MARCHESF@PACEVM.BITNET (Dr Marchese) (07/10/90)
A question on File Shield if I may? Is File Shield supposed to detect all internal changes to a file, or just certain changes such as the change of the file's time/date stamp? Example, compile a program using MS 6.0 'C' and then use File Shield to protect the program. Then use Norton Utilities to edit the compiled file to change a letter in the copyright string. When I do the above, File Shield does not pick up the change, or in any event it does not report the change. If I change the time or date stamp, File Shield picks it up immediately.
NYYUVAL@WEIZMANN.BITNET (Yuval Tal) (07/12/90)
When a file, which has File Shield installed on it, is being executed, File Shield checks the file size and the file date/time. What Dr. Marchese did - he changed the file using Norton Utilities which does not change the file size or the file date/time stamp. File Shield is supposed to remove viruses not anything else! 95% of the viruses changes the file size and sometimes even the file date/time stamp. There are other viruses (the left 5%) which are considered as Stealth viruses like the 4096 virus. File Shield alone cannot detect that virus while the virus is active in memory because the virus hides its real file size. People who register File Shield also receive a very small devide driver (400 bytes) which is installed in the CONFIG.SYS and can identify whether a file was infected even if it was infected by the 4096 virus. - -Yuval Tal +--------------------------------------------------------------------------+ | BitNet: NYYUVAL@WEIZMANN Domain: NYYUVAL@WEIZMANN.WEIZMANN.AC.IL | | InterNet: NYYUVAL%WEIZMANN.BITNET@CUNYVM.CUNY.EDU | +----------------------+---------------------------------------------------+ | Yuval Tal | Voice: +972-8-474592 (In Israel: 08-474592) | | P.O Box 1462 | BBS: +972-8-471026 * 20:00-7:00 * 1200 * N81 | | Rehovot, Israel | FidoNet: 2:403/143 | +----------------------+---------------------------------------------------+ | "Always look on the bright side of life" *whistle* - Monty Python | +--------------------------------------------------------------------------+