--------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E4Y00007 Date: 04/26/97 From: PAUL WALKER Time: 04:02pm \/To: RICK COLLINS (Read 1 times) Subj: FDD Problems Hi Rick, Rick Collins to Will Eckard, 22 Apr 97 17:09. RC> in a disk drive. Will I take the time to disassemble the code and RC> see what it _actually_ does? No, my time is more valuable than that. If it ever gets to you, pass it on. I get bored occasionally. --- FMail 1.22 * Origin: I'm afraid that I was very... very... drunk. (2:440/410.6) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E4Y00008 Date: 04/26/97 From: PAUL WALKER Time: 04:05pm \/To: KURT WISMER (Read 1 times) Subj: Naughty Robots Hi Kurt, KW>> safes, viruses should be stored in password protected KW>> cryptographic envelopes... I store them compressed, but not encrypted. There's very little point, being as no-one else in either of the places where I live can use commandlines. --- FMail 1.22 * Origin: The Light Fantastic! (2:440/410.6) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E4Y00009 Date: 04/26/97 From: PAUL WALKER Time: 11:25pm \/To: MIKE SIMM (Read 1 times) Subj: VIRUSES Hi Mike, Mike Simm to Paul Walker, 14 Apr 97 20:40. ->> way to crash your computer extremely quickly. There are major ->> structural differences between .exe and .com files, you know. MS> Thats how Companion Virus's Work. Such as AidsII While I was wrong, so are you. :) Companion viruses work by subverting the "execution chain" - DOS executes .COM files in preference to .EXE files, so the virus makes a .COM file of the same name. --- FMail 1.22 * Origin: They're either a benefit or a hazard.... (2:440/410.6) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E4Y00010 Date: 04/26/97 From: PAUL WALKER Time: 11:26pm \/To: GORDON FREY (Read 1 times) Subj: Naughty Robots Hi Gordon, Gordon Frey to Paul Walker, 15 Apr 97 09:44. GF> Now I KNOW who, what, and where. And he did actively encourge the GF> distribution and supplied the infectors with account names and GF> pass words.... I think that counts as incitement, don't you? :) GF> I've only found one or two things that have been GF> claimed to be the SMEG engine and were not. I've got it, but really can't be bothered to look into it that closely - it produces some rather large decryptors, and is much the same as other olymorph engines. --- FMail 1.22 * Origin: Tears in Rain (2:440/410.6) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E4Y00011 Date: 04/27/97 From: PAUL WALKER Time: 01:28pm \/To: PETER LOUWEN (Read 1 times) Subj: VIRUSES Hi Peter, Peter Louwen to Paul Walker, 18 Apr 97 21:21. PL> look at the file's *extension* - instead it looks at their first two PL> bytes. If these are 'MZ' or 'ZM', it's considered an .EXE, otherwise Momentary amnesia, I'm afraid :) I apologise! Considering I use 4DOS I should have remembered that. --- FMail 1.22 * Origin: Distant Earth. (2:440/410.6) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E4Y00012 Date: 04/27/97 From: PAUL WALKER Time: 01:29pm \/To: STEVE BENNETT (Read 1 times) Subj: Hoax virus warnings, Hi Steve, Steve Bennett to Paul Walker, 15 Apr 97 00:14. SB> Maybe not stupid. One of the points here is that someone could SB> _deliber- ately_ do it, and not tell anyone until way too late. In which case, I hope they've got deep pockets, because they'd get sued from here to Kingdom Come. SB> ... "It is time." - Rafiki, at 7:00 EST, Sunday, November 3rd, 1996. Eh? --- FMail 1.22 * Origin: I'll get me coat. (2:440/410.6) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E4Y00013 Date: 04/28/97 From: GERI MCALEXANDER Time: 02:57pm \/To: DON HANN (Read 1 times) Subj: Virus checker We keep coming up with the Wazzu virus on hubby's laptop. We got the latest software that's supposed to eliminate it. It fixes the corrupted files, but doesn't get rid of the damn thing. --- GEcho 1.00 * Origin: The Message Center, Jacksonville FL (Healed) (1:112/115) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E4Y00014 Date: 04/25/97 From: KURT WISMER Time: 10:19am \/To: ASHER DENSMORE-LYNN (Read 1 times) Subj: FDD Problems -=> Mocking Asher Densmore-lynn to Kurt Wismer <=- KW> ... AD> That REALLY wasn't very nice. Any SysOps who run paranoid-class scans AD> are going to get a REAL headache. AD> And we wonder where all the 'email virus' rumors come from. d: d: d: those same sysops would have problems with the distribution package of f-prot aswell, since it's in their docs... it's also in the docs of a few other av packages... also, the better av software will NOT detect the eicar test file in my tagline because the file is supposed to have only 68-70 bytes (depending on whether your text editor puts a carriage return and line feed at the end automatically)... some scanners don't even detect those.... nav will miss the 68 byte version and only detect the 70 byte one... if you have a scanner that detected the eicar test file in my message then it's a false alarm... ... think of a goat, it's like that only different... --- Maximus 2.02 * Origin: Virus Watch BBS ,[(416)654-3814] (1:250/503) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E4Y00015 Date: 04/25/97 From: KURT WISMER Time: 12:02pm \/To: BRANDON PILKINGTON (Read 1 times) Subj: Re: Fdd Problems -=> Mocking Brandon Pilkington to Kurt Wismer <=- KW> read/write PINS? dot matrix printers have pins (which can dig into the BP> Kurt is correct again. There are no pins in any type of computer disk. ssssshhhhhhh... you make it sound like i know what i'm talking about or something... ... wazzu ate my homework... --- Maximus 2.02 * Origin: Virus Watch BBS ,[(416)654-3814] (1:250/503) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: E4Y00016 Date: 04/25/97 From: KURT WISMER Time: 12:05pm \/To: RICK COLLINS (Read 1 times) Subj: FDD Problems -=> Mocking Rick Collins to Will Eckard <=- RC> Tell you what: don't send me a virus - send me a couple of those RC> "pins" or "needles" instead. don't wait too eagerly... if you sit at the edge of your seat too long you're liable to get "pins" and "needles"... ... think for us, pozo!... --- Maximus 2.02 * Origin: Virus Watch BBS ,[(416)654-3814] (1:250/503)