Add to collection(s) Add to saved
  1. Science
  2. Biology
  3. Virology
  4. Viruses

LSD-Nuke13b

advertisement 
\
\\
\\\
\
\\ \
\\\
/
\
_____
\\\\
/
\
____
\
\
\\\ \ / /\
)
/
/
\
\
\
\/ / \ /
/
/
\
\
\
/
\/
/
/
\
\
\
/
/
/
\
\
\ /
_________/
/
\
\
\/
/ ______
/
\
\_________
/ /
/
/
\
\ / (_____/
/
\_____________)(____________/[PAZZA]
P R E S E N T
NUKE 1.3b FULL DOCUMENTATION
BY SHAGRATT OF LSD
RELEASE DATE 29/08/91
*** NUKE 1.3b - CHANGES ***
KNOWN BUG FIXED: NUKE kills REVENGE BOOTLOADER
`Intelligent' TRACKDISK.DEVICE virus killer added
Compatable with 60hz emulator and NTSC machines
View bootblock options added to virus found section
New bootblock added to bootblock list and uninstalled bootblocks
recognised
NUKE uses 10k less chipmem and some code optimisation
Better descriptions in this documentation
*** INSTRUCTIONS ***
Welcome to a major upgrade of NUKE, a virus killer by SHAGRATT of LSD,
origianally designed to destroy and fix the Saddam virus but now enhanced
to cover other viruses and bootblocks etc!
*** ABOUT SADDAM VIRUS ***
I first read about the Saddam virus in Zine #9 and realised we have had
disks infected with this. I've worked out what Saddam is and does, here
are my findings (note that these may not be complete).
First, Saddam changes the "beginio" and "close" of the
"trackdisk.device", and "coldcapture" and "vertb" in "execbase". Then it
creates an "l" directory (if you don't already have one) and puts itself
into it, disguised as the disk-validator, (it's even the same length, if
you had a real disk-validator you don't now!). It alters data blocks to
"IRAK" blocks and eors the rest of the data within the block with the
block number.
Next it unvalidates your disk, and `tricks' the system into believing the
disk is validated. When you insert an infected disk into any drive (you
don't need to boot an infected disk to infect the system), Saddam is
immediatly activated (as one of the first priorities of dos library is to
validate your disk).
Each time you access a file from disk, Saddam modifies the data blocks
in this file. This causes no immidate problems, providing Saddam is
always present. But if its not in the system your disk has read errors.
Saddam also totally destroys your disk, but I can't find a pattern to
when this happerns (but it is quite quickly!).
It doesn't appear to infect hard drives, but I advise caution!
Saddam is the cleverest virus I have seen so far, but its unfortunate
that its used for destructive purposes. Does anyone know where it came
from or who wrote it?
*** CHANGES - NUKE! 1.3a ***
NUKE now repairs any disks with rogue disk-validators on them, such as
those infected with R.O.L.E etc.
You can keep inserting disks into a drive to be checked.
NUKE informs you if your disk(s) are write enabled.
NUKE can be run or runback, for those people terrified of infection, but
I don't see the point of this!
NUKE now reads, checks and repairs bootblocks, version 1.3b recognises
many
utility boots/boot protectors (displayed in brackets after the version
number), appologies to those groups that are missing, we booted 3000+
disks
searching for them, future versions will feature more (please send me any
that aren't listed later). NUKE has been tested all the bootblock
viruses
I could find, it spots them and gives you the option of installing a boot
protector.
The bootprotector/utility boot is written by ORCRIST of LSD
The memory usage has also been reduced (again) now needs 36k chip and
14k public. It is written in 100% assembler, and note I will NOT supply
the source to ANYONE, no-matter what reason (this is to prevent rogue
versions appearing). The Nuke program is under 11k packed, so put it in
all your startup-sequences, it needs NO libraries etc.
If you insert a non-DOS disk into a drive to be checked, the system may
give a "key 880" type requester, NUKE will not display this, however just
use your <RMB> to toggle between NUKE and the CLI (I hope to have this
fixed on the next version, does anyone know how to stop it or check for
its existance etc?). I have made sure the option to install a disk is
NOT available for non-DOS disks, making it partially lamer-proof!
At all times you can toggle between the CLI and NUKE by using the right
mouse button (RMB). This is for canceling requesters such as "NON-DOS
DISK"/"Read/Write ERROR" etc.
After the SADDAM virus has been removed from a disk NUKE will reset
your AMIGA on selecting exit. When you reboot the repaired disk it
will be un-validated, but the disk will validate itself.
I am looking for copies of all link etc viruses (not bootblock, unless
they are anything special!), both new and old. The reason for this is I
wish to make nuke! check and repair disks infected with these, so if you
have any please send them to me all disks will be returned. Many thanx
to COBRA for sending me three link viruses to feature in future versions!
I would also like to hear from virus writers, although I doubt they will
contact me!
