--------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: EFU00004 Date: 11/24/97 From: PAUL WALKER Time: 05:48pm \/To: PAUL WANKADIA (Read 1 times) Subj: Duke3d and A Drives Hi Paul, Paul Wankadia to Julian Dragone, 17 Nov 97 10:17. JD>> if yous have an a drive please give me a message PW> I have three drives, but I'll only send you one message. I have seven, but I didn't even bother... JD>> and could people please upload more duke3d maps PW> Can a virus be spread via the sharing of Duke3D maps? When unzipping, of course! Er, hang on... Paul (p.r.walker@warwick.ac.uk) ... "Bother!" said Pooh as his head exploded. --- FMail/386 1.22 * Origin: Oerth (2:254/60.11) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: EFW00000 Date: 11/25/97 From: PAUL WANKADIA Time: 11:11am \/To: CHRIS MADDOCK (Read 1 times) Subj: Conference Rules .... On 23 Nov 97, Chris Maddock wrote to Paul Wankadia -- rf>> There's a clown writing software that *supposedly* catches and removes rf>> all viruses past, present, and future, and never needs updating. PW> Hrm ... what's the program's name? CM> If he told you he'd have to kill you so I will instead. (Tell you that CM> is ...) Invircible. Who gets to kill me? --- PPoint 2.00 * Origin: Junyer's Workshop (1:342/1022.2) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: EFW00001 Date: 11/24/97 From: JACK PFISTERER Time: 01:20pm \/To: KURT WISMER (Read 1 times) Subj: IBM ANTIVIRUS KW> JP> I'm going to experiment with manually replacing the old SHSIG.LST, > JP> VERV.VDB and VIRSIG.LST files with updated ones, but would like to > JP> know if anyone else has grappled with this (presumed) problem. > JP> Perhaps I'm being too simplistic, but it seems to me that if you are i > JP> a situation where you have to use the emergency diskette, it should > JP> have the latest virus data on it. KW> JP> Has anyone raised this question with IBM? Am I missing some simple > JP> explanation buried in the documenation or that should be obvious? KW> honestly, what you've said you're going to try sounds like a likely way > to go to me... I was just concerned that the update process might require entries in other files. That proved not to be the case, so just copying the three files worked fine. KW> ... i've never used ibm anti-virus myself, but some of the > developers frequent alt.comp.virus (as do i) and i could ask there (or > ask them in private) if you find that the above method does not perform > the update function you would like it to... Haven't followed that newsgroup in the past but had been wondering if I should add it to my itinerary. See you there :) Jack P. --- FLAME v1.0 * Origin: L.A. Valley College BBS <@Support.COM> (818)985-7150 (1:102/837) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: EFW00002 Date: 11/24/97 From: JACK PFISTERER Time: 01:20pm \/To: KURT WISMER (Read 1 times) Subj: IBM ANTIVIRUS - UPDATE KW> glad you got everything working satisfactorily... KW> JP> The next step is to write a batch file to update the diskette AV files > JP> automatically after the hard drive files are updated. KW> now that i don't agree with... you have a write protected bootable > floppy that is write protected so that when you place it in the drive > after booting from the hd, the floppy won't get infected by any known or > unknown virus... * * * KW> you should boot from that clean write protected bootable floppy disk > before you remove it's write protection and update it... the update > should be performed after a floppy boot with no files on the hard drive > being executed... then replace the write protection when the update is > done... Hmmmm. Words of wisdom! I did keep the original diskette (that came with IBMAV) inviolate, and created a new one using the program that was included on the IBMAV CD-ROM for that purpose. But even that procedure (specified in the IBMAV user manual) assumes that the HD is clean, as it specifically uses the DOS OS files from the hard drive. Looks like IBM _really_ didn't think through the diskette part of the system. It would appear that there's no way to create an immaculate bootable diskette. So, accepting that apparently-unavoidable degree of risk, I think I'll try the following to benefit from your good advice: a. Run the full IBMAV and F-PROT programs on all of the bootable diskettes while they are still copy-protected. b. Boot from the protected BOOTOS2 diskettes and proceed from the A: drive command prompt without activating any DOS or hard-drive programs. c. Manually copy the update files from the original, downloaded ZIP file (on one of the hard drives) to the OS/2 AV diskette. (Assume that the files still within the .ZIP archive are unlikely to have been contaminated.) d. Run the renewed OS/2 AV program from the diskette to check the system and the OS/2 and DOS boot diskettes. e. Use the TEdit program (already on the OS/2 boot diskettes) to create the desired batch files on the OS/2 and DOS AV diskettes. The batch files will be set up to extract the update files from downloaded ZIP files on the hard drive rather than using the files already extracted to