----------------------------------------------------------------------------
| |
| THE DIRTY DOZEN -- An Uploaded Program Alert List |
| |
----------------------------------------------------------------------------
| Issue #7: January 4th, 1987
|
----------------------------------------------------------------------------
Recently, many unlawfully copied or modified programs have appeared on
various IBM PC bulletin boards across the country. THE DIRTY DOZEN is a
list of known examples.
IMPORTANT NOTE: the author takes no responsibility for the validity or
completeness of this list. Many sources contribute to the list, and it
is very possible that one of the reported 'dirty' files works perfectly
and is in the Public Domain. I will try to '*' asterisk any programs
what I feel are not positively 'bad,' but all the same, it is quite
possible that a mistake will slip in somewhere. Since this is the case,
please keep in mind while reading this list that however unlikely, it is
possible that I or my sources are incorrect in our accusations. Please
also bear in mind that the dirty dozen list has not yet falsely accused
a Public Domain program of being pirated, or a well working program of
all existing bad software into one list. Everyday users upload bad
software to hundreds of boards, and often times the software is not yet
in this list. In other words, if you run a trojan horse that I did not
list in here, don't call my board up call up and leave me a message so
that I can get the destructive program in the next issue. If anyone is
unsure whether a file is trojan, and it's not listed in here, then I
recommend using a utility like BOMBSQAD.COM to prevent any mishaps.
There are four major categories of bad software: commercial pirate jobs,
unauthorized copies of otherwise legitimate freeware programs, malicious
"TROJAN" programs which damage your system, and miscellaneous illegal
software. Please look in the definitions section of this document for a
more detailed explanation of these terms.
SysOps: Please be careful with the files you post in your download
libraries! An professional quality uploaded game or disk utility should
arouse your suspicions, especially if it doesn't include the author's
name, address, and distribution policy. Such programs are probably NOT
public domain! The BBS community is already under legislative threat at
the State and Federal level. We cannot fight this trend effectively
while our directories sit stocked with cracked Sega games, wargames
dialers, and malicious "trojan horses!" Let's demonstrate a little
social responsibility by cleaning up our download libraries. If you as
a SysOp have any of these files on your system, please delete them and
post "blocking" dummy file entries like this one:
ZAXXON.COM DELETED!! NOT PUBLIC DOMAIN!!
If everyone works together to fight this new brand of software, the growing
numbers of piraters and trojan horse writers may well be put 'out of business!'
The idea behind THE DIRTY DOZEN is to bring this important issue to the
attention of more SysOps and users - to act as an information "clearing -
house" for the latest known examples of "bogusware," so that an educated
public can fight effectively for safe downloadable files.
The Dirty Dozen is a big project, and it needs your help to succeed!
Please call in any updates of bad software that you know of, but DO NOT
modify this article yourself. If everyone who discovers a pirated
program starts modifying the DD, there would be hundreds of issues in
circulation. Also, I think it's quite unfair, especially considerig that
I've spent over a hundred hours of my time on this list, for just anyone
to put their name at the top of the list and say that they write, or
helped write, the DD. For example, someone named Gerhard Barth added
two files, both of which were already listed in the DD, and proceeded to
write "Updated by Gerhard Barth, please send all further updates to
Gerhard Barth," etc. If everyone does this, how will anyone know which
file is the latest and TRUE Dirty Dozen? If you have an update, please
see the end of this article for information on how to reach me with new
information.
A user of mine has notified me that some pirates have patched HARDHAT.COM
and PANGO.COM to read "cracked by Eric Newhouse." This is ridiculous!
Please disregard any programs that you may come across in the future
advertising "copy protection busted by Eric Newhouse, " or the like.
This is just one more way that pirates are trying to get me to stop
publishing this list!
A word on TROJANS: I have been hearing more and more reports of these
"worm" programs, from all directions. While I don't doubt their
existence, do not get hysterical. Remember, a Trojan rumor is much
easier to START than it is to STOP. Some people have accused legitimate
*joke* programs, like DRAIN (which pretends to be gurgling excess water
out of your A drive) of being "killers." If a program locks up your
system, it isn't necessarily Trojan; it might not like co-residing with
Superkey, or your graphics card. Ask around a little before you
announce something as Trojan. I would appreciate a bagged specimen of
any real Trojan program that you might have the (un)luck to find.
A word on Pirated programs: Recently many pirated programs such as AUTODEX
have been going under many different names. Although I will try to keep
all these names current in the DD, the best way to check for piracy in
a file is to run that file yourself -- checking for (C)opyright
notices of commercial manufactures, similarities in looks and operations
of commercial programs, and of course whether the name is in this list.
Finally I want to thank all BBS SysOps and users that notified me of
updates, additions, and/or corrections to DIRTYDOZ.006. It's great to
see so much support! In this issue more people than ever called in with
updates. Everyone else who reads this list, along with myself, really
appreciates the effort!
DEFINITIONS:
HACKED An unlawfully modified copy of an otherwise legitimate
public domain or user-supported program. It is illegal to
distribute a modified copy of someone else's work without
their permission! All modified programs must contain this
permission, either in the program's display or documentation.
