RMAP222@euclid.ucl.ac.uk (04/10/90)
I just received this message. It was posted on the RED-UG list as you can
see. If you have any questions about the message please send them to the
author of the original message.
Nino
*******************************************************************************
*JANET: n.margetic@uk.ac.ucl.euclid | Nino Margetic *
*EARN/BITNET: n.margetic%euclid.ucl.ac.uk@UKACRL | University College *
*INTERNET: n.margetic%euclid.ucl.ac.uk@cunyvm.cuny.edu| Dept. of Med. Physics *
*UUCP: n.margetic%euclid.ucl.ac.uk@ukc.uucp | 11-20 Capper Street *
*Phone: [+44 - 1 | 01 ] 380-9846 | London WC1E 6AJ *
*FAX: [+44 - 1 | 01 ] 380-9577 | Great Britain *
*******************************************************************************
- --------------- Original message follows -------------------------------
Via: UK.AC.RUTHERFORD.MAIL ; Mon, 9 Apr 90 14:51 GMT
(V41 at UK.AC.UCL.EUCLID)
Received:from UKACRL by UK.AC.RL.IB (Mailer X1.25) with BSMTP id 7403; Mon, 09
Apr 90 14:50:10 BS
Received:by UKACRL (Mailer X1.25) id 7680; Mon, 09 Apr 90 14:49:57 BST
Date: Mon, 9 Apr 90 15:17
Reply-To:Gunnar Radons <S46@EARN.DHDURZ1>
Sender: Red File Server Users Group <RED-UG@EARN.DB0FUB11>
From: Gunnar Radons <S46@EARN.DHDURZ1>
Subject: virus alert
To: BSMTP <RMAP222@UK.AC.UCL.EUCLID>
Hello netlanders,
Another topic on viruses. The german computer-journal "DOS-Shareware"
reported the following in it's No. 3 issue :
There is an infected version of SCANV58.zip. Actually the VALIIDATE
program seems to be changed. The original VALIDATE should be a .COM
file, while the corrupt is a .EXE with 46167 bytes (instead of 6485)
The original SCAN.EXE should have the values: Size: 42977 bytes,
Date: 2-15-1990, File Authentication: Check Method 1: 2F16, Method 2:
1C57.
This message is to be found on page 77 of the above journal.
Also there are to files "NORTSTOP.ZIP" and "NORTSHOT.ZIP" which
claim to be written by peter norton. Both contain a trojan which
erases some files between christmas and new year. To identify those
look in the .ZIP file for NORTSHOT.EXE and in the .EXE for the string
"Norton Public". If you find those trojan please inform Tony McNamara
from Norton computing (phone: US: 213/319-2076). The length of NORTSHOT
is 38907 bytes and it's date is 02.01.89 (European format I suppose).
This message is from page s6 of the above journal.
This message will be sent to RED-UG and games-l (Apr. 8. 1990).
Bye,
Gunnar
:----------------------------------------------------------------------:
: :: :
: Gunnar Radons :: Gunnar Radons :
: Astronomisches Recheninstitut Heidelberg :: s46@dhdurz1 :
: Moenchhofstr. 12-14 :: :
: D-6900 Heidelberg :: (+49) 6221 405147 :
: :: :
:------------------------------------------::--------------------------:
: Do you have the solution or are you the problem? :
:----------------------------------------------------------------------: