User`s guide
VIRUS BULLETIN ©1991 Virus Bulletin Ltd, 21 The Quadrant, Abingdon Science Park, Oxon, OX14 3YS, England. Tel (+44) 235 555139.
/90/$0.00+2.50 This bulletin is available only to qualified subscribers. No part of this publication may be reproduced, stored in a retrieval system, or transmitted
by any form or by any means, electronic, magnetic, optical or photocopying, without the prior written permission of the publishers.
VIRUS BULLETINPage 6 August 1991
So it is possible to delete all of the DOS partitions with
FDISK and (depending on the version of FDISK), lose all of
the data held within the partitions. However the virus would
still be in place and when you recreated the same or different
partitions and started to boot from the drive, the virus would
be active again!
To force FDISK to rewrite the boot record, you need to use a
disk editor and remove the signature 55AA from the last two
bytes of the boot sector. Then when you run FDISK it will
allow you to recreate the partition table and rewrite a valid
boot sector program over the top of any virus code.
Also on the subject of removing virus code from DOS boot
sectors, a FORMAT is suggested. While this will indeed
remove the virus it will obviously remove any data as well.
An equally effective and less hasty solution is the humble
SYS command which removes the virus leaving data intact.
While in the writing mood, may I change the subject and raise
another point for discussion. What follows are my personal
opinions:
Firstly, I must say that I look forward to receiving VB and
enjoy reading it immensely. However, I am tiring now of
some of your reviewers’ aggressive stance against any new
approaches to the virus problem.
[1]
Whenever I see a review by Keith Jackson I know exactly
what to expect. He will complain about lack of an index
[2]
,
then he will tell me that the product confused him and finally
he will launch into an outright slanging match against these
filthy people who have dared to offer a product that could
possibly stop a virus.
[3]
I have no doubt that some products are less than perfect, but
surely it is in all computer users interests to encourage any
attempts to stem the tide of virus activity. There will always
be bad reviews but all of Keith’s reviews are bad!
[4]
Do you
just give him the dross to keep him quiet or is he trying to
become the Nina Myskow
✝
of the virus world?
[5]
As a comparison I offer the review by Fridrik Skulason in the
same issue. This is a review, he offers the pros and cons so the
reader can make their own mind up and keeps his personal
opinions to a minimum.
[6]
In Keith Jackson’s review of the Knoxcard (with which I have
absolutely no connection) he has the audacity to write that the
card manufacturer is lying when they say that a single virus
could not disable all the various Knoxcards. I am not suggest-
ing that they are right or wrong, but if they suggest that this is
correct they should be given the benefit of the doubt.
The final straw came when he actually suggested that the
Virus Bulletin or one of its reviewers should set out to crack
the cards security. When I read this I was appalled!
[7]
Is this magazine for the anti-virus community or hackers and
the virus writing community? I believed and hoped the former
was the case.
[8]
The Virus Bulletin has earned it’s place in the anti-virus
community, letting reviewers express personal views with
which they have little to back up, not only opens that reviewer
but also the Virus Bulletin itself open to ridicule and possibly
even legal repercussions.
Yours sincerely,
Kevin Powis
Visionsoft Ltd.
[The tutorial article ‘Fixed Disk Boot Sectors and Post-Attack
Recovery’ (VB, July 1991, pp. 5-9) never stated that a Master
Boot Sector virus could be removed using FDISK. It said
instead that FDISK could be used to edit the Partition Table,
which is correct. Ed.]
Dr. Jackson comments...
[1]
I strongly resent the charge that I complain about new
methods of combating viruses. I complain about methods that
don’t work.
[2]
Manuals without indexes are not helpful to the user. It is a
sad comment on the standard of most manuals that this must
continually be mentioned.
[3]
If I have ever resorted to a slanging match then I humbly
apologise. I notice that Mr. Powis offers no example of such
conduct.
[4]
As for all my reviews being bad, I let the record stand for
itself. I’ve recently written favourable reviews of Dr. Solo-
mon’s Anti-Virus Toolkit and VISCAN. On the other hand
when products do not perform, I feel obliged to point this out
- I am answerable to VB’s general readership and not anti-
virus product manufacturers such as Mr. Powis.
[5]
Nina Myskow! If only I was paid as much as her!!!
[6]
As for just offering the pros and cons of a product, consider
the last two reviews by myself published in VB. They were a
scanner program that detected <10% of the virus test-set and a
hardware product that kept locking up my computer. Am I
really supposed to overlook such shortcomings?
[7]
This was a joke written in total frustration, of course I did
not intend that VB should actually do this!
[8]
To claim that VB has done anything else than help combat
viruses is just plain silly.
Finally, I plead guilty to the charge of criticising deeply
flawed products. Developers should make sure that a product
works before marketing it and not complain when reviewers
discover gaping holes in their oft hyped-up claims.
✝
Nina Myskow is a British TV critic noted for her scathing reviews.
K.J.