*TROJAN* BEWARE!! These programs PURPOSEFULLY damage a user's system
upon their invokation. Usually they aim to disable hard disks,
although they can destroy other equipment too. It is IMPERATIVE
that you let me know about any new examples of these that you
find.
PIRATED This is an illegal copy of a commercial program product.
Examples: a cracked (de-protected) game, an accidentally
or deliberately distributed compiler, editor or utility;
sometimes a Beta test copy of a program under development,
handed out by a disgruntled employee or dishonest beta
tester. In the latter case, the program in question may
never make it to market due to the piracy! In the case of games,
there's a tendency for the pirate to patch a clumsy
"PUBLIC DOMAIN" notice over top of the original copyright.
ZAXXON.COM is a prime example.
MISC This is miscellaneous illegal software and/or text.
The best definition, aside from that, that I can think of
is that it's NOT pirated software.
NOTE: If I do not supply a file extension, that means that the file circulates
under many different extensions. For instance, users commonly upload with extensions of either: .EXE, .COM, .EQE, .CQM, .LBR, .LQR, and .ARC.
----------------------------------------------------------------------------
| TROJAN HORSE PROGRAMS: |
----------------------------------------------------------------------------
Name Category Notes
-------------- -------- -------------------------------------------------
ANTI-PCB *TROJAN* The story behind this trojan horse is sickening.
Apparently one RBBS-PC sysop and one PC-BOARD
sysop started feuding about which BBS system
is better, and in the end the PC-BOARD sysop
wrote a trojan and uploaded it to the rbbs
SysOp under ANTI-PCB.COM. Of course the RBBS-PC
SysOp ran it, and that led to quite a few
accusations and a big mess in general. Let's grow
up! Every SysOp has the right to run the type of
BBS that they please, and the fact that a SysOp
actually wrote a trojan intended for another
simply blows my mind.
ARC513.EXE *TROJAN* This hacked version of arc appears normal, so
beware! It will write over track 0 of your
[hard] disk upon usage, destroying the disk.
ARC514.COM *TROJAN* This is totally similar to arc version 5.13 in that
it will overwrite track 0 (FAT Table) of your hard
disk. Also, I have yet to see an .EXE version
of this program..
BACKTALK *TROJAN* This program used to be a good PD utility,
but some one changed it to be trojan.
Now this program will write/destroy sectors
on your [hard] disk drive. Use this with caution
if you acquire it, because it's more than likely
that you got a bad copy.
CDIR.COM *TROJAN* This program is supposed to give you a color
directory of files on disk, but it in fact
will scramble your disks FAT table.
DANCERS.BAS *TROJAN* This trojan shows some animated dancers in color,
and then proceeds to wipe out your [hard] disk's
FAT table. There is another perfectly good copy
of DANCERS.BAS on BBS's around the country;
apparently the idiot author in question altered
a legitimate program to do his dirty work.
DISKSCAN.EXE *TROJAN* This was a PC-MAGAZINE program to scan a (hard) disk
for bad sectors, but then a joker edited it to
WRITE bad sectors. Also look for this under other
names such as SCANBAD.EXE and BADDISK.EXE...
DMASTER *TROJAN* This is yet another FAT scrambler..
DOSKNOWS.EXE *TROJAN* I'm still tracking this one down -- apparently
someone wrote a FAT killer and renamed it
DOSKNOWS.EXE, so it would be confused with the
real, harmless DOSKNOWS system-status utility.
All I know for sure is that the REAL DOSKNOWS.EXE
is 5376 bytes long. If you see something called
DOSKNOWS that isn't close to that size, sound the
alarm. More info on this one is welcomed -- a
bagged specimen especially.
DPROTECT *TROJAN* Apparently someone tampered with the original,
legitimate version of DPROTECT and turned
it into a FAT table eater.
EGABTR *TROJAN* BEWARE! Description says something like
"improve your EGA display," but when run it
deletes everything in sight and prints "Arf! Arf!
Got you!"
EMMCACHE *TROJAN* This is a funny trojan. The author did a good
V. 1.0 job of writing the documentation, and on the
outside it looks to be a very well written
program. However, after running it to install
69 pages of a EMS disk cache, the program
A) Scrambled every file that I thereafter modified
(changed and then wrote to disk), and
B) Destroyed my boot sector.
The program is especially dangerous because it
will damage many of your most used files before
you realize what hit you.
FILER.EXE *TROJAN* One SysOp complained a while ago that this program
wiped out his 20 Megabyte HD. I'm not so
sure that he was correct and/or telling the
truth any more. I have personally tested an
excellent file manager also named FILER.EXE, and
it worked perfectly. Also, many other SysOp's
have written to tell me that they have like me
used a FILER.EXE with no problems. If you get a
program named FILER.EXE, it is probably allright,
but better to test it first using some security
measures.
FINANCE4.ARC *TROJAN* This program is not a verified trojan;
there is simply a file going around BBS's
warning that it may be trojan. In any case,
execute extreme care with it.
