davidf@CS.HW.AC.UK (David.J.Ferbrache) (06/07/89)
Jim Wright sent me a copy of version 9B of the Dirty Dozen list
(thanks Jim), in this list of IBM PC Trojans there are two entries
flagged as viruses, these are:
ARC533.EXE This is a new virus program designed to emulate Sea's ARC
program. It infects the Command.com.
PK35B35.ARC This was supposed to be an update to PKARC file compress
utility which when used eats you FATS and is or at least
Rumored to infect other files so it can spread - possible
VIRUS?
Question- has anyone suceeded in verifying that these two Trojan
horses do in fact contain (and initiate) viral code, and if so can
someone arrange to isolate the contained viruses and provide an
analysis for the group.
On a side note version 9B is now available from Heriot-Watt
info-server to sites in Europe (not uucp domain), send a message of
the form
request: virus
topic: ibmpc.dirty
the file is 51K long.
[Ed. Jim sent me a copy of the same file - I'll have it available here
shortly.]
- -------------------------------------------------------------------------
Dave Ferbrache Internet <davidf@cs.hw.ac.uk>
Dept of computer science Janet <davidf@uk.ac.hw.cs>
Heriot-Watt University UUCP ..!mcvax!hwcs!davidf
79 Grassmarket Telephone +44 31-225-6465 ext 553
Edinburgh, United Kingdom Facsimile +44 31-220-4277
EH1 2HJ BIX/CIX dferbrache
- -------------------------------------------------------------------------