AL380382@VMTECCHI.BITNET (Ramon Bartschat) (04/23/91)
Hi there....
I have the following question:
A friend of mine was using the VIRUCIDE program, so I copied it
to try it out, but when I got home and scanned it with SCAN V67 the
program told me that VIRUCIDE was compressed with LZEXE and that it
was infected internally with the Kennedy Virus and with the 12 Tricks
Troyan Horse. I could never find out any unusual behaviour in
VIRUCIDE. So what's wrong with VIRUCIDE ???? Right now I got a
secured copy of VIRUCIDE, in case it's really infected with Kennedy &
12 Tricks.
Ramon.
*******************************************************************************
RAMON BARTSCHAT AL380382@VMTECCHI (Bitnet)
AL380382@VMTECCHI.CHI.ITESM.MX (Internet)
Computer Science Student at: ITESM
INSTITUTO TECNOLOGICO Y DE ESTUDIOS SUPERIORES DE MONTERREY CAMPUS CHIHUAHUA
*******************************************************************************
[BEWARE: This file will self-destruct, not in 5 seconds... but in 3 seconds]
*******************************************************************************sunset@leland.stanford.edu (Igor Grebert) (04/28/91)
AL380382@VMTECCHI.BITNET (Ramon Bartschat) writes: >Hi there.... > > I have the following question: > > A friend of mine was using the VIRUCIDE program, so I copied it >to try it out, but when I got home and scanned it with SCAN V67 the >program told me that VIRUCIDE was compressed with LZEXE and that it >was infected internally with the Kennedy Virus and with the 12 Tricks >Troyan Horse. I could never find out any unusual behaviour in >VIRUCIDE. So what's wrong with VIRUCIDE ???? Right now I got a >secured copy of VIRUCIDE, in case it's really infected with Kennedy & >12 Tricks. This problem only appears on the very first version of VIRUCIDE, when checked with SCAN. It was a false alarm generated by SCAN. The problem has been solved, and the version you have works perfectly, even though it is a little outdated: Parson's Technology upgrades VIRUCIDE quite often, every two to three month, I believe. The current version number is 2.10, and a next release is due soon. Igor Grebert.
p1@arkham.wimsey.bc.ca (Rob Slade) (04/30/91)
AL380382@VMTECCHI.BITNET (Ramon Bartschat) writes: > A friend of mine was using the VIRUCIDE program, so I copied it > to try it out, but when I got home and scanned it with SCAN V67 the > program told me that VIRUCIDE was compressed with LZEXE and that it > was infected internally with the Kennedy Virus and with the 12 Tricks > Troyan Horse. I could never find out any unusual behaviour in > VIRUCIDE. So what's wrong with VIRUCIDE ???? Right now I got a > secured copy of VIRUCIDE, in case it's really infected with Kennedy & > 12 Tricks. Copied it, eh? Well, we'll let that pass for the moment ... You will have noticed that VIRUCIDE is, in fact, a McAfee Associates product, for all that it is marketted by Parsons Tech. Therefore, the signature strings used in VIRUCIDE will be very close to those used in SCAN, and that is likely to cause the program to give some false positives. There is nothing ~wrong with either program, at least not as indicated by waht you saw. Why it said VIRUCIDE was compressed is a new one on me. ============= Vancouver p1@arkham.wimsey.bc.ca | "Don't buy a Institute for Robert_Slade@mtsg.sfu.ca | computer." Research into (SUZY) INtegrity | Richards' First User Canada V7K 2G6 | Law of Data Security | Security