fitz@noao.edu (Mike Fitzpatrick) (09/07/90)
A friend of mine seems to have come down with a virus for her Mac in a sleazy back-alley software exchange that is now threatening to ruin several months worth of work on her thesis. The comp center has run SAM (sic?) on the affected floppy, which reports a virus is present, but she is unable to rid her system of the thing. I've snagged VirusDetective 4.0.2c from the comp.binaries.mac group, but was hoping some kind netter could provide me with any clues as to how to diagnose the problem, and preferrably a program that can detect and eliminate the virus. I'm fairly unfamiliar with Macs and the exact nature of her problem (I haven't actually sat at the terminal yet), but was hoping for some informed opinions before I went in and tried my hand at this. Thanks in advance for any help..... Mike Fitzpatrick fitz@noao.edu (602) 325-9387
owen@raven.phys.washington.edu (Russell Owen) (09/12/90)
Get Disinfectant. It will tell you which files are infected, and possibly even remove the infection, though it is best not to rely on this. Disinfectant is free via anonymous ftp from various sources. stanford-aim.stanford.edu ought to have a copy. If it doesn't and you have any trouble finding it, let me know. My suggestion for how to use Disinfectant: 1) get Disinfectant 2) run it and select "install protection INIT" 3) reboot (at this point viruses cannot spread on your Mac) 4) run Disinfectant again and SCAN your disk to find out which files are infected. To fix an infected file, I suggest the following, in order: - if you have a backup, replace the infected file - if you don't have a backup, and it's a document (data file), try opening the file in the application which created it and saving a new copy (with Save As...). Use Disinfectant to scan the new copy to be sure it's virus-free, and if it is, delete the old copy. - if all else fails, let Disinfectant try to remove the virus from the file. But remember this may corrupt the file. Good luck. Russell Owen owen@raven.phys.washington.edu Astronomy Dept. FM-20 University of Washington Seattle, WA 98195