D:\IBMAV. f. Boot from the protected DOS or OS/2 floppies to apply subsequent updates to the floppies as you advise. Undetected viruses could remain on the diskettes or the hard drives even with this procedure, but that risk should diminish over time as the IBMAV capabilities advance and are applied to the system. Thanks, Kurt! Jack P. --- FLAME v1.0 * Origin: L.A. Valley College BBS <@Support.COM> (818)985-7150 (1:102/837) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: EFW00003 Date: 11/25/97 From: DAVID CHORD Time: 05:05pm \/To: PAUL WESTLAKE (Read 1 times) Subj: Conference Rules .... Paul Westlake wrote in a message to Kurt Wismer: KW> you'd be safer if you simply said no known virus has ever damaged KW> hardware... hardware damage is possible with new hardware too, it KW> just requires the hardware designers to be stupid... (which of course KW> limits the amount of business they're ever likely to do... lets be KW> glad microsoft hasn't moved into hardware - they could afford to make KW> mistakes)... PW> Consider the effect on the VDU of repeated fast change of illegal PW> (or even legal supported) screen format. I thought something like that might be able to do it. It'd take time tho, and you probably wouldn't be able to get away with it for long - the user would almost certainly dump the program that was causing that. Also, causing screen savers to fail and printing bright white text in the same place would eventually cause hardware damage, although slight :-) It is possible to damage hardware through software, it'd (usually) just take a really stupid user for it to actually work :-) Dave There is a way to a bigger, better BBS scene. You can be a part of it. Join INTBBS_WK now, and share the many ideas. --- timEd 1.10 * Origin: GnomeVille TBBS 64-4 235-6887 (3:771/1560) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: EFW00004 Date: 11/25/97 From: CHRIS MADDOCK Time: 07:08pm \/To: WILLIAM HARGRAVE (Read 1 times) Subj: Conference Rules .... On 23 Nov at 23:11, William Hargrave of 2:254/211.20 wrote to rod fewster: [....] rf>> Unless you can provide me with a working sample, the subject is rf>> OFF-TOPIC! (This means "Drop the subject NOW!") WH> Well, you can seek an MFM harddisk off the end of it's travel (by WH> formatting it too big) and damage it. You can't. Well, you could do on one particular brand and only then in two models, in about 1988, and you didn't need a virus to do it. They left out the mechanical stop. Easily fixed. As Rod said. It's off-topic except if you can provide Rod with a working sample. No-one has come forward to do so and with the virus-writing expertise around, I'm sure that, if it could be done, it would have been done. EOT Regards, Chris Maddock chrism@bbs.st.net.au --- Msged/386 4.20 beta 2 * Origin: Diagnostic CBBS - DownUnder - (3:640/302) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: EFW00005 Date: 11/24/97 From: KEES-JAN VELTMEIJER Time: 10:56am \/To: JACK PFISTERER (Read 1 times) Subj: IBM AntiVirus 'Yo..Jack -*[ 18 Nov 97, Jack Pfisterer Screamed 2 All ]*- JP> Has anyone raised this question with IBM? Am I missing some simple JP> explanation buried in the documenation or that should be obvious? just switch to another virus-package, something like mcaffee or fprot... CyaH Jack Pfisterer. Kees-Jan Veltmeijer NetMail : 2:2801/302 Email:veltm301@tem.nhl.nl --- Join Soccernet NOW! * Origin: DEAD MEAT : +31-515-231899 (2:2801/302) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: EFW00006 Date: 11/26/97 From: ANGELO BRANCADORO Time: 11:42am \/To: ALL (Read 1 times) Subj: Tentacle Does anyone have any info on the tentacle virus? --- Maximus 3.01 * Origin: Kefka's Lair 203-255-3908. HOME OF FINAL FANTASY! (1:141/421) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: EFW00007 Date: 11/25/97 From: PAUL WALKER Time: 05:19pm \/To: PAUL WESTLAKE (Read 1 times) Subj: Conference Rules .... Hi Paul, Paul Westlake to Kurt Wismer, 20 Nov 97 23:02. PW> I have seen advice from manufacturers when choosing a new screen, that PW> changing screen setup live (without reboot) is not advised as it can That's just to protect themselves - I wouldn't worry about it. If you can't change screen modes without a reboot, then you really should get a monitor from somewhere other than a 2-bit company! :) Paul (p.r.walker@warwick.ac.uk) ... "Bother" said Pooh as he realized that the bus driver was crazy --- FMail/386 1.22 * Origin: "Ramirez was an effete snob." -- The Kurgan (2:254/60.11) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: EFW00008 Date: 11/25/97 From: PAUL WALKER Time: 05:21pm \/To: DAVID CHORD (Read 1 times) Subj: viruses Hi David, David Chord to VIRUS, 24 Nov 97 08:07. DC> Why? It all ends up basically the same - something the computer can DC> understand. Don't forget, Turbo Pascal includes ASM. Size, and flexibility. True, you can do inline assembly in turbo pascal - but you've got all the overhead of all the compiler added code. Paul (p.r.walker@warwick.ac.uk) ... "I'm Someone Else" * by Ima Nonymous --- FMail/386 1.22 * Origin: Your god is worm food. - R Munns (2:254/60.11)