x
Home
Search
Topics
Almanac
Science
Nature
People
History
Society
Signup
Login
HOME
TOPICS
ALMANAC
SCIENCE
NATURE
PEOPLE
HISTORY
SOCIETY
PHILOSOPHY
Ontario (computer virus)
Topic Home
Discussion
0
Encyclopedia
This article refers to the 512 byte variant of the Ontario virus. For the 1,024 byte variant, see Ontario.1024 (computer virus)
Ontario.1024 (computer virus)
Ontario.1024 is a computer virus, discovered in October 1991, over a year after the isolation of the first Ontario virus, Ontario.512. Relative to Ontario.512, most additions involve making the virus harder to detect.-Infection:...

. For the lesser-known 2,048 byte variant, see Ontario.2048 (computer virus)
Ontario.2048 (computer virus)
Ontario.2048 is a computer virus, discovered in September 1992. It is the third and final known variant of the Ontario family, both chronologically and in complexity...

.


Ontario.512 is a computer virus
Computer virus
A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability...

, discovered in July 1990. It is named after its point of isolation, the Canadian province of Ontario
Ontario
Ontario is a province of Canada, located in east-central Canada. It is Canada's most populous province and second largest in total area. It is home to the nation's most populous city, Toronto, and the nation's capital, Ottawa....

. Because Ontario.1024 was also discovered in Ontario, it is likely that both viruses originate from within the province. By the Ontario.2048 variant, the author had adopted "Ontario" as the family's name and even included the name "Ontario-3" in the virus code.

Infection

Ontario.512 is an encrypting DOS
DOS
DOS, short for "Disk Operating System", is an acronym for several closely related operating systems that dominated the IBM PC compatible market between 1981 and 1995, or until about 2000 if one includes the partially DOS-based Microsoft Windows versions 95, 98, and Millennium Edition.Related...

 file infector. Upon the execution of an infected .COM
COM file
In many computer operating systems, a COM file is a type of executable file; the name is derived from the file name extension .COM. Originally, the term stood for "Command file", a text file containing commands to be issued to the operating system , on many of the Digital Equipment Corporation mini...

, .EXE
EXE
EXE is the common filename extension denoting an executable file in the DOS, OpenVMS, Microsoft Windows, Symbian, and OS/2 operating systems....

 or .OVL file, Ontario.512 goes memory resident and infects files of these times upon being opened. COMMAND.COM
COMMAND.COM
COMMAND.COM is the filename of the default operating system shell for DOS operating systems and the default command line interpreter on Windows 95, Windows 98 and Windows Me...

 is infected using a special routine. Infected files will increase either 512 bytes (COM files) or between 512 and 1,023 bytes (EXE and OVL files). Some systems with larger file sectors may display increases of greater than 1,023 bytes for infected files of these types.

Symptoms

Ontario.512 primarily only infects files, so there is no one significant symptom. The two main symptoms are:
  • An increase in size of infected COM files of 512 bytes.
  • An increase in size of infected EXE and OVL files of between 512 and 1,023 bytes, and even greater on some systems.
  • Systems thoroughly infected by Ontario.512 may suffer from increasing file corruption and other hard drive problems over time.
  • Unspecified printer problems have been observed with the Ontario family, although most of these observations have related to Ontario.1024, not Ontario.512. It is unknown what specific problems these are, and if they affect Ontario.512.


The increase in COM file size in conjunction with EXE and OVL file increases is a very good guideline when determining Ontario.512 infection, although file length changes are common among virtually every file infector.

Prevalence

The WildListhttp://www.wildlist.org/, an organisation tracking computer viruses, never reported Ontario.512 as being in the field. However, Ontario.1024 was included on the list for a period of time. It is unclear whether Ontario.512 was discovered in the field, or off a BBS
Bulletin board system
A Bulletin Board System, or BBS, is a computer system running software that allows users to connect and log in to the system using a terminal program. Once logged in, a user can perform functions such as uploading and downloading software and data, reading news and bulletins, and exchanging...

 out of Toronto, where Ontario.2048 was posted.

External links

The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
Silverdale Interactive © 2024. All Rights Reserved.
 
x
OK