FUTURE.BAS *TROJAN* This "program" starts out with a very nice color
picture (of what I don't know) and then proceeds
to tell you that you should be using your computer
for better things than games and graphics.
After making that point it trashes your A: drive,
B:, C:, D:, and so on until it has erased all
drives. It does not go after the FAT alone,
but it also erases all of your data. As far as I
know, however, it erases only one sub-directory
tree level deep, thus hard disk users should only
be seriously affected if they are in the "root"
directory. I'm not sure about this on either,
though.
MAP *TROJAN* This is another trojan horse written by the infamous
NOTROJ.COM *TROJAN* This "program" is the most sophisticated trojan
horse that I've seen to date. All outward
appearances indicate that the program is a useful
utility used to FIGHT other trojan horses.
Actually, it is a time bomb that erases any hard
disk FAT table that IT can find, and at the same
time it warns: "another program is attempting a
format, can't abort!" After erasing the FAT(s),
NOTROJ then proceeds to start a low level format.
One extra thing to note: NOTROJ only damages FULL
hard drives; if a hard disk is under 50% filled,
this program won't touch it!
If you are interested in reading a thorough report
on NOTROJ.COM, James H. Coombes has written an
excellent text file on the matter named NOTROJ.TXT.
If you have trouble finding it, you can get it from
my board.
TIRED *TROJAN* Another scramble the FAT trojan by Dorn W.
Stickle.
TSRMAP *TROJAN* This program does what it's supposed to do:
give a map outlining the location (in RAM) of
all TSR programs, but it also erases the boot
sector of drive "C:".
PACKDIR *TROJAN* This utility is supposed to "pack" (sort and
optimize) the files on a [hard] disk, but
apparently it scrambles FAT tables.
QUIKRBBS.COM *TROJAN* This Trojan horse advertises that it will
QUIKREF *TROJAN* This ARChive contains ARC513.COM.
load RBBS-PC's message file into memory
2 times faster than normal. What it really
does is copy RBBS-PC.DEF into an ASCII file
named HISCORES.DAT...
RCKVIDEO *TROJAN* This is another trojan that does what it's supposed
to do, then wipes out hard disks. After showing
some simple animation of a rock star ("Madonna," I
think), the program will go to work on erasing
every file it can lay it's hands on. After
about a minute of this, it will create 3 ascii
files that say "You are stupid to download a video
about rock stars," or something of the like.
SECRET.BAS *TROJAN* BEWARE!! This may be posted with a note saying
it doesn't seem to work, and would someone please
try it; when you do, it formats your disks.
SIDEWAYS.COM *TROJAN* Be careful with this trojan; there is a perfectly
legitimate version of SIDEWAYS.EXE circulating. Both
the trojan and the good SIDEWAYS advertise that they
can print sideways, but SIDEWAYS.COM will trash a
[hard] disk's boot sector instead. The trojan
.COM file is about 3 KB, whereas the legitimate
.EXE file is about 30 KB large.
STAR.EXE *TROJAN* Beware RBBS-PC SysOps! This file puts some
stars on the screen while copying RBBS-PC.DEF
to another name that can be downloaded later!
STRIPES.EXE *TROJAN* Similar to STAR.EXE, this one draws an American
flag (nice touch), while it's busy copying
your RBBS-PC.DEF to another file (STRIPES.BQS) so
Bozo can log in later, download STRIPES.BQS, and
steal all your passwords. Nice, huh!
TOPDOS *TROJAN* This is a simple high level [hard] disk formatter.
VDIR.COM *TROJAN* This is a disk killer that Jerry Pournelle wrote
about in BYTE Magazine. I have never seen it,
although a responsible friend of mine has.
----------------------------------------------------------------------------
| HACKED PROGRAMS: |
----------------------------------------------------------------------------
| |
| '*' = not verified by program's author |
| |
----------------------------------------------------------------------------
ARC.COM HACKED Someone keeps running SPACEMAKER or a similar EXE
squeezer on SEA, Inc.'s ARC archive program, then
uploading the resulting COM file to BBS's without
the author's permission. SEA will NOT support the COM version -- this
is an unauthorized modification.
AUTOMAXX.ARC HACKED This DOS menu-making program comes with
documentation that is almost certainly
plagiarized. Marshall Magee, author of the
popular AUTOMENU program, contends that the
AUTOMAXX documentation uses exact phrases from his
documentation, and if this is the case, AUTOMAXX
is clearly illegal. In addition, the
executionable file in AUTOMAXX.ARC may also
be plagiarized. For more information, please
contact Marshall Magee, at (404) 446-6611.
DOG102A.COM * HACKED Apparently this is a renamed early version of the
DP102A.ARC utility DISKPACK.COM. One person has reported that it
trashed his hard disk that was formatted under
DOS 3.1 (2KB clusters).
LIST60 HACKED Vern Buerg's LIST 5.1, patched to read 6.0.
