lgeorge@melbcae.edu.au (01/31/89)
Hi. We have just had our first run in with a virus, in particular nVIR strain B. My thanks to the NET for all the wonderful advice and software used to eradicate the virus. Now that we have had some experience with a virus, I took some time to test out all the software that we received from the NET, and here are some of my finding... The one big dissapointment is that Vaccine 1.0.1 _STILL_ bombed when it ran an infected problem, and I _thought_ that was one of the fixes to Vaccine 1.0. RWatcher is **MARVELOUS**, as it was this that caught the virus and brought it to our attention, but I do have just one problem with RWatcher. One of the entries in the RLIS resource insists on being of type INIT, and it cannot be cleared, so on some of my RLISs entries [I keep one for each virus type] have unused resource slots, simply because that type of virus doesn't have an INIT resource associated with it, like INIT29 for example. Not sure if this has been fixed, but nobody else has mentioned it. Another small problem with RWatcher is that empty resource slots in the RLIS resources trigger a virus warning when you try and copy Virus Rx, since it contains a resource of type ' ', which would match with an empty slot. A viral INIT that I have, but has not been mentioned is one called Viral Arm. I haven't _actually_ purchased it, so I don't want to get myself into ANY trouble. Name : Viral Arm 9.0 (c) : 1988 Burrada It 'feels' A LOT like Vaccine, and in fact has the same bomb problem as Vaccine. It has a different icon, and when I brought Vaccine 1.0.1 to my mac it took on that icon. It came to me at about 90k, but I found an 80k snd resource init, and taking it out brought it back to about 9k. Ta. George Stamatopoulos La Trobe University - Lincoln School of Health Sciences Melbourne Victoria Australia PS. does anyone have info/programs for removing Hpat and/or INIT29, just in case they are approaching on the horizon. I suppose you could rename and renumber all the Hpat resources back to their nVIR equivalents and then run Antipan, but life is too short.
jln@accuvax.nwu.edu (John Norstad) (02/03/89)
Hi - I'm John Norstad, the author of RWatcher. > RWatcher is **MARVELOUS** Thanks! I'm very suprised that so many people seem to be using RWatcher. It's such a simple little INIT that it's almost a triviality. I wrote it for what I thought was a rather small audience (non-MPW Mac programmers), but other people seem to be using it too. In fact, I hacked it together for a friend at Stanford who manages a programming lab (Lance Nakata), and I distributed it on INFO-MAC and comp.sys.mac.programmer as an afterthought. I've always thought of RWatcher as more of a good example of how to write simple INITs in assembly language, rather than as a really significant virus fighting tool. > One of the entries in the RLIS resource insists on being of type INIT, > and it cannot be cleared... I noticed this too. I think the one I had problems with was the second to last RLIS resource (in my distributed version 1.0). This is a problem with ResEdit 1.2b3, not RWatcher. ResEdit doesn't seem to like my RLIS template for some reason. > ...so on some of my RLISs entries [I keep one for each virus type] > have unused resource slots, simply because that type of virus doesn't > have an INIT resource associated with it, like INIT29 for example. ... > Another small problem with RWatcher is that empty resource slots in the > RLIS resourses trigger a virus warning when you try and copy Virus Rx, > since it contains a resource of type ' ', which would match with an > empty slot. I would advise against this. Don't use empty RLIS resources. This isn't a problem with RWatcher, it's a problem with the way you've configured it. By the way, INIT29 DOES have an associated INIT resource (INIT 29 - that's how it got its name!) John Norstad Academic Computing and Network Services Northwestern University Bitnet: jln@nuacc Internet: jln@acns.nwu.edu AppleLink: a0173
xxiaoye@eleazar.dartmouth.edu (Xiaoxia Ye) (02/04/89)
In article <10330128@accuvax.nwu.edu> jln@accuvax.nwu.edu (John Norstad) writes: > >Hi - I'm John Norstad, the author of RWatcher. > >> RWatcher is **MARVELOUS** > >Thanks! I'm very suprised that so many people seem to be using RWatcher. I am using Rwatcher as well, because of it's versatility. However, I don't have a list of all the viruses, their ID # and Resource types that I would need to add them into Rwatcher with ResEdit. Does anyone have such a list (of all the known viruses, their Resource types and ID#) ?? And, as the author says in his documentation that if I don't write any INITs, DRVRs CDEF, I should be adding those to the list of resources to watch into Rwatcher. However, I don't quite understand how I would have to input them into Rwatcher (as you can see, I am only starting to learn Macintosh programming). Another rather elementary question: How would I add the aforementioned resource types into Rwatcher? I have succesfully installed the RLIS (?) template into ResEdit 1.2b3. I opened up the RLIS resource in Rwatcher, and found that their are no empty slot into which I can insert new resource types. How would I *add* into the list? Please E-mail me or post if you prefer any answer/tips. I will post a summary if neccessary. >John Norstad >Academic Computing and Network Services >Northwestern University > >Bitnet: jln@nuacc >Internet: jln@acns.nwu.edu >AppleLink: a0173 Thank you all so much! ________________________________________________________________________ Xiaoxia Ye INTERNET/BITNET/UUCP: xxiaoye@eleazar.dartmouth.edu Dartmouth College For more info: finger xxiaoye@eleazar.dartmouth.edu