home *** CD-ROM | disk | FTP | other *** search
- VIRUS-L Digest Thursday, 29 Jun 1989 Volume 2 : Issue 145
-
- Today's Topics:
- Amiga anti-viral programs
- Re: Mac Archives - correction
- on the recent BYTE virus article
- Antique Systems (Mac)
- Virus Bulletin the blurb
-
- [Ed. This is the first digest being sent out from here at CMU, where
- I'm using a different mail system (MH) than we used at Lehigh (RMAIL).
- I hope that things will work ok, but please bear with us if we have
- any problems.]
-
- ------------------------------------------------------------
-
- Date: 29 Jun 89 19:27:50 +0000
- From: jwright@atanasoff.cs.iastate.edu (Jim Wright)
- Subject: Amiga anti-viral programs
-
-
- < I'm in the process of creating a catalog of the archives for >
- < the Amiga, the IBMPC and for the various documents. It will >
- < be typeset in LaTeX. Do people prefer postscript files or >
- < .dvi files? Anyway, this is a brief intro for the Amiga. >
-
- This is a short description of the files I have collected so far
- for the virus-l/comp.virus anti-viral archives. Please note that
- in the listing of "viruses known", I'm only copying what is in the
- documentation for the program. It is very likely that many of
- these will detect more than just the listed viruses.
-
- Also, I may have opinions on these programs, but I'm not giving
- them here. I give no guarantees for any of these --- I just
- want to make it available.
-
- Jim Wright
- 28 Jun 89
- jwright@atanasoff.cs.iastate.edu
-
- -----
- AntiBiot.arc
-
- Checks every disk inserted into df0: and "alerts you if there is
- something alerting". Apparently written in response to SCA virus.
-
- v1.0 (?)
- 6 Oct 87
- R. Paasivirta
- Finland
-
- -----
- NoVirus.zoo
-
- Recognizes SCA, DASA (Byte Warrior), Byte Bandit, Northstar,
- Microsystems, Revenge1.2, LSD, AEK, HCS and VKill1.0 viruses.
- Will remove viruses from memory and disk. Has feature to save
- bootblocks.
-
- v1.56
- 19 Jan 89
- Nic Wilson
- Australia
-
- -----
- SafeBoot.zoo
-
- Allows you to capture and save boot blocks. These can later
- be restored in case of disaster.
-
- v2.2
- 3 Oct 88
- Mark Lanoux
- USA
-
- -----
- VCheck.zoo
-
- Check for the SCA and AEK virus on disk and in memory.
-
- v1.2
- 9 Dec 87
- Bill Koester
- USA
-
- -----
- ViewBoot11.zoo
-
- This program allows you to view the boot block of your disks, and
- will detect the SCA, LSD, Byte Bandit and AEK viruses on disk or
- in memory.
-
- v1.01
- 2 Mar 88
- Brian Meadows
- USA
-
- -----
- Virus_Alert!.zoo
-
- This program installs a custom boot block that talks back to you.
- If this boot block acts strangely on bootup, you can suspect a
- virus.
-
- v2.01 & v1.01
- 11 Aug 88
- Foster Hall
- Canada
-
- -----
- VirusCheck.zoo
-
- This archive includes two programs to detect the SCA virus, plus
- a couple of documents describing the virus.
-
- VCheck v1.0
- 13 Nov 87
- Bill Koester
- USA
-
- VirusTest v1.1
- 19 Oct 87
- Craig Bowen
- USA
-
- -----
- VirusChecker.zoo
-
- This is an update to the VCheck program. Version 1.9 will only
- check disks. Use version 1.2 to check memory.
-
- VCheck v1.2
- VCheck v1.9
- 7 Jan 88
- Bill Koester
- USA
-
- -----
- VirusX-3.20.zoo
-
- This program will check all disks inserted into any drive, and will
- detect viruses in RAM. The viruses checked for include SCA,
- Byte Bandit, North Star, Byte Warrior, Revenge, Obelisk, IRQ,
- Pentagon Circle, HCS, DiskDoc, Graffiti, 16 Bit Crew, Phantasmumble,
- Old Northstar, Ultrafox and Lamer Exterminator. Includes source
- code for skeptics. Also includes the program kv to detect the
- IRQ virus in files on a disk.
-
- VirusX v3.2
- kv v1.0
- 18 Feb 89
- Steve Tibbet
- Canada
-
- -----
- VMK.zoo
-
- This program is meant to go into the Startup-Sequence. It examines
- memory for signs of viruses, and if found informs you before
- proceeding. Detects the Microsystems, DiskDok, Lamer Exterminator,
- Byte Bandit, Byte Warrior (DASA), SCA, HCS4220, NorthStar, Obelisk,
- Pentagon, Revenge and IRQ viruses.
-
- v12.0
- 15 Apr 89
- Chris Hames
- Australia
-
- -----
- VRTest.zoo
-
- This program will monitor memory around 0x7E7FE, and inform you
- if anything changes. It also allows you to view boot blocks, install
- standard boot blocks, and inspect certain operating system vectors.
-
- VRtest v3.2
- 4 Sep 88
- Babar Khan
- USA
-
- - --
- Jim Wright
- jwright@atanasoff.cs.iastate.edu
-
-
- ------------------------------
-
- Date: Thu, 29 Jun 89 08:46:31 -0500
- From: jwright@atanasoff.cs.iastate.edu (Jim Wright)
- Subject: Re: Mac Archives - correction
-
- In article <0005.8906291152.AA13476@spot.CC.Lehigh.EDU> you write:
- | <wsmr-simtel20.army.mil
- | < Access is through anonymous ftp, IP number 26.0.0.74.