Note: Mr. Buerg has released a legitimate version
6.0 of LIST. Every legit. version will have
a letter in the filename (e.g. LIST60H.ARC)
LIST799 HACKED Vern Buerg's LIST 5.1, patched to read 7.99.
QMDM110.ARC HACKED These hacked versions of qmodem are
QMDM110A.ARC copies of 1.09, patched to read 1.10. There
have been rumors of a worm in 1.10, but I
have seen no evidence of it. Other
versions are OK.
----------------------------------------------------------------------------
| PIRATED PROGRAMS: |
| |
| |
| TYPES: |
| Game -- some sort of game, usually of "Arcade" Quality |
| Util -- a disk, screen, or general utility |
| Misc -- miscellaneous, printer controllers, sound, etc. |
----------------------------------------------------------------------------
Program Name Type Description
------------ ---- -----------
1DIR.COM PIRATED Util -- This is "The ONE Dir," a commercial shell
sold with a Hard Disk subsystem.
21C.EXE PIRATED Game -- From the IBM Game Library -- blackjack
ACUPAINT PIRATED Misc -- PC Paint -- ARC-ed file is 148,221 bytes.
ALLEYCAT.COM PIRATED Util -- The IBM game "Alley Cat"
ALTEREGO.ARC PIRATED Game -- Alter Ego game from Activision
this archive file is huge -- about 450KB
or so..
ARCHON.COM PIRATED Game -- Electronic Art's Archon.
ARTOFWAR PIRATED Game -- Ancient Art of War game.
AUTODEX PIRATED Util -- AUTODEX, a commercial file manager
AXX.EXE PIRATED Util -- also AUTODEX
B1-BOMB PIRATED Game -- Avalon Hill's B1 Bomber
BATTLE PIRATED Game -- Battle Zone Game
BBCHESS PIRATED Game -- Blues Box Chess
BC-QUEST PIRATED Game -- Bc's Quest for Tires
BIGMAC.ARC PIRATED Util -- Also Superkey
BRUCELEE PIRATED Game -- Bruce Lee game
BUCK PIRATED Game -- Buck Rogers on Planet Zoom
BURGER PIRATED Game -- Burgertime
BUSHIDO PIRATED Game -- Karate Game
BUZZBAIT PIRATED Game -- Buzzard Bait
CALL2ARM PIRATED Game -- Call to Arms
CENTIPED PIRATED Game -- Be careful with this one. At least two other
legitimate, PD copies of Centipede are in
circulation. There pirated one is
supposedly PUBLIC DOMAIN BY ATARI.
Yeah, Right.
COMMANDR.ARC PIRATED Game -- Norton Commander
COSMIC PIRATED Game -- Cosmic Crusaders
COPYRITE PIRATED Util -- Really Quaid Software's COPYWRITE
COPYWRIT PIRATED Util -- Quaid Software's COPYWRITE again
COSMIC PIRATED Game -- Cosmic Crusaders game
CROSFIRE.COM PIRATED Game -- Cross fire game..
CRUSH-CC.ARC PIRATED Game -- Crush, Crumble & Chomp Game
DEB88.EXE PIRATED Misc -- DeSmet "C" debugger
DECATH PIRATED Game -- Microsoft Decathalon
DEFENDER PIRATED Game -- Defender
DIGGER.COM PIRATED Game -- Dig Dug
DIGDUG.COM PIRATED Game -- Dig Dug
DISKEX PIRATED Util -- Disk Explorer Utility
DOSHELP.EXE PIRATED Util -- This is really Central Point Software's
PC-tools. One special note: There is
usually a poorly written documentation
accompanying this file. In the
documentation ERIC HSU asks for a monetary
contribution to his bbs. Well, It
seems that this was a poor attempt to damage
ERIC HSU's reputation; Eric is a legitimate
SysOp in the Houston area.
DOSMENU PIRATED Util -- INTECH'S DOSMENU - The Menu screen says "PC
DOS MENU SYSTEM 5.0" Archive size is
208,240 - The copyright notice is on the
bottom of the screen.
DOSSHELL PIRATED Util -- AUTODEX again
DRL PIRATED Game -- Avalon Hill's "Dnieper River Line."
DIPLOMCY PIRATED Game -- Avalon Hill's "Computer Diplomacy" game.
EGADIAG PIRATED Util -- Quadram EGA (Quad EGA+) diagnostics.
EINSTIME PIRATED Util -- Another pirated IBM internal utility
EXPLORER.COM PIRATED Util -- Quaid Software's Disk Explorer
EVOLUTIO PIRATED Game -- Evolution
F15 PIRATED Game -- F-15 Strike Eagle
FILEEASE PIRATED Util -- Dos Utility
FILEMGR PIRATED Util -- Really FILE MANAGER by Lotus Devel. Corp.
FILEMAN PIRATED Util -- Also FILE MANAGER. The file is 10 KBytes
FINDIT PIRATED Util -- IBM internal 'locate a file' utility
FSDEBUG PIRATED Util -- IBM's Full Screen Debug program..
