@sun.acs.udel.edu:salamon@sun.acs.udel.edu (salamon) (01/10/90)
I hope I am not saying something that everyone already knows about,
but Newark Hall is infected with the Mac virus WDEF A. It is a very
infective virus. I took my work disk home inserted it into my mac
Plus and then went to open Disinfectant and by the time I ran it my
hard drive was infected, and I'm sure it wasn't infected before.
Even if it doesn't do any damage (am I right about this?) I find that
to be very obnoxious.
** ** | /Andrew/
/\ HAVE A NICE DAY! | self-styled Bleydion op Rhys
\____/ | salamon@sun.acs.udel.edu
|
ACSH@UHUPVM1.BITNET (James N. Bradley) (02/07/90)
Today, while I was disinfecting a Macintosh IIx with Disinfectant 1.6 I got a report saying that the desktop was infected at 3:36 p.m. on 2/6. Now, it just happened that it WAS 3:36 p.m. while I was doing the disinfecting. I was using a locked disk which checked clean both with Disinfectant 1.6 and Gatekeeper Aid. Since the locked disk was clean, it couldn't have infected the HD, right? The person involved swears that no other disks had been in his drives today. Any ideas? Jim Bradley Acknowledge-To: <ACSH@UHUPVM1>
dplatt@coherent.com (02/11/90)
+ Today, while I was disinfecting a Macintosh IIx with Disinfectant 1.6 + I got a report saying that the desktop was infected at 3:36 p.m. on + 2/6. + + Now, it just happened that it WAS 3:36 p.m. while I was doing the + disinfecting... + + Since the locked disk was clean, it couldn't have infected the HD, + right? The person involved swears that no other disks had been in his + drives today. The time-of-infection which Disinfectant reports is the "last modification time" for the infected file. This information is often useful when you try to track down a virus which infects applications, since most applications do not modify themselves when they are run... and hence the "last modification time" of the application will often be the time at which the virus infected the program. However, the Desktop file is modified _very_ frequently by the Finder... it may be modified any time you launch a new application, or drag an application from one disk/folder to another, or change any file's Get Info... comments. For this reason, the "last modification time" on the Desktop file is _not_ a reliable indicator of when your system was first infected. BTW, there's no reason (as far as I know) to install Gatekeeper Aid on the locked Disinfectant disk... as long as you keep the disk locked, no virus will be able to infect it. - -- Dave Platt VOICE: (415) 493-8805 UUCP: ...!{ames,apple,uunet}!coherent!dplatt DOMAIN: dplatt@coherent.com INTERNET: coherent!dplatt@ames.arpa, ...@uunet.uu.net USNAIL: Coherent Thought Inc. 3350 West Bayshore #205 Palo Alto CA 94303