| Title: | The Digital way of working |
| Moderator: | QUARK::LIONEL�ON |
| Created: | Fri Feb 14 1986 |
| Last Modified: | Fri Jun 06 1997 |
| Last Successful Update: | Fri Jun 06 1997 |
| Number of topics: | 5321 |
| Total number of notes: | 139771 |
MS-DOS ANTI-VIRUS SOFTWARE on company-wide site license
WORD MACRO VIRUSES ARE SCANNED FOR!!!!!!
The latest F-PROTECT version 2.20 is now available from:
MINOTR::USER6:[VIRUS]C_F_PROT.EXE is a self-decompressing 27 file kit
1180 blocks long and in block 512
sequential format, world readable.
(file was compressed with PKZIP 2.04G,
in this compressed form it MUST NOT
be distributed outside the company)
Uncompressed copies of the kit may be handed to interested parties with
the agreement that the kit is shareware, and payment for continued use
must be agreed upon between the author (see ORDER.DOC and ORDER2.DOC
files in the kit) and the recipient of the shareware. Digital is not
involved in the transaction in any way.
MINOTR::USER6:[VIRUS.F-PROT] is a world readable subdirectory containing
an uncompressed V2.20 kit.
MINOTR::USER6:[VIRUS.FP2_20] is a world readable subdirectory containing
an uncompressed V2.20 kit.
Program size growth continues - be warned:
VERSION 2.20 F-PROT is 109,680 bytes and VIRSTOP is 45,238 bytes
VERSION 2.19 F-PROT is 109,635 bytes and VIRSTOP is 45,182 bytes
VERSION 2.18A F-PROT is 107,666 bytes and VIRSTOP is 44,004 bytes
VERSION 2.17 F-PROT IS 107,794 bytes AND VIRSTOP is 42,874 bytes
The "Order" files are included, unchanged, for the information of any
customer with whom you leave a copy of this shareware. As stated above,
it must be left in UNCOMPRESSED FORM. Our license from PKWare does NOT
permit the self-exploding version to be given outside the company. As we
have a site license - worldwide companywide - the order data is of no
interest to Digital employees or contractors.
-------------------------------------------------------------------------
What follows is an abridged version of the file NEW.220 in the kit.
Version 2.20 - major changes:
F-PROT will now scan .DO? (typically .DOC and .DOT) files by default.
This is done because of the Microsoft Word Macro-based viruses that
appeared recently. This behavior can be disabled with the /NODOC
command-line switch.
The instructions for uploading viruses to us have now been changed. A
different PGP key is now included with the package, so that instead of
the key belonging to Fridrik Skulason, the key that should be used belongs
to Frisk Software International. See NEW-VIR.DOC for up-to-date
information on how to send us virus samples.
The "E-mail update service" address has changed - see UPDATES.DOC.
Version 2.20 - the following false alarms were fixed:
DLL.COM : Possibly a variant of Australian_Parasite
LXDSPS.COM : Possibly a dropper program for a new variant of Stoned
PCUNPACK.EXE : MtE
WSASRV.EXE : MtE
Version 2.20 - new viruses:
The following 2 viruses are now identified, but can not be removed as
they overwrite or corrupt infected files. Some of them were detected by
earlier versions of F-PROT, but not identified accurately.
HLLO.7227
VCL.Windoze
75 new viruses can now be removed. Many of them were
detected by earlier versions, but are now identified accurately.
...
28 new viruses are now detected and identified but can not
yet be removed.
...
Of interest to the technical SWAT members:
Technical addendum. This version was copied over the Internet. The
process failed repeatedly when the copy was to the 1.44 meg diskette
in the A: drive. It appeared there was a "choke program" at the EDU
site which strangled the allocated CPU time when the command time
became excessive - like copying 588,338 bytes at 2K bytes per second.
The transfer rate using the A: varied from 7.2 to 0 K bytes per second.
When the copy target was changed to the Pathworks drive M: the
transfer rate jumped to over 20K bps and the transfer completed before
the choke program dropped the allocated time slices.
CISG will be supplying net copies from now on. The mail and customs delays
are excessive for the diskette deliveries.
| T.R | Title | User | Personal Name | Date | Lines |
|---|---|---|---|---|---|
| 4236.1 | Windows 95 ? | CHEFS::MORRISC | Wed Nov 01 1995 09:21 | 4 | |
Can this be installed on a Windows 95 system or is it purely Msdos 6.x
Window 3.XX
Chris
| |||||
| 4236.2 | should scan froma dos box | TESA::WILSOND | learning as i go | Wed Nov 01 1995 14:12 | 10 |
more experiences have been ... you can run it from a Windows95 DOS Box
and it will scan (and detect-report a virus).
as noted earlier this afternoon ... or corporate license is for a DOS
F-Prot. hence, it does not have a "Windows" interface and have
limitations in coverage when applied to virus that are Windows95 specific.
but, again .. i am not an expert here
d
| |||||
| 4236.3 | F-Prot for Win NT3.51 | ESSB::RMCDONAGH | Thu Nov 02 1995 06:13 | 5 | |
Will this version run on WinNT 3.51.
If so, how do I configure it.
Thanks.
| |||||
| 4236.4 | NT is too different from Dos/Windows | HSOSS1::HARDMAN | Digital. WE can make it happen! | Thu Nov 02 1995 08:14 | 6 |
Re .3 I don't know if F-prot will work with a FAT file system under NT.
I doubt it. But when run on my system formatted with NTFS it reports
"No Hard Drives Found". :-)
Harry
| |||||
| 4236.5 | SMURF::PBECK | Rob Peter and pay *me*... | Thu Nov 02 1995 09:16 | 5 | |
F-PROT can read the NT FAT system, but if memory serves it can't do
a full scan of a drive because NT protection steps in (presumably
when it's trying to check for boot viruses). I have used it under NT
to check downloaded EXEs by pointing it to the directory they're in.
| |||||
| 4236.6 | plugh.ibg.ljo.dec.com::needle | Money talks. Mine says "Good-Bye!" | Thu Nov 02 1995 15:26 | 4 | |
Anyone have this somewhere that doesn't require DECnet? Or is this for Pathworks users only? j. | |||||
| 4236.7 | NT - BOOT virus | TESA::WILSOND | learning as i go | Tue Nov 07 1995 07:39 | 3 |
F-Prot DOS variant is unlikely to detect a BOOT virus, but many
traditional BOOT virus will not affect a NT system (if memory serves me
correct). now ... could the NT system be a carrier?
| |||||
| 4236.8 | Virus code can be transferred, even if it can't run | CHEFS::RICKETTSK | Rebelwithoutapause | Wed Nov 08 1995 03:57 | 9 |
Yes, the NT system could be a carrier, in the same way as a VMS
system could be. A VMS system cannot itself be infected by a DOS virus;
however, if (for instance) you copied an image of an infected disk (or
file) to a VMS file, it would create an infected disk (or file) if the
image was later copied back to another disk. So don't assume that,
because you are copying stuff from a non-DOS system, you can't get a
DOS virus.
Ken
| |||||
| 4236.9 | New stuff on the way | MINOTR::BANCROFT | Wed Dec 06 1995 16:26 | 7 | |
We are close to releasing the SWEEP suite of anti-virus tools.
Allen Ritche is heading the pilot effort and the tools currently
cover NT, OS2, and Novell as well as DOS. The WIN95 edition is also
promised this month.
These tools work very differently from F-PROT.
You might want to read up on them in the document area:
MINOTR::SWEEP:[SWEEPDOC]
| |||||