- |
- | I believe the IP number should be 26.2.0.74.
- |
- | Allen Gordon
-
- Thanks for spotting this. I'll verify it and correct my listings.
- If only nameservers really worked, I wouldn't even have to list
- IP numbers! :-)
-
- - --
- Jim Wright
- jwright@atanasoff.cs.iastate.edu
-
- ------------------------------
-
- Date: Thu, 29 Jun 00 19:89:00 +0000
- From: utoday!greenber@uunet.uu.net
- Subject: on the recent BYTE virus article
-
- On the BYTE article with my byline on it. Let's just say that the
- BYTE staff are very creative in their editting and their copyed
- procedures. Although I was shown a proof of an earlier revision of
- what they did, they opted to run an article I never saw. Portions of
- that article I did *not* write. In particular, the tail of the
- article (the "The Sky Is Falling!" silly stuff) came out of some
- editor's keyboard, not mine. They softened the technical side of the
- article beyond belief ("An Interrupt Vector? Why would an interrupt
- care about direction and magnitude? We'll change that to something
- else.....Hey! Does anybody know anything about computers?").
-
- Sigh.
-
- Well, my complaints went up to the editor, Fred Langa, and I can but
- hope that future writers for them would be pleased at the resulting
- article with their name attached to it. I specifically am displeased
- at the mush article they had the nerve to print with my name atached
- to it.
-
- The Real Moral: Writer's articles get screwed around, even at what
- used to be considered a fine publication. Argggh!
-
- Ross
-
- ------------------------------
-
- Date: Thu, 29 Jun 89 09:25:42 -0400
- From: Joe McMahon <XRJDM@SCFVM.GSFC.NASA.GOV>
- Subject: Antique Systems (Mac)
-
- >Thanks for the above. I tried it and although all the copying and
- >pasting via ResEdit worked OK, no joy when I booted up with the new
- >system. The Vaccine icon didn't appear and re-infection occurred when
- >I used an infected disk on the machine. I have an application called
- >"Immunity" which is supposed to protect the System file from re-
- >infection by inserting nVir=10 code into the resource fork of the
- >system file. It doesn't seem to insert it into other files that could
- >be infected eg. Finder, MacWrite, MacPaint etc. Could I use
- >ResEdit to copy the nVir=10 code and paste it into the other files/
- >applications? Rgds, Iain Noble
-
- You could, but it wouldn't help you any. What nVIR 10 does is act as a
- switch to the nVIR virus to tell it not to propagate. It doesn't really
- do anything else, and it won't help against any other virus. nVIR only
- looks at the System folder to see if nVIR 10 is there; it doesn't look
- at other files.
-
- I'll check into some things I have, and post back if I find anything that
- will work with the old System. Could you please drop me a note and let me
- know exactly what version you're running? Thanks.
-
- --- Joe M.
-
- P.S. If I come up with anything, I'll be sure to post it on our LISTSERV
- and will send it to sumex, too.
-
-
- ------------------------------
-
- Date: Thu, 29 Jun 89 16:09:57 -0000
- From: David.J.Ferbrache <davidf@CS.HW.AC.UK>
- Subject: Virus Bulletin the blurb
-
- For those of you who expressed interest in the Virus Bulletin,
- here are the details:
-
- Published by Virus Bulletin Ltd, Haddenham, Aylesbury HP 17 8JD,
- England.
- Tel +44 844 290396
- Fax +44 844 291409
-
- There is also a US contact address via Mrs June Jordan, +1 203 431 8720.
-
- The bulletin is published monthly at a cost of 195 pounds (350 dollars)
- for 12 editions. The first edition is due out on Monday 3rd July.
-
- Virus bulletin describes its contents as:
- Case studies, IBM PC/XT/AT virus listing and patterns for each known virus,
- Mac virus listing and patterns for known viruses, Virus dissection in
- detail of one virus each month, product evaluations, conference reports,
- forthcoming events and world news.
-
- Contributors are Joe Hirst (technical editor from British Computer
- virus research centre), David Ferbrache (ahem?), Dr Bertil Fortie,
- David Frost (no the one from Price Waterhouse), Hans Gliss, Ross
- Greenberg, Dr Jan Hruska, Dr Keith Jackson, Martin Smociuk, John
- Sherwood, Roger Usher and Dr Ken Wong. Most of the contributors are
- involved in UK computer security concerns.
-
- The bulletin also claims a 24 hour virus helpline service and a virus
- analysis service.
-
- ------------------------------------------------------------------------------
- Dave Ferbrache Internet <davidf@cs.hw.ac.uk>
- Dept of computer science Janet <davidf@uk.ac.hw.cs>
- Heriot-Watt University UUCP ..!mcvax!hwcs!davidf
- 79 Grassmarket Telephone +44 31-225-6465 ext 553
- Edinburgh, United Kingdom Facsimile +44 31-220-4277
- EH1 2HJ BIX/CIX dferbrache
- ------------------------------------------------------------------------------
-
-
- ------------------------------
-
- End of VIRUS-L Digest
- *********************
-
- Downloaded From P-80 International Information Systems 304-744-2253
-