dplatt@coherent.com (Dave Platt) (01/04/89)
This week's issue of MacWeek contains a report (page 3) of a new Mac
virus discovered at the University of California. This virus is
reported to be "particularly virulent"; if your machine is infected,
the virus will [attempt to] infect new disks as soon as they're
inserted. It isn't necessary to launch an application to trigger an
infection attempt, as is the case with SCORES and nVIR.
The new virus has been dubbed "INIT29" by the Computer Virus Industry
Association, after one of the resources that it installed. The
signature of this new virus: CODE resources (712 bytes) are added to
applications, and INIT resources (ID=29, 712 bytes) are added to "all
other files."
Also mentioned in this report is the "Hpat" strain of the nVIR virus,
reported in this newsgroup a couple of weeks ago.
An accompanying article mentions three new/updated antiviral programs
that should be available soon: VirOut (a package that includes both a
"vaccine" and a "serum") by Mainstay; an updated version of Virex
(Robert Woodhead's commercial successor to Interferon) that will detect
both Hpat and INIT29; and an updated version of VirusDetective, a
shareware antiviral d/a by Jeffrey Shulman.
Disclaimer: I'm only reporting what I just read; if it's not correct,
well...
--
Dave Platt FIDONET: Dave Platt on 1:204/444 VOICE: (415) 493-8805
UUCP: ...!{ames,sun,uunet}!coherent!dplatt DOMAIN: dplatt@coherent.com
INTERNET: coherent!dplatt@ames.arpa, ...@sun.com, ...@uunet.uu.net
USNAIL: Coherent Thought Inc. 3350 West Bayshore #205 Palo Alto CA 94303chrisj@ut-emx.UUCP (Chris Johnson) (01/05/89)
In article <17098@coherent.com> dplatt@coherent.com (Dave Platt) writes: >An accompanying article mentions three new/updated antiviral programs >that should be available soon: VirOut (a package that includes both a >"vaccine" and a "serum") by Mainstay; an updated version of Virex >(Robert Woodhead's commercial successor to Interferon) that will detect >both Hpat and INIT29; and an updated version of VirusDetective, a >shareware antiviral d/a by Jeffrey Shulman. There's another new antivirus program (this one's free) called "GateKeeper". It's a general purpose antivirus INIT/cdev designed to prevent viruses from successfully operating/spreading. It also aides in analyzing viruses by maintaining a log of the (apparently), virus-related operations that occur. It is effective against nVIR and Scores, but has not been tested against these new viruses. For myself, I expect that it'll be effective against them as well, but that's just an educated guess. It has been posted to comp.binaries.mac, and is already available from sumex at Stanford. Hope this helps, ----Chris