Category : System Diagnostics for your computer
Archive   : FINDWRM1.ZIP
Filename : README

Output of file : README contained in archive : FINDWRM1.ZIP
³ ³
³ By Jason Mathews, November 1991 ³

This program finds and identifies filename conflicts,
which may be potential worm programs.

Compile this program with Turbo C with the following command:

tcc -O findworm.c

Use -O for optimization.

Type "FINDWORM [d:]", where d: is the drive to search for
potential worms.

Definition: A worm is a self-replicating, autonomous program (or set of
programs) that can replicate itself, usually over a network.
A worm is a complete program by itself unlike a virus which
is part of another program.

This program searches for worms that attach themselves to a specific
host executable program, such as the "Aids II Companion Virus". This "virus"
exploits the fact that .COM files have precedence over .EXE files. If two
programs, such as test.exe and, are in the same directory then is executed because it has precedence over test.exe. A worm can
therefore duplicate .COM files that act as companions to corresponding .EXE
files. The worm .COM file will be executed first, which can first duplicate
itself to override another .EXE file and then spawn the .EXE program process.
The .EXE program behaves as normal because it is no affected in any way, but
the .COM file is allowed to run first. The worm program completes it mischief
before giving control to the original requested program.

FINDWORMS will search for every .COM file and check if there is a
matching ".EXE" in the same directory. These ".EXE" files are overridden by
the corresponding ".COM" program. This ".COM" programs are detected and
displayed. Regardless of whether these programs are worms, there still exists
a conflict between these programs. It may just be some program that was
installed with the same name. For instance, there may be many and
install.exe files throughout the disk.

If there are many hidden ".COM" files with the file length then it is
most probable that they are worms. Carefully check all programs before
deleting anything. First rename, either the .COM filename or the .EXE
filename to something else, and then re-run both files, starting with the .EXE.
If the .COM file is a worm then it will not have the companion host .EXE to
execute and may cause errors.

  3 Responses to “Category : System Diagnostics for your computer
Archive   : FINDWRM1.ZIP
Filename : README

  1. Very nice! Thank you for this wonderful archive. I wonder why I found it only now. Long live the BBS file archives!

  2. This is so awesome! 😀 I’d be cool if you could download an entire archive of this at once, though.

  3. But one thing that puzzles me is the “mtswslnkmcjklsdlsbdmMICROSOFT” string. There is an article about it here. It is definitely worth a read: