Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!uwm.edu!uakari.primate.wisc.edu!polyslo!vlsi3b15!vax1.cc.lehigh.edu!sei.cmu.edu!krvw From: yale!slb-sdr!sdr.slb!shulman@uunet.UU.NET (Jeff Shulman) Newsgroups: comp.virus Subject: Re: VirusDetective questions (Mac) Message-ID: <0006.8909201747.AA13433@ge.sei.cmu.edu> Date: 20 Sep 89 14:33:49 GMT Sender: Virus Discussion List Lines: 39 Approved: krvw@sei.cmu.edu awinterb@udenva.cair.du.edu (Richard Nixon) writes: >Has anyone used VirusDetective for the Mac? We've >used it, but it seems to detect viruses in files that >we doubt are affected. I have (but then again I wrote it! ). VirusDetective (VD) is only as good as the search strings used. VD 3.0.1 (the latest) is distributed with search strings that detect all known *active* Mac viruses. With the latest search patterns I have seen NO cases of "false" alarms. Some earlier search strings (say CODE Size xxx) to test for a virus *could* match legitimate CODE resources. So, without knowing what version you are running nor the search strings you are using you may very well be getting matches where no virus actually exists. Standard example of Garbage In, Garbage Out. >How reliable is this bit of software? I have not seen any known virus get past VD 3.0.1. VD is the only program (to my knowledge) that can be user configured to search for any new virus (or *any* resource for that matter) as soon as a virus is discovered thus you do not need to obtain a new version (costing $$ from commercial vendors) when a new virus is discovered. NOTE: I *do* send out notification of new search strings to my registered users but you are apt to see them in Usenet first. Jeff Shulman VirusDetective author - -- uucp: ...rutgers!yale!slb-sdr!shulman CSNet: SHULMAN@SDR.SLB.COM Delphi: JEFFS GEnie: KILROY CIS: 76136,667 AppleLink: KILROY Disclaimer: VD has absolutely nothing to do with my "day" job at SDR and opinions, etc. herein should not be construed as coming from SDR.