shapiro@oucsace.cs.OHIOU.EDU (Brian Shapiro) (10/07/88)
Well, once again I open my mouth and insert my foot. After a somewhat heated
arguement about computer viruses and a stance that they are not as big a
problem as TIME and other magazines have made of them I have finally actually
seem one. Low and behold it's the BRAIN virus.
I seem to get the impression from some netlanders in this group that this
virus does damage to a users files , but I seem to recall reading early
on that this virus did nothing but replicate itself into the boot track
of the victims disks. In my own personal testing the other night on a
sample diskette this is what the stupid piece of pakistani crap seemed to
do. No dead files as of yet.
I seem to recall reading a posting of how this bugger worked here on the
net. Can someone give me an explanation of the boot track and how the virus
attaches itself to PC-DOS from here? I was also curious that this thing seemed
to find the available space in the boot area no matter which DOS version was
used.
Also, Am I wrong in believing that this thing can only replicate itself if
the computer was booted with the infected DOS? One user claimed the virus was
dormant and did not do anything but he did not boot with ann infected DOS and
another claimed that he received the virus from a floppy that was not bootable
...
I don't claim to be an expert on these things or on the internals of MS/PC
DOS. I am however what I would class as a super user of PC's and my employer
does pay me to tell people what they should or should not purchase. They
also seem to pay me for using any resource I can to get answers. I would be most
grateful to anyone who can tell me expertly how this piece of s*it works
or where to start to figure it out. I will gladly place a summary of all
responses to the net for all to consume...
Many Thanks in Advance!!!!
Brian
Brian Shapiro, Assistant Manager Information Center
Ohio University Computing and Learning Services
UUCP: shapiro@pdp.cs.ohiou.edu
BITNET: SHAPIROB@OUACCVMA.BITNET
FIDO: Brian Shapiro at 1:226/60
(614) 593-1015
P.S. Anyone who has never seen this bug and would like to get a copy
for analysis can contact me by telephone to make arrangements. No
netmail of any kind will be addressed on this. I will only give
it to persons who have a professional interest. This excludes
students, practical jokers and A**holes. Take this any way you
like but what it means is I will not be a party to the spread of
this kind of twisted bullshit!