walker@AEDC-VAX.AF.MIL (William Walker C60223 x4570) (05/07/91)
Brian Daniel ( BDANIEL@USCN.BITNET ) writes: > Question#1: Why does NETSCAN find the virus & SCAN not find the virus? > . . . > Question#4: Why is it only the LOG.COM file from PC-Magazine tht I've had > for several years that shows up and infected? I reassembled LOG.COM from the original source (I use a modified version of it) on a known clean machine and ran both SCAN (v76C) and NETSCAN (v76) on it. My results were comparable with Brian's. Apparently, SCAN and NETSCAN are using two different search strings for the Tester Virus. Also apparently, a portion of the code in LOG.COM coincidentally matches the string NETSCAN uses to identify the Tester Virus. I guess it was only a matter of time before this type of thing occurred (or has it occurred before???). Aryeh Goretsky may wish to verify these findings (many apologies if I spelled your name wrong). BTW, NETSCAN also found the Tester Virus in my modified version of LOG.COM, and the v77 versions of SCAN and NETSCAN give the same results as the v76 versions. I don't have the Tester Virus search strings to try Norton Antivirus on those files. Bill Walker ( WALKER@AEDC-VAX.AF.MIL ) | OAO Corporation | Arnold Engineering Development Center | "I'd like to solve the puzzle, Pat" M.S. 120 | Arnold Air Force Base, TN 37389-9998 |