shapiro@oucsace.cs.OHIOU.EDU (Brian Shapiro) (10/07/88)
Well, once again I open my mouth and insert my foot. After a somewhat heated arguement about computer viruses and a stance that they are not as big a problem as TIME and other magazines have made of them I have finally actually seem one. Low and behold it's the BRAIN virus. I seem to get the impression from some netlanders in this group that this virus does damage to a users files , but I seem to recall reading early on that this virus did nothing but replicate itself into the boot track of the victims disks. In my own personal testing the other night on a sample diskette this is what the stupid piece of pakistani crap seemed to do. No dead files as of yet. I seem to recall reading a posting of how this bugger worked here on the net. Can someone give me an explanation of the boot track and how the virus attaches itself to PC-DOS from here? I was also curious that this thing seemed to find the available space in the boot area no matter which DOS version was used. Also, Am I wrong in believing that this thing can only replicate itself if the computer was booted with the infected DOS? One user claimed the virus was dormant and did not do anything but he did not boot with ann infected DOS and another claimed that he received the virus from a floppy that was not bootable ... I don't claim to be an expert on these things or on the internals of MS/PC DOS. I am however what I would class as a super user of PC's and my employer does pay me to tell people what they should or should not purchase. They also seem to pay me for using any resource I can to get answers. I would be most grateful to anyone who can tell me expertly how this piece of s*it works or where to start to figure it out. I will gladly place a summary of all responses to the net for all to consume... Many Thanks in Advance!!!! Brian Brian Shapiro, Assistant Manager Information Center Ohio University Computing and Learning Services UUCP: shapiro@pdp.cs.ohiou.edu BITNET: SHAPIROB@OUACCVMA.BITNET FIDO: Brian Shapiro at 1:226/60 (614) 593-1015 P.S. Anyone who has never seen this bug and would like to get a copy for analysis can contact me by telephone to make arrangements. No netmail of any kind will be addressed on this. I will only give it to persons who have a professional interest. This excludes students, practical jokers and A**holes. Take this any way you like but what it means is I will not be a party to the spread of this kind of twisted bullshit!