Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!uakari.primate.wisc.edu!umriscc!mcs213e.cs.umr.edu!mcastle
From: mcastle@mcs213e.cs.umr.edu (Mike Castle {Nexus})
Newsgroups: comp.os.msdos.apps
Subject: Re: Virus Utility????
Message-ID: <2453@umriscc.isc.umr.edu>
Date: 22 Mar 91 02:47:32 GMT
References: <Mar.19.17.59.25.1991.3838@remus.rutgers.edu> <LyP7y2w163w@cybrspc>
Sender: news@umriscc.isc.umr.edu
Organization: University of Missouri - Rolla
Lines: 21

In article <LyP7y2w163w@cybrspc> roy%cybrspc@cs.umn.edu (Roy M. Silvernail) writes:
>
>McAfee's SCAN will scan .COM, .EXE, .SYS and .OV? files for you, as well
>as your boot sector. Beyond those types, scanning is of little value, since a
>virus must be executed to do any damage.

Oh, really?  What about franke.387 (a 80387 emulator)??  Scan won't scan it 
using defaults (someone posted /a as the option to force scanning of all 
files?), and franke wouldn't load as 387.sys or franke.sys.  What about 
windows .dll files??  What about Procomm aspect files (you can do lots of 
poking and peeking from those)??   

Granted, the last is a little far-fetched, but the idea is the same.  It is
possible to have executable code in files with other file names.


-- 
Mike Castle (Nexus) S087891@UMRVMA.UMR.EDU (preferred)       | XEDIT: Emacs
                mcastle@mcs213k.cs.umr.edu (unix mail-YEACH!)| on a REAL
Life is like a clock:  You can work constantly, and be right | operating
all the time, or not work at all, and be right twice a day.  | system. :->