GOLDCUP PIRATED Game -- Gold Cup championship soccer
GOLF21.ARC PIRATED Game -- Golf's Best version 2.1
GREMLINS.COM PIRATED Game -- Gremlins game
HARDHAT.COM PIRATED Game -- Hard Hat Mack
HIGHORBT PIRATED Game -- High Orbit (like Star Wars)
HOOP.COM PIRATED Game -- One-on-1
ID PIRATED Util -- Persyst Ram disk software
IBM21 PIRATED Game -- 21c
IPLTIME.COM PIRATED Util -- IBM Internal Use Clock utility
JBIRD PIRATED Game -- Jbirds -- Q-bert Game
JET PIRATED Game -- Jet is a flight simulator
JETDRIVE.ARC PIRATED Util -- JET Drive -- copies files quickly
JOUST PIRATED Game -- Joust. Be careful, there is a 6K version
KEYWORKS.ARC PIRATED Util -- Keyworks macro program, usu. version 2.0
KONG PIRATED Game -- Donkey Kong
LIGHTNIN PIRATED Util -- Can be either the cache or spell checker
MACE+ PIRATED Util -- Paul Mace's MACE+ utilities
MACROS PIRATED Util -- Again Superkey, or even Prokey
MEDMAG.COM PIRATED Util -- Quaid Software's Media Magician
MISSLEC PIRATED Game -- Missle command
MONTYS.COM PIRATED Game -- Montezuma's Revenge
MOONBUGS PIRATED Game -- Moon Bugs
MS PIRATED Util -- IBM internal utility.
MTS PIRATED Util -- IBM Multitasker that's similar to Double-Dos
MULTASK PIRATED Util -- Same as MTS
MURDRBY# PIRATED Game -- Murder by Numbers
MUSICCON PIRATED Misc -- Music Construction Set
NFL.ARC PIRATED Game -- Xor's NFL challenge.
NICE PIRATED Misc -- A printer Controller
NODISK-A.COM PIRATED Util -- Central Point software's Nokey.
NORTON.COM PIRATED Util -- Peter Norton's Utilities!
NOVATRON PIRATED Util -- Tron light cycles.
ONE-ON-1 PIRATED Game -- One-on-1 basketball game.
PATHMIND PIRATED Util -- Dos Shell
PC-POOL PIRATED Game -- Really PC-POOL, commercial game
PC-TOOLS PIRATED Util -- Central Point Software's PC-tools
PCBOSS PIRATED Util -- Another Dos shell
PCED PIRATED Util -- Pro CED, DOS command line editor
PEII PIRATED Util -- IBM Personal Editor II
PINCONST PIRATED Game -- Pinball Construction Set
POOL.ARC PIRATED Game -- Same as PC-POOL
POPALARM.COM PIRATED Util -- Part of POP DOS
POPDOS.ARC PIRATED Util -- Pop up (resident) dos utilities.
PRIME PIRATED Util -- Columbia Data Co. hard disk utility.
PROKEY PIRATED Util -- Prokey macros program
PSHIFT PIRATED Util -- really MEMORY SHIFT
PSRD.ARC PIRATED Util -- IBM utility (redirects PrtSc)
QDOS PIRATED Util -- Quickdos
QUCKDOS PIRATED Util -- Quickdos
QIX PIRATED Game -- The game.
RACTER PIRATED Game -- Racter
RASTER-B PIRATED Game -- Raster Blaster
RIGHTW PIRATED Util -- Right Writer (writing style checker)
ROBOTRON PIRATED Game -- Robotron, hacked to read PUBLIC DOMAIN BY
ATARI. Don't pirates have any imagination?
ROGUE.EXE PIRATED Game -- Game very similar to the PD game HACK.EXE
ROMANTIC PIRATED Game -- Romantic Encounters at the Dome. Also RE.ARC
SEADRAG.ARC PIRATED Game -- Sea Dragon
SEE PIRATED Misc -- DeSmet editor
SFX PIRATED Util -- really AUTODEX (again!)
SM.COM PIRATED Util -- Realia's SPACEMAKER utility
SMAP PIRATED Util -- IBM Internal utility, with the copyright
notice blanked out and real author's name
() replaced by "Dorn W. Stickle".
SPYHUNT PIRATED Game -- Spy Hunter Game.
STARGATE.EXE PIRATED Game -- Hacked to say "PUBLIC DOMAIN BY ATARI,"
but don't you believe it! Be careful not
to confuse this 57 KB .EXE file with the
public domain STARGATE MERCHANT game, which
is a little 12 KB BASIC program by G. E.
Wolfworth.
STRIPKR PIRATED Game -- Strip Poker by Artworx
SUPERCAD PIRATED Misc -- Easy CAD, a drawing program -- LQR file
size is 242,660 bytes
SUPERKEY PIRATED Misc -- Superkey macro program
TEMPOFAP PIRATED Game -- Temple of Apshai
THEQUEST.BAS/EXE PIRATED Game -- The Quest
TIRES.EXE PIRATED Game -- Again, really bc's quest for tires
TREASURE PIRATED Game -- Pirate's Treasure game
ULTIII PIRATED Game -- Ultima 3
UTILITY PIRATED Util -- Norton's Utilities Arced and with the file
names changed. When run, however, the
programs display the copyright notice of
Peter Norton. Many other pirated utilities
could also go under the name UTILITY.
