davidf@CS.HW.AC.UK (David.J.Ferbrache) (06/07/89)
Jim Wright sent me a copy of version 9B of the Dirty Dozen list (thanks Jim), in this list of IBM PC Trojans there are two entries flagged as viruses, these are: ARC533.EXE This is a new virus program designed to emulate Sea's ARC program. It infects the Command.com. PK35B35.ARC This was supposed to be an update to PKARC file compress utility which when used eats you FATS and is or at least Rumored to infect other files so it can spread - possible VIRUS? Question- has anyone suceeded in verifying that these two Trojan horses do in fact contain (and initiate) viral code, and if so can someone arrange to isolate the contained viruses and provide an analysis for the group. On a side note version 9B is now available from Heriot-Watt info-server to sites in Europe (not uucp domain), send a message of the form request: virus topic: ibmpc.dirty the file is 51K long. [Ed. Jim sent me a copy of the same file - I'll have it available here shortly.] - ------------------------------------------------------------------------- Dave Ferbrache Internet <davidf@cs.hw.ac.uk> Dept of computer science Janet <davidf@uk.ac.hw.cs> Heriot-Watt University UUCP ..!mcvax!hwcs!davidf 79 Grassmarket Telephone +44 31-225-6465 ext 553 Edinburgh, United Kingdom Facsimile +44 31-220-4277 EH1 2HJ BIX/CIX dferbrache - -------------------------------------------------------------------------