RMAP222@EUCLID.UCL.AC.UK (on GEC 4190 Rim-E at UCL) (02/27/90)
I had a following problem: when I requested a directory of my floppy
disk, the machine (Toshiba 3100, DOS 3.2) read the floppy directory
just once, ie, every successive request for floppy directory displayed
the data from the ram, WITHOUT re-reading of actual data from the
floppy. Even when chan- ging the floppy, the same thing occured, ie
directory of the previous floppy was displayed. I decided to check for
the virus and downloaded McAfee's SCAN/CLEAN package (Ver. 2.7 V57)
from our public domain archive (Lancaster University). I ran the SCAN
and it reported 1701/1704 Version B virus, with id code [170X] in
about 10 *.com files (command.com was one of them). I replaced the
infected command.com (booted from a clean floppy, ran SCAN, and
replaced command.com), and then, since my backup's are at home, ran
CLEAN, which claimed that it has repaired those remaining com files.
Two of infected files (CED.COM and DOSEDIT.COM) where OK, ie following
the CLEAN, I ran the CED (DOSEDIT - not at the same time), and re-ran
the SCAN, and everything was OK. A number of other files
(MODE.COM,MORE.COM,MOUSE.COM,LIST.COM,GREP.CO where apparently clean
(CLEAN reported that it has succesfully recovered them) BUT after
running them (they behaved as they should), SCAN again reported that
1701/1704 was IN THE MEMORY, but couldn't find them IN THE FILES. Can
anyone (maybe John McAfee) comment on that?
Best regards,
Nino
*******************************************************************************
*JANET: N.Margetic@uk.ac.ucl.euclid | Mr. Nino Margetic *
*EARN/BITNET: N.Margetic%euclid.ucl.ac.uk@ukacrl | University College *
*INTERNET: N.Margetic%euclid.ucl.ac.uk@cunyvm.cuny.edu| Dept. of Med. Physics *
*Phone: [+ 044-1 | 01] 380-9846 | 11-20 Capper Street *
*FAX: [+ 044-1 | 01] 380-9577 | London WC1E 6AJ *
*******************************************************************************