If you have any problems with NUKE please let me know, but make sure it
is the CURRENT version, I had a lot of mail telling me about I bug in
version 1.2a TWO MONTHS after I upgraded it! (Telling me "it
doesn't work on my A5000" doesn't help me either, descriptions please!)
*** KILLING VIRUSES ***
This is the recommended procedure for killing a bootblock virus;
(assuming NUKE has found one)
Select display bootblock, look for any messages, virus often have
messages
in them telling you they are a virus (such as REVENGE BOOTLOADER and
BYTE BANDIT). Some viruses contain messages such as "This is not a
virus"
or "Install me and youv`e wasted £25", however these messages may be
genuine
it is recommended to backup the bootblock before installing if you have
any
doubts.
A good way of determining if the bootblock is a virus is to select "kill
the
virus in memory (hard reset)". If on rebooting NUKE finds a virus again
you
can be almost certain it is a virus, usless of course you have a link
virus
on your disk, or some STRANGE hardware (such as amiga 2000 hard disk
controllers etc.).
*** OPTIONAL SHAREWARE NOTICE! ***
If you like this program, I would not turn down any donation (of
anything!), no-matter how large or small (don't worry, you won't offend
me by not sending much!). Anyone sending a reasonable sum will recieve
the next upgrade (or current version if you dont have it!) posted to you
free of charge. This will guarantee I don't lose interest in the NUKE!
project.
*** PD LIBRARIES NOTE ***
You may stock NUKE only if you put this document file with it and if you
do not charge more than £1.50 for the disk this is on. NUKE clearly
states it IS copyright.
If you wish to contact me about bug reports and upgrades etc. write to:
(Please note I am NOT interested in swapping!), however Parasite may be!
Shagratt
c/o Parasite (LSD WHQ),
18 Brocklesby Close,
Gainsborough,
Lincs, DN21 1TT.
England
The next minor upgrade will be called 1.3c/d/e etc, the next major
upgrade will be version 1.4a
The version of the Special Brothers Saddam killer I saw didn't work (this
may be ammended by now, or have been a rogue version!)
Greetings to all our friends everywhere, and thanx to Parasite for
helping me find the bootblocks included in NUKE and for typing this!
*** RECOGNISED BOOTBLOCKS ***
NOTE: There appear to be more than one version of some utility boots,
such as OMNI-BOOT 3.2, INTERFERON 1, etc.
***** normal ******
normal * 3
normal (action replay)
normal (workbench 2.4)
un-installed * 3
***** lsd ******
lsd virus check 2.0 (marl)
lsd utility boot 1.0
lsd utility boot 1.1
***** mf ******
interferion (2 different versions!)
interferion II
***** lexicon *****
archaos virus slayer 3.12
archaos virus slayer 3.13
inner city virus killer 3.4
magnetic fields interferon pro (2 different versions!)
***** marc/nomad ******
marc of slipstream utility boot 4.0
slipstream utility bootoot 5.0
marc of slipstream utility boot 6.0
marc of slipstream virus killer/utility boot 6.1
slipstream utility bootoot 7.0
scoopex utility boot 1.0
crystal utility boot 1.0 (2 different versions!)
***** anarchy *****
anarchy boot 1.1
anarchy boot 2
omni-boot 3.2 (2 different versions!)
omni-boot 5.1
***** general ******
action replay boot protector
aspect boot 1.0
ccs boot 2.0
ccs boot 3.0
cytax powerboot 1.2
devware antivirus 1988
dietmar noll novirus
eliminator
fastmem boot allocator by tip
hallon boot 1.4 (Mahoney & Kaktus)
hyperboot 2.82
hypnosis boot
memory allocator 1.2
memory controller 1.3
mirage noboot
option boot (scampy of adept)
pendle europa protector (Strewth!)
pseudo ops virus killer 2.1
punishers proboot 1.0
quartex no drives (3 different types)
random access virus killer 2.1
sabaudian boot 1.0
santurary boot
scoopex utility boot 1.3
scorpion developments 1.0
scorpion developments 1.1
seek & destroy memcheck
stoneboot 1.06 (cave)
the special brothers boot protector
tristar virus killer 1.1
vcc bootmem
vcs boot 3.2
xcopy (2 different versions!)
End.
Related documents
PC Fundamentals Test Name: Date: Directions: Answer all
PC Fundamentals Test Name: Date: Directions: Answer all
Outline
Outline
For kernel - RoboSavvy
For kernel - RoboSavvy
Scenario 1: VFR flight Shoreham to Cambridge
Scenario 1: VFR flight Shoreham to Cambridge
WEEE Disposal Form - Cardiff University
WEEE Disposal Form - Cardiff University
LSD-Nuke14b
LSD-Nuke14b
Disposing of old hard drives
Disposing of old hard drives
Chapter 7
Chapter 7
Review (Tutorials 5
Review (Tutorials 5
2.1 Input Output Control System
2.1 Input Output Control System
Download
advertisement