U5434122@ucsvc.ucs.unimelb.edu.au (10/17/90)
I was wondering if anyone could clarify the situation with MacAfee's SCAN regarding [Stoned] and its variants, please. In the VIRLIST.TXT the original 'Stoned' is marked as 'Use CLEANUP' to remove, while 'Stoned II' is marked as 'Use MDISK'. The identifier which SCAN is supposed to report is [Stoned] for both of them, so how do you know which one you have, and which cleanup to use. The computers at the hospital where I study (which does have a site licence) have been infected with [Stoned] and CLEANP66 has worked, but I looked at the boot sector of a floppy and it had the message "Your PC is now stoned, LEGALISEd" with no mention of Marijuana. Is this a strain which overwrote the message with some extra code, or what? Which 'Stoned' do we have? MacAfee warns against loss of partition table data and total disk corruption when using CLEAN to remove 'Stoned' on non-standard machines. Would making CLEAN insist on putting a copy of the (infected) partition table in a file on a floppy disk remove the trauma of getting rid of this virus? If a hard disk were rendered unusable by CLEAN, it could be 'UNCLEANED', restoring the partition table to a usable form so the poor user could be given a second chance to back up before doing a low-level format. In any case, thank you, Mr MacAfee, for reducing the extra work which virus- writers have heaped upon us. Danny U5434122@ucsvc.ucs.unimelb.edu.au