How to install, configure and update Virex




How to install Virex

A copy of the file you need to install Virex is on isis. It's in Utilities -> Virex -> Virex.sit. The procedure for installing is:
  1. Do a search for Virex on your Mac and drag everything Virex-related to the Trash.
  2. Search for other virus-related software: Disinfectant, VirusScan, and SAM Antivirus. Make sure none of them have Extensions or Control Panels installed. If they do, drag them to the Trash.
  3. Copy the Virex.sit file to the Utilities folder. If there isn't one, please create one.
  4. Restart the Mac while holding the Shift key down. (To turn off extensions.)
  5. Double-click the Virex.sit icon. That should start Stuffit Expander. (If it doesn't, find Stuffit Expander, double-click it then use its File->Expand menu to select the Virex.sit file.)
  6. The result of the expansion will be a Virex folder containing a bunch of Installer Documents (in the same location as the Virex.sit file.) Double-click the icon labelled Installer.1
  7. Follow the instructions to install Virex. Ask it to remove previous copies (gets rid of the demo version). When it reports successful installation and recommends that you re-start the Mac, please do restart the Mac.
  8. The installation creates a fresh Virex folder at the top level of the hard disk. Locate the original Virex folder in the Utilities folder (it's the one with the Installer documents) and drag that folder to the Trash. Replace it with the new Virex folder (which has the Virex application and a ReadMe file).
  9. Locate and double-click the "Virex Virus Update 0?-??-98" file with the most recent date in its name to update the virus definitions file. It should start up Virex and ask if you want to update the virus definitions file. After you say yes it should give you a message that it has successfully updated the file.
  10. Go into the Virex Control Panel and configure it according to the instructions below.
  11. Go to the Virex folder and double-click the Virex 5.8 icon. Click the Preferences button. Again there will be a slider bar on the left. Under Diagnose make sure the box labelled "Diagnose Compressed Files" is NOT checked, then click the Save button.
  12. Now click the Repair button to run a scan to find and repair any infected files.
If you run into any problems or have any questions, please contact Janet.

back to the top

configure Virex

Check the Virex Control Panel on that Mac, to make sure regular scans are occurring. Under the Apple Menu, select Control Panels-> Virex Control Panel.
      If error message occurs saying that this is the demo version, go back and reinstall virex.
Click the Preferences... button. There is a slider bar on the left side. Use it to go to Scheduling. Highlight that icon and see if the box marked "Schedule Scan For" is checked. If not, please click it and choose a time when the Mac will be on but no one will be working on it (e.g. 1 am) then click the box on the right marked "All Local Volumes". In the lower right corner under "Repeating", click and select "Daily".

back to the top

update Virex

Instructions for updating Virex are simple. Point your Web brower to:
http://www.drsolomon.com/products/virex/updateno.cfm
and look for the date on the current update file. In general, if it's later than the date that shows up when you start Virex, you should follow the instructions on the Web page to update your copy. Currently, the date that appears at the bottom of the Virex window should be 05/19/98.

back to the top

'release notes'

from Mike Groh, Product Development Manager, Dr Solomon's Software, Inc. (Tue, 19 May 1998)

VIREX UPDATE 05_19_98 AVAILABLE - DETECTS NEW AUTOSTART WORM

AutoStart 9805-B, a variant of the AutoStart 9805 worm, has been discovered. Like its predecessor, it uses the same Quicktime AutoStart mechanism to spread. However, it has several distinct characteristics:

  • The worm files are named "BD" and "Desktop Printr Spooler".
  • The computer system is not restarted immediately after the initial infection.
  • It deletes the original AutoStart 9805 worm files when spreading to previously infected volumes.
  • It does not spread to network volumes.
  • It triggers every three minutes to spread, and every six minutes to damage files.
  • Files are only damaged if the ":Extensions:Printer Descriptions" folder contains files whose names don't begin with "ACR", "GEN", "COL", "LAS", or "DIS".
  • Files of types 'JPEG', 'TIFF', and 'EPSF' with a length greater than 10242 bytes are damaged.
  • Files are damaged by overwriting data beyond the first 10242 bytes, up to approximately 1 Mbyte, with random data.
  • Not more than 20 files are damaged per trigger.
  • After December 24, 1998, this worm will stop spreading and damaging files.

Many of these changes make this worm much less noticeable than the original AutoStart 9805 worm. Both appear to have been written by the same person.

Virex Virus Update 05_19_98 and later will detect and remove the Autostart 9805-B worm. The update is available from our web site at http://www.drsolomon.com/products/virex/.



back to the top Janet Saffer, Ph.D.
phone: 662 3095
pager: 812 1215
send email


link to the PENN Virex page.

back to the top
Last Revision: May 7, 1999