TIP: Click on subject to list as thread!

ANSI

echo:	virus_info
to:	ANDREAS MARX
from:	KURT WISMER
date:	1997-06-20 23:11:00
subject:	Re: Virus checker
-=> Mocking Andreas Marx to Michael Mueller <=- > Hmm, whats an decent scanner? McAfee not - it does allways find viruses in > BMPs and other stuff. Dr.Solomon - yep, but it had false alarms too just > try writing 'Mr. Twister' (w/o ') at the top of a file, scan it with > version 7.71 and you'll be surprised. AM> Yes, he finds a new variant of a virus called "Mr Twister.ow". I'm AM> very surprised, than everybody at Dr Solomon's told me that only if AM> Findvirus finds at least 2 Signatures it will show an alert message. AM> I see, this is not the truth... :-( correct, it is not the truth... findvirus doesn't use signatures (in fact signature is a misnomer anyways)... they perform a crc of the code from where they expect to find the virus (exact identification)... the declaration of "mr twister.ow" is suggestive of something that i admit i'm guessing at here... i KNOW that with findvirus "ow" means overwrite/overwriten/etc... that makes it an overwriting virus... it could be mistaking the file with "Mr. Twister" at the top of it as an infected or otherwise damaged file modified by the virus in question... there are some viruses that overwrite files with non-viral code, or even simple text strings... also, findvirus will say "like " if it has some commonalities with known infected files and "identified as the virus" if it's certain... > Do not remember wich version this stuff appeared first but it still worked > with 7.7x and still works. As prove I've appended a realy litt uuenccoded > proggy, that does nothing than delting a file 'antivir.dat' in the current > directory. So create such a file and run TbClean on the appended program. > After TbClean finished the 'antivir.dat' will be missed. I tested this > with Tbav 8.00 (note: have 8.02 too but not installed yet). AM> Yes, it still works. But only, if you rename the "anti-vir.dat" file AM> of tbav 8.01 to "antivir.dat". Esass know about that problem over AM> nearly 3 years - and has nothing done agaeinst it... :-( storing integrity data on anything other than a floppy disk is a questionable exercise to begin with... ... don't scan this tagline, it has the 141$FLU... --- TGWave v1.20.b09 --------------- * Origin: fks Online! * Ontario, Canada * (905)820-7273 * (1:259/423)
SOURCE: echomail via exec-pc

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.