duplain@rtf.bt.co.uk (Andy Duplain) (06/06/91)
Hi, After unpacking EDIT from ibm.binaries.ibm.pc I discovered sometime later that it possibly had a 'Evil-Dropper Trojan' in EDIT.EXE.. (As according to Dr Solomons Virus Toolkit)... Is this just me or DOES edit have this Trojan for real ??? -- =============================================================================== Andy Duplain, BT Customer Systems, Brighton, UK. #define DISCLAIMER My views and opinions are not necessarily that of my company Internet: duplain@rtf.bt.co.uk UUCP: ...!uunet!ukc!axion!bscsq1!duplain
komatsu@ALCOR.USC.EDU ("-----> Dave") (06/07/91)
duplain@rtf.bt.co.uk (Andy Duplain) writes: > After unpacking EDIT from ibm.binaries.ibm.pc I discovered sometime > later that it possibly had a 'Evil-Dropper Trojan' in EDIT.EXE.. > (As according to Dr Solomons Virus Toolkit)... Is this just me or > DOES edit have this Trojan for real ??? For our record, EDIT.EXE left our Honolulu Location is perfect condition. We verified this file to be intact, minus any unauthorized modification, while sitting in temporary storage on unix. This means, your copy of EDIT.EXE got infected with the 'Evil-Dropper Trojan' some where between our holding site and your final destination. Furthermore all files leaving the comp.binaries queue are virus checked by the moderator prior to posting. Also a new version the corrects some memory allocation problems found on various machines. Please be looking for Edit 2.51 shortly. Dale Chun (dchun@aludra.usc.edu) David Komatsu (komatsu@alcor.usc.edu)
komatsu@alcor.usc.edu (-----> Dave) (06/07/91)
In article <1991Jun6.112857.1017@rtf.bt.co.uk> duplain@rtf.bt.co.uk (Andy Duplain) writes: >Hi, > After unpacking EDIT from ibm.binaries.ibm.pc I discovered sometime > later that it possibly had a 'Evil-Dropper Trojan' in EDIT.EXE.. > (As according to Dr Solomons Virus Toolkit)... Is this just me or > DOES edit have this Trojan for real ??? > >-- >=============================================================================== >Andy Duplain, BT Customer Systems, Brighton, UK. >#define DISCLAIMER My views and opinions are not necessarily that of my company >Internet: duplain@rtf.bt.co.uk UUCP: ...!uunet!ukc!axion!bscsq1!duplain For our record, EDIT.EXE left our Honolulu Location is perfect condition. We verified this file to be intact, minus any unauthorized modification, while sitting in temporary storage on unix. This means, your copy of EDIT.EXE got infected with the 'Evil-Dropper Trojan' some where between our holding site and your final destination. Furthermore all files leaving the comp.binaries queue are virus checked by the moderator prior to posting. Also a new version the corrects some memory allocation problems found on various machines. Please be looking for Edit 2.51 shortly. Dale Chun (dchun@aludra.usc.edu) David Komatsu (komatsu@alcor.usc.edu)
frisk@rhi.hi.is (Fridrik Skulason) (06/08/91)
In article <1991Jun6.112857.1017@rtf.bt.co.uk> duplain@rtf.bt.co.uk (Andy Duplain) writes: >Hi, > After unpacking EDIT from ibm.binaries.ibm.pc I discovered sometime > later that it possibly had a 'Evil-Dropper Trojan' in EDIT.EXE.. > (As according to Dr Solomons Virus Toolkit)... Is this just me or > DOES edit have this Trojan for real ??? It does not! This is an incorrect message, which just indicates that the program was packed by LZEXE. -frisk Fridrik Skulason Technical Editor of the Virus Bulletin (UK) (author of F-PROT) E-Mail: frisk@rhi.hi.is Fax: 354-1-28801