suite 309, º
º 4401-A Connecticut Ave NW, Washington, DC 20008. Or call our BBS º
º and upload the information: (202) 364-1304. Or call us voice at º
º (202) 364-8252. This version was produced May 22, 1990. º
º º
º The NCSA is a non-profit organization dedicated to improving º
º computer security. Membership in the association is just $45 per º
º year. Copies of the book "Computer Viruses", which provides º
º detailed information on over 145 viruses, can be obtained from º
º the NCSA. Member price: $44; non-member price: $55. º
º º
º The document is copyright (c) 1990 NCSA. º
º º
º This document may be distributed in any format, providing º
º this message is not removed or altered. º
ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍͼ

Downloaded From P-80 International Information Systems 304-744-2253
Reference in New Issue View Git Blame Copy Permalink