XRJDM@SCFVM.GSFC.NASA.GOV (Joe McMahon) (06/03/89)
I vaguely remember downloading some assembler code from CIS a looong
while back (pre-Scores) that purported to be source for a virus
similar to nVIR. I didn't save it, mostly because I didn't see any use
for it then. It would have been a good guide to writing an anti-viral,
I suppose.
In fact, if I remember right, the resources it used were indeed called
nVIR!
--- Joe M.
Internet: xrjdm@scfvm.gsfc.nasa.gov | "I've seen yellow stripes down the
Phone: (301) 286-8090 | middle of the road, but never
CIS: 72330,554 | quite so WIDE..." - Dorothyspector%vx2.GBA.NYU.EDU@NYBVX1 (David HM Spector) (06/06/89)
In article <0001.8906051718.AA01402@ubu.CC.Lehigh.EDU> VIRUS-L@IBM1.CC.Lehigh.EDU writes: >I vaguely remember downloading some assembler code from CIS a looong >while back (pre-Scores) that purported to be source for a virus >similar to nVIR. I didn't save it, mostly because I didn't see any use >for it then. It would have been a good guide to writing an anti-viral, >I suppose. > >In fact, if I remember right, the resources it used were indeed called >nVIR! > > --- Joe M. I believe that you are referring to the posting of partial source to the original nVIR (non-A, non-B) by Matthias Uhrlichs (I can never remember the proper spelling of his name. Sorry, Matthias). This nVIR was a malignant predecessor of nVIR A and nVIR B, one of which (I think A) was writtin by M.U. in the hope that it would overtake the malignant nVIR. His good sense has been debated before, but we have him to thank that the nVIRs running around aren't deadly. The original one trashed files at random. The reason his non-malignant variant was able to overtake the original is that the original one wouldn't infect a system which was already infected, while nVIRs A and B will reinfect an app every time it is launched. (Thus the strange hybrids reported by John Norstaad.) All of this is from memory, so it's possible I may be forgetting something or remembering it wrong. - --- Alexis Rosen temporarily at spector@vx2.gba.nyu.edu alexis@rascal.ics.utexas.edu (last resort)