There is currently no known PD program that is explicitly a virus carrier. Sometimes a program gets infected and is uploaded to a BBS. This was the case, for example, of Stuffit 1.21, as an infected version of that program has been uploaded to a texan BBS. HOWEVER, THIS WAS A LOCAL INFECTION. This virus never made it far outside Texas, and was discovered just a few days after it was uploaded.
Really important in that business is the Leitmotiv "Don't Panic". We are at the fourth nVIR wave on our site, because some institutes just don't care about disk hygiene until they are struck by a virus themselves. But then, it is already (almost) too late...
There is a virus discussion list on BITNET and I encourage everybody who has access to that net to sign up. Send the following interactive message to LISTSERV@LEHIIBM1.BITNET: SUBSCRIBE VIRUS-L "Your full name"
Below is a list of the virus detection/killer programs I know of, with a short description of what they're doing. I have Vaccine CDEV, Interferon,Virus-Rx, KillScores, VirusDetective, VCheck, nVIR Vaccine and Ferret,but I really only use Vaccine CDEV and Interferon as detection programs, and one of the killer programs if it really gets tough (KillScores, nVIR Vaccine). Oh, and the dukakis vaccine, of course, which you have to install only once in your Home stack.
The documentation has been written by Joe McMahon and is available as Hypercard stack.
By the way, Joe's address is:
Code 631 Bitnet : XRJDM@SCFVM
NASA/Goddard Space Flight Center CompuServe: 72330,554 Greenbelt,
| Internet: macman@ifi.ethz.ch Voice : yodel three times |
---------------------------------------------
--------------- Text follows -------------------
Product name: Vaccine 1.0
Author: Don Brown, CE Software
Price: Free
Agreements: No fee must be charged for Vaccine and it must not be modified.
Class: Automatic, general prevention.
Vaccine is a CDEV and designed to provide Rpartial protection from worms and viruses.S It does this by trapping attempts to write executable resources to any file on your system. Vaccine will respond to any such attempt by displaying a dialog showing the resource type which is being added and the file to which it is being added. The user may either prevent or allow this access.
---------------------------
Product name: Interferon 3.1
Author: Robert Woodhead
Price: Free (optional donation; see details)
Agreements: Copyrighted, but permission given to reproduce and distribute.
Class: Manual, general detection. File deletion.
Interferon 3.1 is a Rsearch, report and destroyS application. It recognizes the known viruses, and can delete files which are deemed to be infected.
Interferon is probably the most comprehensive of the virus-checking programs. It is set up to check likely areas for invasion by new viruses in addition to checking for known ones.
---------------------------
Product name: Virus Rx
Author: Apple Computer
Price: Free
Agreements: Copyrighted, but may be distributed freely.
Class: Manual, general detection.
Virus Rx scans for common symptoms of viral attack, such as INIT, RDEV, and CDEV files in the system folder, unusual CODE 0 resources, and others. It produces a report in a text file, which may be saved or printed as a record of disk status.
Virus Rx does not disinfect applications or systems. Accompanying documentation recommends replacement of infected files.
---------------------------
Product name: VirusDetective*
Author: Jeffrey S. Shulman
Price: $10
Agreements: Copyrighted; permission given to distribute.
Class: Manual, general detection/removal.
VirusDetective* provides an anti-viral program in a desk accessory. It currently searches for Scores and nVIR infections, but is easily customizable to search for other resources.
Version 1.2 allows you to produce a log file show the status of all files, files suspected of infection, and files not suspected of infection.
---------------------------
Product name: KillScores
Author: MacPack User Group, Dallas TX
Price: Free
Agreements: Copyrighted, but permission given to reproduce and distribute.
Class: Manual, specific detection/removal.
KillScores efficiently discovers and repairs applications and systems infected with the Scores virus. It does not look for nor does it remove any other type of viral infection. KillScores seems to be more effective than Ferret in cleaning up infected applications and systems.
---------------------------
Product name: VCheck
Author: Albert Lunde, Northwestern University
Price: Free
Agreements: Copyrighted. See details about distribution.
Class: Manual, general protection.
VCheck checks for changes in the contents of the active system folder, the boot blocks, and on all applications on all mounted volumes. It does not remove viruses, but simply warns of their possible existence by detecting RdangerousS resources. VCheck keeps a checksum file for all of the above items for comparison purposes. VCheck is written in Turbo Pascal and source is provided.
---------------------------
Product Name: nVIR Vaccine
Author: Mike* Scanlin
Price: See details; source in May 1988 MacUser
Agreements: Copyrighted; distribution restrictions unclear.
Class: Manual, specific (partial) removal.
nVIR Vaccine is a specific targeted at the RnVIRS virus. It removes this virusonly from applications which are infected with it.
nVIR Vaccine is not an automatic program. You will have to select all of the programs to be disinfected manually. Also, nVIR Vaccine does not remove the virus from the System file. See the details for how to do this.
---------------------------
Product name: Sniffer
Author: Unknown
Price: Free
Agreements: See details
Class: Manual, general detection.
Sniffer is a simple application which can be customized to search for a given resource. Sniffer will scan for the selected resource, check for applications which have non-standard CODE 0 resources (a possible symptom of infection), and can rename files which are possibly infected.
Sniffer does no disinfection. You must know the types and IDs of the resources which are to be looked for.
---------------------------
Product name: Ferret 1.0
Author: Larry Nedry
Price: Free
Agreements: Copyrighted, but permission given toJdistribute.
Class: Manual, specific detection/removal.
Ferret 1.0 is an application which scans for and removes the Scores virus only. It scans the selected files for the Scores signature resources. It they are found, they are removed and the affected applications repaired.
There have been reports that Ferret is not as good as KillScores and that version 1.1 may in fact leave viral resources applications after cleaning.
---------------------------
Product name: Blood Test
Author: Doug Werner, Apple Computer
Price: Free
Agreements: All rights reserved; not distributable.
Class: Manual, specific and general detection.
Blood Test looks for specific resources and reports if they are found. It can check for damaged applications (i.e., those with bad resource forks), and can also check for patched trap addresses in the system trap dispatch table.
Blood Test does no disinfection; it is simply a means of detecting possible infections.
---------------------------
Product name: Dukakis Vaccine
Author: Ian Summerfield, Apple Computer UK Ltd.
Price: Free to everyone except the originator of the virus.
Agreements: No distribution restrictions.
Class: Automatic, specific and general detection/prevention.
Dukakis Vaccine is a HyperCard script designed to both detect the Dukakis virus and to prevent its invasion into stacks. The script is general enough to be of utility in blocking other HyperCard-only viruses.
Dukakis Vaccine only monitors changes to scripts; it cannot block viral XCMDs or XFCNs. It does not remove the virus, but blocks it and alerts you to the virus's presence.
