csw76@seq1.keele.ac.uk (J.C. Kohler) (03/26/91)
I have a computer which is infected by the Whale virus, but none of the virus-scanners I use can find it. I found the virus on the computer about a week ago, using McAffee's scan. I removed the infected files, but it keeps coming up. I have tried to find it with scan, f-prot and AVS. Is this because it is a stealth virus??? I think I'm going to do a low-level format on the disk now, to prevent any trouble in the fututre. But could anybody tell me why it is impossible to find it. Many thanks in advance, Christian Kohler University of Keele, United Kingdom csw76@uk.ac.kl
frisk@rhi.hi.is (Fridrik Skulason) (04/02/91)
csw76@seq1.keele.ac.uk (J.C. Kohler) writes: >I have a computer which is infected by the Whale virus, but none of >the virus-scanners I use can find it. I found the virus on the >computer about a week ago, using McAffee's scan. I removed the >infected files, but it keeps coming up. Ono possible explanation might be that most existing scanners only detect the "standard" 30 forms of the Whale, but recently some new forms have appeared. There are rumors they are created by a "configuration" program which swaps out entire modules, if it finds Whale present in memory, but this has not been confirmed. - -frisk