jln@accuvax.nwu.edu (John Norstad) (08/05/89)
Another Macintosh virus named "nFLU" has been discovered at the University of Minnesota. This virus is identical to nVIR B, except for the name change. Disinfectant version 1.2 has been configured to recognize nFLU. We recommend that all Disinfectant users obtain a copy of this new version. Version 1.2 has been submitted to CompuServe, AppleLink, comp.binaries.mac, and info-mac. It should be available from those sources soon, as well as from many other bulletin boards, commercial online services, user groups, and Internet archive sites. The program is also available now via anonymous FTP from site acns.nwu.edu (129.105.49.1), in directory pub/disinfectant. Macintosh users without access to electronic distribution channels may obtain a copy by sending a stamped, self-addressed envelope and a floppy disk to the author at the address below. Version 1.2 also contains a few other minor changes. For a detailed list of all the changes see the section titled "Version History" in the online document. Disinfectant is free. Features: - Detects and repairs files infected by Scores, nVIR A, nVIR B, Hpat, AIDS, MEV#, nFLU, INIT 29, ANTI, and MacMag. These are all of the currently known Macintosh viruses. - Scans volumes (entire disks) in either virus check mode or virus repair mode. - Option to scan a single folder or a single file. - Option to "automatically" scan a sequence of floppies. - Option to scan all mounted volumes. - Can scan both MFS and HFS volumes. - Dynamic display of the current folder name, file name, and a thermometer indicating the progress of a scan. - All scans can be canceled at any time. - Scans produce detailed reports in a scrolling field. Reports can be saved as text files and printed with an editor or word processor. - Carefully designed human interface that closely follows Apple's guidelines. All operations are initiated and controlled by 8 simple standard push buttons. - Uses an advanced detection and repair algorithm that can handle partial infections, multiple infections, and other anomalies. - Careful error checking. E.g., properly detects and reports damaged and busy files, out of memory conditions, disk full conditions on attempts to save files, insufficient privileges on server volumes, and so on. - Works on any Mac with at least 512K of memory running System 3.2 or later with HFS. - Can be used on single floppy drive Macs with no floppy shuffling. - Extensive online document describing Disinfectant, viruses in general, the Mac viruses in particular, recommendations for "safe" computing, Vaccine, and other virus fighting tools. We tried to include everything in the document that the average Mac user needs to know about viruses. John Norstad Academic Computing and Network Services Northwestern University 2129 Sheridan Road Evanston, IL 60208 Bitnet: jln@nuacc Internet: jln@acns.nwu.edu AppleLink: a0173 CompuServe: 76666,573
lbaum@bcsaic.UUCP (Larry Baum) (08/07/89)
In article <1002@accuvax.nwu.edu> jln@accuvax.nwu.edu (John Norstad) writes: >Another Macintosh virus named "nFLU" has been discovered at the >University of Minnesota. This virus is identical to nVIR B, >except for the name change. > I use VirusDetective. What strings should I add to the search set to detect this virus. Thanks -- Larry Baum Advanced Technology Center Boeing Computer Services uucp: uw-beaver!bcsaic!lbaum (206) 865-3232 internet: lbaum@atc.boeing.com
shulman@sdr.slb.com (Jeff Shulman) (08/15/89)
The search strings for nVIR (and all the other viruses) in VirusDetective 3.0.1 are resource type independent. This means you do not have to change *anything* to detect nFLU (and any future mutations of this kind). Jeff Shulman VirusDetective Author Winner 1989 BCS Software Award -- uucp: ...rutgers!yale!slb-sdr!shulman CSNet: SHULMAN@SDR.SLB.COM Delphi: JEFFS GEnie: KILROY CIS: 76136,667 AppleLink:KILROY