VOYAGERI PIRATED Game -- (Avalon-Hill Game)
VS PIRATED Util -- Also INTECH'S DOSMENU
WCKARATE PIRATED Game -- World Championship karate by Epyx
WG-BBALL PIRATED Game -- World's Greatest Baseball Game
WORSTR PIRATED Util -- Word Star, labeled as a 'great new editor'
XDIR PIRATED Util -- Pre-release version of DOS FILE TRACKER
XTREE PIRATED Util -- IBM's tree utility, an IBM "Personally
Developed" program.
ZAXXON PIRATED Game -- Hacked (sound familiar?) to say "PUBLIC
DOMAIN BY SEGA." Sorry, Charlie!
----------------------------------------------------------------------------
| MISCELLANEOUS ILLEGAL FILES: |
----------------------------------------------------------------------------
COPYWRIT MISC Patch -- Although the real COPYWRITE is going around
Bulletin Boards like fire, there is another
illegal file under the same name.
The former takes around 40 KB ARC-ed,
whereas this takes about 2 KB.
What I'm referring to is an archive of
1-3 files that explains how to remove
the serial numbers from copywrite. Now
it's allright to "unprotect" a program
for backup purposes, but removing serial
numbers can only lead to piracy.
LOCKPICK MISC Text -- This is a text file, usually with a
.TXT extension, that casually explains
how to pick locks. I'm not sure
whether this is illegal, but it's
definitely in poor taste.
MONOPOLY MISC Game -- The authors of all monopoly
programs are, according to a fairly reliable
source, being sued by Parker Brothers over
copyright infringements. These files may
become illegal soon, but as of this printing
they are still legal.
MOVBASIC MISC Util -- This highly illegal file breaks IBM copyright
on BASIC and BASICA. What it does is create
new files called SBASIC or SBASICA that run
"IBM BASIC" on an IBM clone. Guys, don't
you think that these clones don't run IBM
BASICA for a good reason? The clones
don't support BASICA because it's illegal!
XTALK MISC Patch -- Like Copywrite, there is a patch circulating
BBS's to remove the serial numbers from
Crosstalk.
----------------------------------------------------------------------------
| Many thanks to generous, continuous update contributions from: |
----------------------------------------------------------------------------
| |
| |
| 1. THE SOURCE information service. |
| 2. Jim Harrington |
| 3. Jim Golden |
| 4. You? |
----------------------------------------------------------------------------
This is the end of the "bad files list." The rest of this document
contains instructions on what to do if YOU run a trojan horse, an update
history, a glossary, and information on how and where to contact me with
updates.
----------------------------------------------------------------------------
| If you run a trojan horse.. |
----------------------------------------------------------------------------
While reading this, bear in mind that there is no better remedy for a drive
that has run a trojan horse than a recent backup..
The first thing to do after running what you think to be a trojan horse is
diagnose the damage. Was your [hard] drive formatted? Did the trojan
scramble your FAT table? Did every file get erased? Did your boot
sector on the [hard] drive get erased/formatted? Odds are that the
trojan incurred one of these four disasters.. After the initial
diagnosis, you are ready to remedy the problem.
1) If the trojan low-level formatted your [hard] disk:
Hope that you have a recent backup; that's the only remedy for
this disease.
2) If the trojan high-level formatted your [hard] disk:
There is only one way out of this mess, and that is to use the
MACE+ utilities by Paul Mace. MACE+ has two devices in it to
recover formatted disks, and believe me, they work! I will talk
more about the MACE+ utilities later.
3) If the trojan scrambled your FAT table:
Once again, there is nothing to do. However, there is a program
called FATBACK.COM (available on my board) that will back up your
FAT table in under a minute to floppy. Using FATBACK, it is easy
and non time consuming to back up your FAT regularly.
4) If the trojan erased file(s), and the FAT table is undamaged:
There are many packages to undelete deleted files. Norton
Utilities, PC-tools, MACE+, and UNDEL.COM will all do the job.
I recommend the first three, but they are more expensive than
the Public Domain program UNDEL.COM. When you are undeleting,
be sure to undelete files in the order of last time written to
disk. I know that PC-tools automatically lists undeletable
files in the correct order, but the other three may not.
5) If the boot sector on your [hard] disk gets erased/formatted:
There are four things to do if this happens, and the worst that
can happen is that you will go without a [hard] disk for a while.
To be on the safest side, back up everything before even proceeding
to step "A," although I can not see why it would be necessary.
A) Try doing a "SYS C:" (or "SYS A:") from your original DOS disk,
and copy COMMAND.COM back onto the [hard] drive after that.
Try booting and if that doesn't work try step B.
B) If you have the MACE+ utilities go to the "other utilities"
section and "restore boot sector." This should do the job
if you have been using MACE+ correctly.
