rogers@marlin.nosc.mil (Rollo D. Rogers) (06/01/90)
Original-From: CAH0@bunny.gte.com (Chuck Hoffman) Original-Newsgroups: comp.sys.mac,comp.sys.mac.programmer Original-Subject: ALERT about VIRUS in vendor-distributed product Original-Date: 31 May 90 18:30:43 GMT On May 25, I received the Diskworld diskette for May from Softdisk Publishing in Shreveport, Louisiana. I run Virex 2.6 (among others) which intercepted the mount of the diskette and gave me a warning that the diskette has a known strain of the WDEF virus. Naturally, I chose the "Eject" option of Virex, so the mount never was completed. WDEF is simple, but difficult. Simple in that it lives in the invisible desktop file of each disk or diskette. So it can be eliminated by rebuilding the desktop file by holding down the command and option keys during the mount (or during startup, for an internal hard disk or SCSI). Difficult for the same reason. The gurus tell us that, if you are unaware of the virus, by the time you see the diskette icon on your desktop display, ALL the other disks (including internal and attached SCSI) will already have been infected. I did a controlled experiment of my own a few months ago, and found that this was true. I called Softdisk Publishing to report my experience, and spoke with a woman who said they already knew of the virus problem. She suggested that I simply reinsert the disk while holding down the command and option keys to rebuild the desktop file, but I asked her to send me a clean copy of the diskette instead. Lesson? "Doesn't matter if the box is snazzy. Use virus detectors to protect your azzy." - -Chuck - - Chuck Hoffman, GTE Laboratories, Inc. cah0@bunny.gte.com Telephone (U.S.A.) 617-466-2131 GTE VoiceNet: 679-2131 GTE Telemail: C.HOFFMAN