shull@scrolls.wharton.upenn.edu (Christopher E. Shull) (09/24/89)
Macintosh Virus Experts:
I have just finished the second draft of a roughly two page
guide to fighting machintosh viruses. (The first draft was proofread
only within my group, so don't feel left out if you didn't see it.)
This set of instructions is fundamentally the advice I have been
loosing my voice repeating. To save my voice, I have written it down.
Please mail your comments, suggestions and constructive criticism to
shull@wharton.upenn.edu, so I can enhance this document.
In the meantime, if you are tired of explaining how to defend
against viruses and you like what I have written, please feel free
to distribute my "Guide to Fighting Macintosh Viruses: Instructions
for the Rest of Us", subject only to terms of the Copyright Notice.
Thanks in advance!
- -Chris
%--cut here-------------------------------------------------------
R E Q U E S T F O R C O M M E N T
Guide to Fighting Macintosh Viruses:
Instructions for the Rest of Us
September 23, 1989
Christopher E. Shull
The Wharton School
University of Pennsylvania
Shull@wharton.upenn.edu
Disclaimer and Copyright Notice
This document may help you understand and cope with Macintosh
viruses. It may however fail in this objective. Use it at your own
risk. Neither the author, Christopher E. Shull, nor his employer,
the University of Pennsylvania, make any warranty, either express
or implied, with respect to the information contained herein.
Copyright 1989, University of Pennsylvania. Permission is granted
to make and distribute copies of this document, provided this
disclaimer and copyright notice are preserved on all copies. The
document may not, however, be sold or distributed for profit.
Instructions
This file describes how to cope with Macintosh viruses.
1) Do Not Panic. As of this writing, all known Macintosh viruses
are easily detected, destroyed and prevented.
2) Read these instructions from front to back, and then follow
them step by step.
3) Using Disinfectant to Find and Kill Viruses.
a) Obtain a boot-able diskette containing the program
Disinfectant from a trusted source. Disinfectant was written
by John Norstad of Northwestern University. The current
version is 1.2, dated August 4, 1989. (This is also a good
time to get copies of Vaccine and GateKeeper, which are
described in steps 5) and 6).
b) Write Lock this diskette by sliding the write protect tab to
the open position (so you can peek through the little hole).
c) Start or Restart your Mac from this diskette.
d) Run Disinfectant by doubling clicking on its icon, and then
following the simple on-screen instructions:
Please read the instructions before running Disinfectant
for the first time. Click on the About button.
Special key summary. Hold down the key(s) while
clicking on the Scan or Disinfect button. (See the
instructions for details.)
No keys = Scan or disinfect the selected disk.
Option key = Scan or disinfect a single folder or file.
Command key = Scan or disinfect a sequence of floppies.
Option and Command keys = Scan or disinfect all drives.
Note that Disinfectant suggests that you read its documentation
first (by clicking the About button.) This is an excellent
idea. However, if you are in a hurry and willing to risk using
software you don't understand, just read the summary above and
then click on the Disinfect button while holding down the
appropriate key(s) (Scanning before Disinfecting has no benefit
for normal folks).
e) Disinfectant will report the details of its work in its center
window.
f) Examine the summary report to make sure all viruses were
removed and no errors were encountered. If there were errors,
try to fix the problems and disinfect the problem files or
device again. If they do not go away, you need to read the
instructions or get help from a Mac expert.
g) When Disinfectant reports that no Viruses have been found, your
main disk is clean. After disinfecting, be sure to restart
your computer so memory resident viruses are destroyed! This
is an excellent time to Disinfect all of your diskettes using
the command key-Disinfect button combination. The next step
is to make sure you don't get any more viruses in the future.
4) Using Disinfectant to Prevent Viruses.
a) Disinfectant can be used to prevent the spread of viruses
simply by scanning and disinfecting every new diskette that you
ever use on your Mac, and every diskette that you use on
someone else's Mac, and every program you buy or download.
b) Because this requires a conscious, methodical and conscientious
effort, an automatic method of preventing the spread of viruses
is desirable.
5) Using Vaccine to Prevent Viruses.
a) Vaccine, by Donald Brown of CE Software, Inc. is a Control
Panel Document. The current and last version is 1.0. (The
author declines in advance to fuel the escalating viruses and
defenses game.)
b) To use Vaccine, just copy it into your System Folder and
restart your computer. You do not want to do this until your
System Folder has been disinfected (see step 3), or your
computer may not be able to start.
c) Vaccine is now at work. No further configuration is required,
although some is possible.
d) To configure Vaccine, select Control Panel from the Apple menu,
then select the Vaccine icon on the Control Panel, and follow
the Instructions therein.
e) As Vaccine's instructions explain, it may prevent some viruses.
For more rigorous defense, you will need to use GateKeeper.
6) Using GateKeeper to Prevent Viruses.
a) GateKeeper, by Chris Johnson, is also a Control Panel Document.
The current version is 1.1.1, dated June 26, 1989, and is much
easier to configure than version 1.1.
b) Using GateKeeper requires more study on the part of the user,
but should result in a more rigorously defended system.
c) The first step in using GateKeeper is therefore to read, from
front to back, the GateKeeper Introduction and the GateKeeper
Release Notes documents, which come with GateKeeper in MacWrite
format and are therefore readable in most Macintosh word
processing programs.
d) Following the instructions therein you can tighten your Mac's
defenses against Viruses.
7) If Vaccine or GateKeeper Detects a Virus, return to Step 3) to
remove it.
8) Join a Macintosh Users' Group so you can keep abreast of virus
developments. This is important, because new viruses will
appear that manage to circumvent the safeguards above, but we
will simply develop new programs to combat them.