ncastellano@eagle.wesleyan.edu (02/01/90)
In article <4072@jhunix.HCF.JHU.EDU>, ins_bac@jhunix.HCF.JHU.EDU (Ajay Choudhri) writes: > I have seemed to have run into a problem or actually a wierd occurence. > On my Flash disk I have Pinhead 1.4, MAccel2 and UIS3. > When I boot up, I get 4 bombs but it proceeds to boot up and works fine. > IS ther a memory problem here?? I was recently trying to get an EZRAMII to > work and I am hoping I didn't mess up the MMU seating. > > Secondly, I have no clue where the damn thing came from but I seemed to have > caught a virus..or anti-virus... > I suspect I got it off a local bbs from a .MSA file of TeX > when I boot-up, I get the message that this is an antivirus and it beeps and flashes when it encounters a disk with an executable boot sector. > Well I have controlled the infection to only 3 disks but I would rather > just have the AV gone. Also if this AV has installed itself, I have noticed > that when running Codehead's Coderam.prg(ramdisk) before it installs, the > computer asks me to insert disk Z,then disk Y then disk X all the way to > disk D which happens to be my ram drive. > The bad thing is that it happens to be on my utility disk so anything > I format or such gets the stupid AV. It may be benign or harmless but I > have no desire for it...anybody offer any clues.. > > thanks from confounded in MD > -Ajay CHoudhri Before you completely wipe out the Anti-virus you may want to make a copy of the a disk with the AV on it and send it to the authors of VIRUSKIL so they could inspect it and add it to the list of virus programs that their program can defeat. There was a discussion of anti-viruses a while back on the security mailing list (or perhaps it was VIRUS-L) about anti-viruses and the consensus was that anti-viruses are just as much an invasion of data privacy as any other virus, inless intentionally installed (on your own media). Since these programs exhibit all the same properties as other viruses (i.e. self-replication, infection of disks that don't already contain the virus, etc.) they are just as "bad" as any other virus (especially since it may really be a harmful virus posing as an anti-virus, waiting for a certain signal to do some real damage.) Nick -- _=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_ Mathematics is the subject in which we never know what we are talking about, nor whether what we are saying is true. -Bertrand Russell _-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_ Nicholas Steven Castellano | Box 4127 Wesleyan Station | Disclaimer: I am ncastellano@eagle.wesleyan.edu | Middletown CT 06457 | irresponsible. _=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_=_-_
woodside@ttidca.TTI.COM (George Woodside) (02/01/90)
In article <4072@jhunix.HCF.JHU.EDU> ins_bac@jhunix.UUCP (Ajay Choudhri) writes: ...[edited]... >Secondly, I have no clue where the damn thing came from but I seemed to have >caught a virus..or anti-virus... >I suspect I got it off a local bbs from a .MSA file of TeX >when I boot-up, I get the message that this is an antivirus and it beeps and >flashes when it encounters a disk with an executable boot sector. >Well I have controlled the infection to only 3 disks but I would rather >just have the AV gone. From your desription, this sounds like one I am familiar with. The good news is, it won't harm you. The bad news is, it does spread just as fast as any other virus. It lives in boot sectors, and installs itself in system memory when you boot up with an infected disk. It will then spread itself to every disk with a non-executable boot sector that passes through your ST until the next reset or power off/on. Of course, if the disk in drive A has the virus at that time, it gets reloaded, and continues to spread. It gets to everything, including disks you format. I know of no way you could have become infected except having booted your system with an infected disk in drive A. I have not yet seen any programs which install this (or any other) virus. They must be in the boot sector of the disk in drive A at power up or reset to get installed, and start spreading. To get rid of it, safely, you need to erase it from the boot sector of every disk that has it. Any good virus killer will do this, without harming the data on the disk. The tricky part is, you have to get your system booted up without the anti-virus before you can start cleaning it off. Since it signs on, and does not survive resets, that should't be too difficult. If you don't have a virus killer, get one. You will find them in the archives here, on PD disks from most vendors, and in user group libraries. My latest is still a week or so from distribution, but you may not want to wait that long. Older versions of mine (VKILLER) will recognize and destroy this anti-virus. The anti virus you have will continue to spread until you get it off every disk. If just one copy survives, sooner or later it will probably get installed, and then spread again. -- * George R. Woodside - Citicorp/TTI - Santa Monica, CA * * Path: woodside@ttidca * * or: ..!{philabs|csun|psivax}!ttidca!woodside *