VIRUS-L Digest Monday, 28 Jan 1991 Volume 4 : Issue 16 Today's Topics: Antiviral product contact list (PC mostly) Review of SCAN (PC) VIRUS-L is a moderated, digested mail forum for discussing computer virus issues; comp.virus is a non-digested Usenet counterpart. Discussions are not limited to any one hardware/software platform - diversity is welcomed. Contributions should be relevant, concise, polite, etc. Please sign submissions with your real name. Send contributions to VIRUS-L@IBM1.CC.LEHIGH.EDU (that's equivalent to VIRUS-L at LEHIIBM1 for you BITNET folks). Information on accessing anti-virus, documentation, and back-issue archives is distributed periodically on the list. Administrative mail (comments, suggestions, and so forth) should be sent to me at: krvw@CERT.SEI.CMU.EDU. Ken van Wyk --------------------------------------------------------------------------- Date: Sun, 27 Jan 91 17:53:36 -0800 >From: Robert Slade Subject: Antiviral product contact list (PC mostly) The following is a list of antiviral product vendors, mostly for the PC line. I am sending it out in conjunction with the reviews that I am doing. I have two purposes in sending it out: 1) providing a list of vendors and products, and 2) hoping to update my own list. The first list I sent out, Ken immediately sent back a correction. This list is, I know full of errors. I would appreciate feedback on any errors or ommissions, and will, at some future time, send out an update. Maybe regularly. A note regarding the number of "product not available" notations. I have, so far, heard nothing from these people. I do not yet know whether this is due to improper addressing, poor mail service or products or comapnies that no longer exist. I have, also, listed specific names with various companies. These names are not, in most cases, the people to contact for ordering the product. In some cases they are people I have spoken with, in other cases they are names I was given to try to contact if the company was no longer listed. Please excuse the "informality" of this list. It represents only "working notes" in the preparation of the anti-viral product reviews. I hope it may be helpful to those looking for products. If you make an antiviral product, wish to have it reviewed and your company or product is not listed, or appears erroneously, please contact me. =============== Sandy Jenish, Dave Reid (VP Marketing) Advanced Gravis Computer Technology 7033 Antrim Avenue Burnaby, B. C. V5J 4M5 604-434-7274 Telecopier: (604) 434-7809 Advanced Security for PC and Mac Brightwork Development Inc. Tinton Falls, NJ 201-530-0440 Sitelock, Novell add-on operation restricting software Certus International 13110 Shaker Square Cleveland, Ohio 44120 USA 216-752-8181 800-722-8737 Mike Mytnick operation restricting software, particularly for LANs ComNETco, Inc. 29 Olcott Square Bernardsville, NJ 07924 USA VirusSafe-Anti-Viral Software (cf EliaShim, also Enigma SafeWord (R) Virus-Safe) mail undeliverable CSM Management and Consulting 3031 Main St. Vancouver, B. C. V5T 3G8 604-879-4162 Telecopier: 604-874-1668 Overlord product not available Cylink 110 S. Wolfe Road Sunnyvale, CA 94086 USA 408-735-5800 telecopier: 408-738-8269 SecurePC - half card DES encryptor product not available Digital Dispatch, Inc. 1580 Rice Creek Road Minneapolis, MN 55432 mail undeliverable Lakeland, Minn. 612-436-1000 800-221-8091 Antigen, Data Physician, Novirus-Anti-viral software Director Technologies Inc. 906 University Place Evanston, IL 60201 USA Disk Defender-Half-Slot Virus Write-Interrupt Device product not available Dynamics Security Inc. Cambridge, MA USA mail undeliverable EliaShim Microcomputers 520 W. Hwy. 436, #1180-30 Altamonte Springs, Florida USA 407-682-1587 VirusSafe - TSR scanner (cf ComNETco?) product not available Bob Bosen Enigma Logic Inc. 2151 Salvio Street, #301 Concord, CA 94565 USA Tel: (415) 827-5707 FAX: (415) 827-2593 Internet: 71435.1777@COMPUSERVE.COM Safeword - change detection software Fink Enterprises 11 Glen Cameron Road, Unit 11 