jln@eecs.nwu.edu (John Norstad) (11/08/88)
We're currently experiencing an nVIR outbreak on campus. Much to my suprise and dismay, I've discovered that Apple's Virus Rx 1.0a2 DOES NOT detect nVIR! I've tested it against two different strains of nVIR, and it completely misses both of them. It fails to detect both infected system files and infected applications. That's the reason for this posting - this fact may be common knowledge in some circles, but I wasn't aware of it, and I think it's important. I currently recommend Interferon 3.1 as the best general-purpose virus detector. I've tested it, and it does catch both of the nVIR strains that I have, as well as Scores. However, DO NOT try to use Interferon to get rid of an infection - it does not properly repair infected applications, and will leave them irreparably damaged. Use AntiPan and KillScores to get rid of infections (see below). I've also tested the AntiPan program that recently appeared at Rascal.ics.utexas.edu. It's an nVIR eradicator. It seems to work well in getting rid of both strains. We're using it to fight our nVIR infection. My current recommendations for virus-fighting tools are Vaccine for protection (efective against Scores and both nVIR strains), Interferon for detection, KillScores for Scores eradication, and AntiPan for nVIR eradication. All of these tools are available via anonymous FTP from Rascal, and from many other sources. Both Scores and nVIR have been around for quite some time now (about a year). Despite tremendous publicity and a collection of good virus- fighting tools, they both continue to spread like wildfire, especially at Universities. I've been receiving tons of mail lately from people asking for help fighting infections. Please, people, get a copy of Vaccine and use it religiously. Practice safe hex! John Norstad Academic Computing and Network Services Northwestern University Bitnet: jln@nuacc Internet: jln@nuacc.acns.nwu.edu
pv9y@vax5.CIT.CORNELL.EDU (11/10/88)
One caveat to John's article concerning nVIR tools. While he is correct about Virus Rx being next to useless at reliably finding nVIR, I can't recommend AntiPan completely. I've found in fairly extensive testing that AntiPan fails fairly frequently to remove the virus from applications. I've found that Vaccination, also found on Rascal, does a better job, but unfortunately Vaccination doesn't see the System or Finder and so can't do a complete job. Virus Detective isn't bad for that, but it is a bit clumsier to use, so I recommend that you use a combination of AntiPan and Vaccination for eradication. For prevention, both Vaccine and KillVirus seem to do a pretty good job, although KillVirus sets off Interferon because of its fake nVIR resource. For detection, Interferon 3.1 and VirusWarning INIT are the way to go. VirusWarning beeps whenever an infected application starts up and thus helps detect infections before they get a chance to do much at all. Adam pv9y@vax5.cit.cornell.edu
cmccabe@cdp.UUCP (11/13/88)
<subject on Virus Rx not detecting nvir virus.> Very true, interferon seems to be the best for detecting nvir. A new version of Virus RX should be out soon which will address these problems. A note on Nvir: When you have id'ed which apps are infected, the best thing to do to leave interferon and toss those apps away, rather than relying on the eradicate virus opiton in the menus of Interferon, as I've had some difficulty making it go away without trashing. Charles McCabe Micro-Computing Support Group Apple Computer. AppleLink: MCCABE.C