firmiss@cae.wisc.edu (06/08/91)
I've been using Disinfectant since version 1.6 and I've had a few
questions I've wanted to ask for quite a while.
1. I believe since version 2.0, Disinfectant had the ability to install
a protection INIT. The thing is only 5k... What does it DO?...
Does it just give a warning if something is being infected?
What does it look for?
2. I remember hearing that using Disinfectant AND the old virus protection
CDEV(?) "Vaccine (TM) 1.0.1" was a bad idea (Vaccine somehow rendered the
Disinfectant INIT useless or something to that effect).
Is it also a good idea to remove the INITs "KillVirus" (Icon is a
needle with the word nVIR next to it). and "Kill WDEF - virus INIT"
(Icon is just a standard document icon)? I know these are pretty old
too. (at least I don't have "Ferret" and "Kill Scores" and those other
related relics)
2a. Almost forgot... What about "SAM (TM) Intercept" INIT... I know it's
newer but do "SAM" and "Disinfectant" interfere with each other?
My current version of Disinfectant is 2.4... Is this the most current
one? I've had it for about 6 months now.
+ - - + |... P_lasma --- James Firmiss (Foxx Fox) ---
- + + - |... S_ource --- firmiss@cae.wisc.edu ---
+ + - =====>+ I_on --- Univ. of Wisc. Madison ---
- + - |... I_mplantation --- Materials Science Program ---
- + - + - |..._______________________________________________________
"Beep. Beep Beep. Beep Beep." - vi editorebates@madvax.uop.edu (06/12/91)
firmiss@cae.wisc.edu writes: >I've been using Disinfectant since version 1.6 and I've had a few >questions I've wanted to ask for quite a while. > >1. I believe since version 2.0, Disinfectant had the ability to install > a protection INIT. The thing is only 5k... What does it DO?... > Does it just give a warning if something is being infected? > What does it look for? I'm not John Norstadt, but I have seen the INIT function when I tried to run an infected program. It displayed a dialog box stating that the application was infected and that I should run Disinfectant to get rid of the virus. The application never was started and it went back to the Finder. >2. I remember hearing that using Disinfectant AND the old virus protection > CDEV(?) "Vaccine (TM) 1.0.1" was a bad idea (Vaccine somehow rendered the > Disinfectant INIT useless or something to that effect). > Is it also a good idea to remove the INITs "KillVirus" (Icon is a > needle with the word nVIR next to it). and "Kill WDEF - virus INIT" > (Icon is just a standard document icon)? I know these are pretty old > too. (at least I don't have "Ferret" and "Kill Scores" and those other > related relics) I have not experienced these problems. The only virus protection/eradication we use in our student labs is Disinfectant 2.4 (and INIT) and Gatekeeper Aid 1.1. Gatekeeper Aid automatically removes WDEF A. >2a. Almost forgot... What about "SAM (TM) Intercept" INIT... I know it's > newer but do "SAM" and "Disinfectant" interfere with each other? I have had no problems with Disinfectant and Gatekeeper Aid, and see no reason to go through the expense of SAM with all of this good, FREE stuff. > >My current version of Disinfectant is 2.4... Is this the most current >one? I've had it for about 6 months now. Yes, it's the most current version. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Edwin J. (Ed) Bates MADVAX Administrator/Postmaster Technical Support Specialist Internet: ebates@madvax.uop.edu Office of Information Technology AppleLink: U1441 University of the Pacific Telephone: (209) 946-2251 Stockton, CA 95211 Fax: (209) 946-2898
MAIMER@kuhub.cc.ukans.edu (Big fish man on hippocampus) (06/12/91)
firmiss@cae.wisc.edu writes: > I've been using Disinfectant since version 1.6 and I've had a few > questions I've wanted to ask for quite a while. > > 1. I believe since version 2.0, Disinfectant had the ability to install > a protection INIT. The thing is only 5k... What does it DO?... > Does it just give a warning if something is being infected? > What does it look for? If the virus is in an application, the an alert is displayed saying Disinfectant INIT found a virus and that it should be removed with Disinfectant. It will not let the program run. If the virus is in the Desktop, a similar alert will be shown, the Finder will run, but the virus will be "contained," kept from furthering the infection. This INIT only checks applications when they are run and do not check documents (i.e. Hypercard stacks). > > My current version of Disinfectant is 2.4... Is this the most current > one? I've had it for about 6 months now. As far as I know... - -- |\ \\\\__ Tony Maimer __ | \_/ o \ / | > _ (( <_ / | | / \__+___/ maimer@kuhub.cc.ukans.edu /o /_/| |/ |/ < )) _ < \ \ \| \ | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
lunde@casbah.acns.nwu.edu (Albert Lunde) (06/15/91)
firmiss@cae.wisc.edu writes: > 1. I believe since version 2.0, Disinfectant had the ability to install > a protection INIT. The thing is only 5k... What does it DO?... > Does it just give a warning if something is being infected? > What does it look for? It is small because it is written in assembly, with no configuration options. It tries to prevent virus infection from being successful, and issue an informative message via the notification manager. The means used to block infection vary according to the virus. Like Disinfectant it is effective against a list of known viruses, and tries to be specific enough to avoid false alarms. It does not scan files on every inserted disk for say, nVIR. > 2. I remember hearing that using Disinfectant AND the old virus > protection > CDEV(?) "Vaccine (TM) 1.0.1" was a bad idea (Vaccine somehow > rendered the > Disinfectant INIT useless or something to that effect). > Is it also a good idea to remove the INITs "KillVirus" (Icon is a > needle with the word nVIR next to it). and "Kill WDEF - virus INIT" > (Icon is just a standard document icon)? I know these are pretty old > too. (at least I don't have "Ferret" and "Kill Scores" and those > other > related relics) We are currently advocating that general users at Northwestern use only the Disinfectant INIT and not Vaccine or Gatekeeper Aid, and that they get periodic updates. The risk from unknown viruses seems balanced by the reduced grief to general users. The rate of virus spread is slow enough that this is workable. Vaccine presents unclear messages, bombs on application startup under many real infections and is bypassed by other newer viruses and has a few minor bugs unrelated to viruses. Gatekeeper Aid has occasionally removed the CODE resources from my running applications. Like the other Gatekeeper tools, I think it is useful for advanced users, but too paranoid and subject to false alarms for average Mac users. There is a tradeoff between detecting suspicious activity and being quiet and specific. (See discussion in the Disinfectant online help.) I would not recommend "KillVirus" - it seems to be one of many early nVIR tools, that are not as generally effective as the Disinfectant INIT. I know nothing about "Kill WDEF - virus INIT", but it is not needed if you use the Disinfectant INIT. > 2a. Almost forgot... What about "SAM (TM) Intercept" INIT... I know it's > newer but do "SAM" and "Disinfectant" interfere with each other? I think that these can co-exist, but I don't remember which takes priority. > My current version of Disinfectant is 2.4... Is this the most current > one? I've had it for about 6 months now. Yes 2.4 is current - see John's prior post about it and system 7. Albert Lunde - Northwestern University This post represents neither NU Albert_Lunde@nwu.edu or John Norstad