Classic_-_Concepts@cup.portal.com (01/08/90)
Well, I've encountered another disastrous consequence of virus distri- bution which hurts EVERYONE. We used to be able to take diskettes to local service bureaus for laserprinting, reproduction of color slides and typesetting on film or paper and get them back right away. No more. My favorite places don't provide quick turn-around anymore because of virus-infected diskettes which have come in. Now they take diskettes, do careful (read 'time-consuming') checks for viruses and then do the job. We have to make a second trip to pick them up hours later, or days later, even if it's a very small job. (Cost goes up, too.) Don't say it's quick to use a virus-checker. It would be naive. In the real world, service bureaus are not run by computer professionals. They're run by printers, photographers and other individuals who are scrambling to fit the learning of computer skills in between running their businesses and practicing and keeping up with their own trades. They are understandably confused and nervous about these things. In fact, not one of the local businesses uses modems yet because they don't understand them, they don't have time to learn and implement the technology. In my present mood, I'd be willing to stuff a cartload of sharp, pointy computer chips down the throats of people who unleash viruses on the world. These boneheads have cost all of us more time, money and incon- venience than they'll ever realize. The next time a virus originator is denied quick service, access to a system or has to pay a higher price for manuals, documentation or other products which are produced electronically, I hope s/he doesn't try to place the blame elsewhere. On one of our current projects, the new policies have delayed the release of our new documentation by over 2 weeks--2 weeks directly attributable to viruses. New releases are slower to come out. And who's supposed to swallow the additional labor costs? The service bureau? The publisher? The user? Am I angry? Damn rights I am. LadyHawke@cup.portal.com
ghewes@bbn.com (Gerald Hewes) (01/08/90)
------------ Help ------------ This weekend I was bitten by a D***ed virus. Its probably an old known one because I suspect I caught from a FISH disk from 200-250. The virus is attached to the executables and adds exactly 1124 bytes to them. I have not yet figured out what damages it does. It managed to get at MOST of my executables (99% of those in my path were hit, much less out of the path). It has even affected executables I know I have not run in the last year. Also some (=10%) of the executables will no longer run, guruing my AMIGA. Could somebody reply to me in e-mail if this is a classic(!) or on the net if it may be of interest to others. I am mostly interested in the effect it has and the way it spreads to help me cleanup my disk. It is not the IRQ virus. ----------- Hate ----------- Of course I am really annoyed by those virus (understatement). I will now lose many hours cleaning up my whole disk. I cannot use my backups because they are too recent (!). For once I made one 1 hr before detecting the problem. I now have to roam through my disk, and manage to remember where I got each executable from, recompiling all my code,... Just reinstalling all the commercial software is already a slow process. Making a virus is not a great act of computing. Its 20th a century crime and should be punished because it causes economic disruptions. If I knew the author I would wield my AXE. Not to cut his head! Thats's for the justice to decide, but to smash his amiga back to the stone age.
2011_552@uwovax.uwo.ca (01/09/90)
In article <50524@bbn.COM>, ghewes@bbn.com (Gerald Hewes) writes: > ------------ Help ------------ > > This weekend I was bitten by a D***ed virus. > Its probably an old known one because I suspect > I caught from a FISH disk from 200-250. > The virus is attached to the executables and adds > exactly 1124 bytes to them. I have not yet figured > out what damages it does. It managed to get at MOST > of my executables (99% of those in my path were hit, > much less out of the path). It has even affected executables > I know I have not run in the last year. Also some (=10%) > of the executables will no longer run, guruing my AMIGA. > > Could somebody reply to me in e-mail if this is a > classic(!) or on the net if it may be of interest to > others. I am mostly interested in the effect it has and > the way it spreads to help me cleanup my disk. It is > not the IRQ virus. > > ----------- Hate ----------- [fully justified hate letter omitted] This sounds like the "XENO" virus mentioned on page 2 of _Amazing_Computing_ v5.1. (My copy just arrived today). Symptoms: - command in the c directory are 1124 bytes longer. - date on an executable has been changed to a recent date - the machine crashes when printing to the parallel port. - 'file not an object module' when using common c commands (dir, cd, assign, etc.) Remedies: - VirusX4.0 detects the virus in memory. KV disables the infected executables (but does not remove the virus from the file). - XenoZap will search a device for the virus and disable all infected files. -- Terry Gaetz -- gaetz@uwovax.bitnet -- gaetz@uwovax.uwo.ca Astronomy Dept. -- U. Western Ontario -- (this space intentionally left blank) Canada --
fnf@estinc.UUCP (Fred Fish) (01/09/90)
In article <50524@bbn.COM> ghewes@spca.bbn.com (Gerald Hewes) writes: > This weekend I was bitten by a D***ed virus. Its probably an old known > one because I suspect I caught from a FISH disk from 200-250. The virus > is attached to the executables and adds exactly 1124 bytes to them. Sounds like you were hit by the Xeno virus. I believe that some of the master disks at Amazing Computing somehow got infected with this virus (disks about 240-249?), so some of their customers probably got infected disks. My masters are clean as far as I know, as are the disks I've shipped out. >I now have to roam through my disk, and manage to remember >where I got each executable from, recompiling all my code,... >Just reinstalling all the commercial software is already >a slow process. The XenoZap program on disk 300 reportedly disables the virus in each executable, without actually removing it. A future version is expected to actually remove the virus code from the executable. -Fred -- # Fred Fish, 1835 E. Belmont Drive, Tempe, AZ 85284, USA # 1-602-491-0048 asuvax!{nud,mcdphx}!estinc!fnf
poirier@dg-rtp.dg.com (Charles Poirier) (01/10/90)
In article <25716@cup.portal.com> Classic_-_Concepts@cup.portal.com writes: > > No more. My favorite places don't provide quick turn-around anymore >because of virus-infected diskettes which have come in. Now they take >diskettes, do careful (read 'time-consuming') checks for viruses and then >do the job. We have to make a second trip to pick them up hours later, >or days later, even if it's a very small job. (Cost goes up, too.) > LadyHawke@cup.portal.com I never heard of a virus being propagated through data files. All your print shop has to do is just not execute anything on your data disk. Anything that needs to be executed, they should maintain their own safe copy of. Right?? Sounds like a case of computer-illiterate paranoia on the part of the shop. Still virus-free, Charles Poirier
clp@altos86.Altos.COM (Chuck L. Peterson) (01/11/90)
This whole virus fad is really getting on my nerves. I have little time to spend on my amiga, and I certainly don't want to spend my valuable time managing a set of Virus maintenance programs -- I'd much rather be writing my few programs with MANX C and running DMCS, QIX, DPaint, Falcon, SimCity and using some extra (public domain) fonts I mailed away for. I find it amazing that there are such incredible loosers out there whose only way to get my attention is to destroy my machine. Chuck L. Peterson clp@altos.com
charles@hpcvca.CV.HP.COM (Charles Brown) (01/12/90)
> I never heard of a virus being propagated through data files. All > your print shop has to do is just not execute anything on your data > disk. Anything that needs to be executed, they should maintain their > own safe copy of. Right?? Sounds like a case of computer-illiterate > paranoia on the part of the shop. Not necessarily. One problem with the Amiga IMHO is that the path command always places the current directory first on the path for the CLI. So if you CD into a directory with an infected DIR and then ask for a DIR your system can be infected. I assume this can be avoided by making commands resident, but how many people have *all* of their commands resident? > Still virus-free, > Charles Poirier Cross your fingers. -- Charles Brown charles@cv.hp.com or charles%hpcvca@hplabs.hp.com or hplabs!hpcvca!charles or "Hey you!" Not representing my employer.