C) If you are still stuck, BACK EVERYTHING UP and proceed to do a
low level format. Instructions on how to perform a low-level
format should come with your [hard] disk controller card.
Be sure to map out bad sectors using either SCAV.COM by Chris
Dunford or by manually entering the locations of bad sectors
into the low level format program. After the low level format,
if your have a hard disk, run FDISK.COM (it comes with DOS)
and create a DOS partition. Refer to your DOS manual for help
in using FDISK. Then put your original DOS diskette in drive A:
and do a FORMAT <drive letter>:/S/V. Drive letter can stand for
"C" or "B" depending on whether you are reformatting a hard disk
or not. Finally you are ready to attempt a reboot.
D) If you are still stuck, either employ some professional computer
repairmen to fix your drive, or live with a non-bootable [hard]
drive..
By now you may be saying to yourself:
"How can I get a hold of a 'MACE+' utilities package so that I can guard
against trojans? Why, MACE+ can recover a formatted drive, undelete
files, restore boot sectors, optimize a disk, and provide a disk cache!
Anyone can obtain these marvelous utilities in one of two ways: one is to
call up the Paul Mace Software Company (tm) and order them at a retail
of $ 79.95. The other is place an order for them at the WEST LOS
ANGELES PC-STORE, which supports next day UPS shipping! The BBS phone #
for the PC-STORE is at the end of this document.
----------------------------------------------------------------------------
| Update History: |
----------------------------------------------------------------------------
Version 1.0 Plans were drawn up for a "bad file" list and a dozen
bad files were entered in the list.
Version 2.0 Saw the addition of a short introduction and 3
more files. All work up to here was done by Tom Neff.
Version 3.0 Here Tom Neff and I started collaborating on the Dirty
Dozen. 22 files were added, and the introduction
was completely re-written. Version 3.0 had a total of
37 files.
Version 4.0 By this time I totally took over responsibility
of the DD, as Tom Neff lost interest. Another 30 or
so files were added to the list, making the DD 65+
files strong, as well as a few more additions to the
introduction.
Version 5.0 By the time I released version 5.0 to the public, the Dirty Dozen
was being greeted favorably and with enthusiasm
around the country. Updates started coming in with
regularity; the list prospered (if one can say that
about a list!). A few more paragraphs were added to
the introduction, and about 40 new files were bringing
the file total up to 103!
Version 6.0 The Dirty Dozen is now such a big project that
I am now writing it in stages. Although I am going to
make absolutely no effort to spread these "intermediate
versions," they will always be downloadable from my board.
This way if anyone so desires, they may keep an extremely
current issue of the DD, although the changes will only be
minor. You might think of stage "a" of issue #6 as version
6.1, stage "b" as version 6.2, stage "c" as version 6.3, etc.
New in version 6.0 is the following:
A) Many minor revisions,
B) 17 more files, bringing the total to 120!
C) Two new paragraphs in the introduction,
D) Instructions on how to recover from a trojan horse,
E) A comprehensive glossary,
F) This update history,
G) An acknowledgments section set up for major
contributors of information regarding new bogusware
H) A new bogusware catagory of "miscellaneous
illegal software."
Version 6.0a MOVBASIC.ARC and SBASICA added to the list of illegal files.
as well as six Trojan horses have been added to the list.
Version 6.0c NOTROJ.COM added to the trojan horse list.
Version 6.0d DOG102A.COM added to the hacked files list.
HACKED files separated from TROJAN files
Version 6.0e DANCERS.BAS added to the trojans list.
Version 6.0f 4 pirated files added, + NODISK-A and DMASTER to trojans
Version 6.0g NODISK-A removed from trojan horse list & placed into pirated
programs list. Monopoly warning issued in misc section.
added a few pirated programs. + DPROTECT added as trojan.
Version 6.0h EMMCACHE and TIRED added to trojan list, + PEII added.
Version 6.0i Added TOPDOS to Trojan list, and AUTOMAXX to HACKED list.
Version 6.0j Added QUICKREF to trojans list. Revised introduction,
and added a paragraph to the intro about modifying the DD.
Version 6.0k Moved paragraph about 'I'm not responsible for this
list' to the front of the file for legal reasons.
Also added the '*' convention for HACKED programs.
Version 6.0l Added FINANCE4 as a possible trojan. Added a few glossary
definitions.
Version 7.0 The major changes in this version took place in the
revision stages above. However, I still changed
quite a bit in version 7.0 compared to 6.0 revision
stage 'L;' for example, I added seventeen new pirated
programs, bringing the file total to a whopping 165!
Moreover, I rewrote virtually every paragraph in the dirty
dozen in order to 'stylize' (clean up the writing in) the
document. Once again I would like to thank all users who
called in updates to the Dirty Dozen; those users are the
people that encourage me to keep producing the dirty dozen!
