home *** CD-ROM | disk | FTP | other *** search
- Name : JINX
-
- Aliases : No Aliases
-
- Type/Size : Boot/1024
-
- Clones : No Clones
-
- Symptoms : No Symptoms
-
- Discovered : ?
-
- Way to infect: Boot infection
-
- Rating : Less Dangerous
-
- Kickstarts : 1.2/1.3 | 2.0 or higher = GURU!
-
- Damage : Overwrites boot.
-
- Manifestation: If the virus is active it always shows you a
- normal DOS1.3-BB.
-
- Removal : Install boot.
-
- Comments : This virus uses the KICK-Vectors to stay resident.
- It changes the BeginIO()-vector from the
- trackdisk.device to infect other disks (No danger
- for HD-Users!). Additionally it patches the
- KickChkSum()-Vector from the exec.library to make
- sure that no other programm can install itself
- over the KICK-Vectors. Many routines in the virus
- are "stolen" from the Lamer Ext. Viruses. The
- memory-adress of the virus depends of the
- Sysstklower -> $3A(a6). The whole BB is crypted
- with depending of $DFF007-register.
- In the end of the virus you can read this four
- letters: "JINX". No alert or something like that.
-
- ATTENTION: I found a Headstep-Routine (like AISF) in the virus.
- But this routine is (in my JINX-Virus) destroyed and
- USELESS (So, you will get a GURU!)
-
- BUT: Maybe in another JINX-version the routine
- ^^^ works !!! Please be careful !
-
- A.D 04-94
-