holly@fifi.isi.edu (Dennis Hollingworth) (06/12/91)
(PC) Protection evaluation with test virus. Posted for Dan Hirsh (818) 505-2285 I tested McAfee's SCAN77 using Rosenthal Engineering's new release of Virus Simulator (I've seen posted as VIRSIM11.COM on EXEC-PC, Compuserve and others). It seems that SCAN77 misses three boot sector viruses that SCAN76 found on the same disk. Both versions of SCAN found nine viruses in the .COM, four in the .EXE and seven in the test memory virus. THESCAN, F-FCHK and VIRX also found the test viruses, but Norton's Anti Virus couldn't find anything. There's been a number of postings about scanner producers bragging that their scanners search for more viruses than the next guys. Well, it's not how many viruses your scanner looks for that counts.... It's how many you can find!
mcafee@netcom.com (McAfee Associates) (06/13/91)
holly@fifi.isi.edu (Dennis Hollingworth) writes: >Posted for Dan Hirsh (818) 505-2285 > >I tested McAfee's SCAN77 using Rosenthal Engineering's new release of >Virus Simulator (I've seen posted as VIRSIM11.COM on EXEC-PC, >Compuserve and others). It seems that SCAN77 misses three boot sector >viruses that SCAN76 found on the same disk. Both versions of SCAN >found nine viruses in the .COM, four in the .EXE and seven in the test >memory virus. [rest of message deleted...] Rosenthal Engineering's VIRSIM program is a string-based virus simulator. As such, only scanners that use the same strings that VIRSIM uses will detect its "viruses." We regularly adjust our strings, so this why V76 would report viruses that V77 did not. Regards, Aryeh Goretsky McAfee Associates Technical Support - -- McAfee Associates | Voice (408) 988-3832 | mcafee@netcom.com 4423 Cheeney Street | FAX (408) 970-9727 | (Aryeh Goretsky) Santa Clara, California | BBS (408) 988-4004 | 95054-0253 USA | v.32 (408) 988-5190 | mrs@netcom.com ViruScan/CleanUp/VShield | HST (408) 988-5138 | (Morgan Schweers)