----------------------------------------------------------------------------
| Glossary: |
----------------------------------------------------------------------------
| |
| I have intended this glossary at the beginning to intermediate |
| user; all experienced BBS users will be bored to death with this. |
| |
----------------------------------------------------------------------------
?Q? -- (? standing for any character). File extension for SQueezed
files. Squeezed files are unusable until unsqueezed by a
utility such as NUSQ.COM or USQ.COM. The advantage of a
SQueezed file is that it is smaller than a regular UnSQueezed
file, thus saving disk space and download time. ARChives are
more efficient than Squeezed files; that's why there are so
many more ARChives on BBS's these days. Example of the
extensions of SQueezed files: .EQE, .CQM, .LQR, .TQT,
.DQC, etc.
ABBRV -- abbreviation for the word: "abbreviation"
ARC -- File extension for an ARChive file -- many files combined
together to save space and download time that require ARC.EXE,
PKXARC.COM, ARCE.COM, or ARCLS.EXE to separate the
files in to runnable and readable (in the case of
text) form.
BAS -- abbrv for "BASIC," as in the programming language
BBS -- abbrv for "Bulletin Board System"
BBS's -- abbrv for "Bulletin Board Systems"
BOARD -- Also "Bulletin Board System"
BOGUSWARE -- software that is damaging to one or more parties
BOOT or -- to boot a computer is to restart it from scratch, erasing
REBOOT all TSR programs. One reboots by either powering
off and then back on, or pressing ctrl-alt-del at the same time.
BYTES -- Bytes measure the length of a file, with one
byte equaling one character in a file.
CACHE [disk] -- Area of memory set aside to hold recent data. All programs
then read recent data from that memory rather than from disk.
CLUSTER -- a phyical block on all [hard] disks, composed of sectors, that
holds data.
COM -- file extension for a file that is executable from DOS level
DD -- abbrv for "dirty dozen"
DOC -- abbrv for "documentation"
EMS -- Enhanced Memory Specification. An EMS card holds 2 MB extra mem.
EXE -- file extension for a file that is executable from DOS level
HACKED -- see "definitions" section
HIGH LEVEL
FORMAT -- This type of format is what most computer users view as
a regular DOS-format. That is, formatting a disk using
FORMAT.COM (included with DOS) is a high level format.
IBM -- International Business Machines
IBM OR COMP -- IBM computer or a 99% or greater IBM Compatible computer
KB -- Abbreviation for "KiloBytes," one Kb equals 1024 bytes
LBR -- Extension on Library files. Library files are really
many combined files like ARChives, but they require
different utilities to extract the individual files.
Some examples of such utilities are LUU.EXE, LUE.EXE,
LAR.EXE, AND ZIP.EXE. See "ARC"
LOW LEVEL
FORMAT -- This type of format is only executed on a hard disk, therefore
most hard disk low-level format programs come only with
a hard disk controller card. There are a few PD low-level
formatting packages, though. Most manufacturers low-level
format their hard drives at the factory. Low level formatting
is the first step in the three part formatting process; the
second step is to use FDISK, and the third is to execute a
high level format.
MB -- abbrv for "Megabytes," or "millions of bytes."
MISC -- abbrv for "miscellaneous"
OPTIMIZE -- to make all files on a disk "contiguous," or physically linked
together on a [hard] drive.
PATCH -- a file that is patched (combined) into another file
to change the original file in some way
PD -- abbrv for "Public Domain"
PIRATED -- see DEFINITIONS section in this issue.
RAM -- abbrv for "Random Access Memory." (memory used by software)
RBBS -- abbrv for RBBS-PC, a type of BBS (Remote Bulletin Board System)
ROM -- abbrv for "Read Only Memory." (memory used by hardware to boot)
SYSOP -- SYStem OPerator of a BBS
*TROJAN* -- see DEFINITIONS section in this issue.
TROJAN HORSE -- see DEFINITIONS section in this issue.
TSR -- abbv for "Terminate, Stay Resident" Synonym = "Memory Resident"
TXT -- abbrv for "text"
USU -- abbrv for "usually"
UNP -- abbrv for "unprotect"
UNPROTECT -- an "unprotect file" is a patch file that results in the
breaking of copy protection (no doubt for back up purposes).
UTIL -- abbrv for "utility"
WORM -- Trojan Horse
ZOO -- All files compressed with ZOO.EXE bear this file extension.
ZOO-compressed files are NOT compatible with ARC.EXE.
----------------------------------------------------------------------------
| Finally: |
----------------------------------------------------------------------------
If you have any additions or corrections for this list, send them to
Eric Newhouse at any of the following places: (in order of most frequented)
* The Crest RBBS (213-471-2518) (1200/2400) (80 MB)
[ This is my board ]
* The West LA PC-STORE (213-559-6954) (300/1200/2400) (50 MB)
* The Sleepy Hollow PCB (213-859-9334) (300/1200/2400) (108 MB)
* VOR BBS (415-994-2944) (300/1200/2400) (20 MB)
* The Source (leave E-mail to "Doctor File Finder" in IBM SIG #4)
Doctor File Finder (Mike Callahan) will relay your name
and update information to me.
----------------------------------------------------------------------------
End of file.
