padgett%tccslr.dnet@mmc.com (A. Padgett Peterson) (06/12/91)
>Just that our experience that I wished to share was that with a >checksummer in place and use of SCAN, you can end up with every last >EXE/COM file on you hard disk looking very sick indeed. >Mike Lawrie >Director Computing Services, Rhodes University, South Africa >....................<ccml@hippo.ru.ac.za>.......................... I agree, such activity is possible which is why I recommend that techs be properly trained (ours get two full days) before being allowed to work on suspected viruses. CHKDSK & DEBUG anre powerful tools in trained hands as are MANIFEST, MEM, & MAPMEM. Scanners are very good automated tools for problems they hve seen before and can take care of 98% of our problems: the other 2% just have to be handled manually - see below - -------------------------------------------------------------------- >From: dwe29248@uxa.cso.uiuc.edu (Derek William Ebdon) >Subject: Re: Hong Kong on MircoTough dist. disks (PC) >One thing that Mr. Doss forgot to mention is that although Central >Point Anti-Virus v1.0 can easily romove the Asuza virus from a floppy, >it cannot remove the virus from a hard drive. The only way to >disinfect a hard drive is to redo the low level format because the >virus infects the boot sector and the dos partition. A high level >format will not remove the virus, nor will simply removing the dos >partition with the fdisk program. NO, NO, a thousand times NO !I have never seen an infection that requires low level formatting (besides, on some newer disks you can't) Azusa is one of the easier to remove (believe I posed instructions some time ago) - certainly easier than the MusicBug which can also be removed. If the problem is understood, formatting is never necessary. Azusa can be removed just using debug if you know what you are doing. Just because one generic tool does not know how to do it does not mean it cannot be done. Warmly, Padgett