Thornhill, Ontario L3T 4N3 416-764-5648 Telecopier: 416-764-5649 IRIS Antivirus (from Israel, cf Techmar) FoundationWare 2135 Renrock Rd. Cleveland, OH 44118 USA Vaccine 1.2-Anti-viral software mail undeliverable, possibly out of business? Gee Wiz Software Company c/o Mrs. Janey Huie 10 Manton Avenue East Brunswick, NJ 08816 USA Dprotect-Anti-Trojan Software product not available Denny Kirk Hyper Technologies 211 - 3030 Lincoln Coquitlam, B. C. 604-464-8680 Integrity still in production, not yet available International Computer Virus Institute 1257 Siskiyou Boulevard, Suite 179 Ashland, OR 97520 USA 503-488-3237 503-482-3284 BBS 503-488-2251 Eliminator anit-viral, virus simulators plus books and consulting Interpath Corporation Cylene-4-Anti-Viral software, no longer produced defunct, cf McAfee IP Technologies Virus Guard address no longer valid Lasertrieve, Inc. 395 Main Street Metuchen, NJ 08840 USA Viralarm-Anti-Viral Software product not available LeeMah DataCom Security Corp. 3948 Trust Way Hayward, CA 94545 USA 415-786-0790 product not available Paul Mace Software 400 Williamson Way Ashland, OR 97520 USA sold and supported through: Fifth Generation Systems, Inc. 10049 N. Reiger Rd. Baton Rouge, Louisiana USA 70809 1-800-873-4384 sales and info 504-291-7283 tech support 504-291-7221 admin telecopier: 504-292-4465 Mace Vaccine-Anti-viral software. McAfee Associates 4423 Cheeney Street Santa Clara, CA 95054 USA 408-988-3832 Viruscan-Scans disk and RAM for viri. Microcom Software Division 3700-B Lyckan Parkway Durham, NC 27717 USA also Norwood, MA 919-490-1277 800-822-8224 Virex-PC, also Virex for Mac - scanner Mary Hughes see also Software Concepts Design Orion Microsystems Quebec Panda Systems 801 Wilson Road Wimington, DE 19803 USA Dr. Panda Utilities-Anti-Viral Software product not available Parsons Technology 375 Collins Road NE Cedar Rapids, IA 52402 USA 319-395-9626 Virucide rec'd 901130 PKWare, Inc. 7545 North Port Washington Road Glendale, WI 53217-3442 USA PKZIP, PKSFX-File compression utilities with encryption option Prime Factors 1470 East 20th Avenue Eugene, OR 97403 USA VI-Raid-Anti-Viral Software product not available Quaid Software Ltd. 45 Charles Street East Toronto, ON M4Y 1S2 416-961-8243 Antidote-Anti-Viral Software product not available RG Software Systems Inc 6900 East Camelback Road Suite 630 Scotsdale AZ 85251 602 423 8000 Diskwatcher 2.0, ViSpy Fridrik Skulason Box 7180 IS-127 Reykjavik Iceland frisk@rhi.hi.is F-PROT-Virus detection/protection/disinfection and utilities Ross Greenburg Software Concepts Design 594 Third Avenue New York, NY 10016 USA Flushot-Anti-Viral Software. see also Microcom Sophco P.O. Box 7430 Boulder, CO 80306 USA Vaccinate-Anti-Viral Software product not available Sophos Limited 20 Hawthorne Way Kidlington, Oxford, OX5 1EZ UK Vaccine-Anti-Viral Software Swarthmore Software Systems 526 Walnut Lane Swarthmore, PA 19081 USA Bombsquad, Check-4-Bomb-Anti-Trojan software product not available Symantec/Peter Norton 10201 Torre Avenue Cupertino, CA 95014 USA 408-253-9600 800-343-4714 800-441-7234 408-252-3570 416-923-1033 Norton AntiVirus - product under development 901204 Techmar Computer Products 97 - 77 Queens Blvd. Rego Park, NY 11374 USA 718-997-6800 IRIS Antivirus (cf Fink), also Antivirus Plus (purported "AI vaccine") Tomauri Inc. 30 West Beaver Creek Road, Unit 13 Richmond Hill, Ontario L4B 3K1 416-886-8122 Telecopier: 416-886-6452 PC Guard - password protection board, also for Mac product not available Trend Micro Devices Inc. 2421 W. 205th St., #D-100 Torrance, CA 90501 USA 213-782-8190 PC-cillin - program change detection hardware/software University of Cincinnati Dep't. of Computer Engineering Mail Loc. 30 - 898 Rhodes Hall Cincinnati, OH 45221-0030 USA Cryptographic Checksum-Anti-Viral software product not available Worldwide Software Inc. 20 Exchange Place, 27th Floor New York, NY 10005 USA 212-422-4100 Telecopier 212-422-1953 Vaccine Version 2-Anti-Viral Software. product not available ------------------------------ Date: Thu, 24 Jan 91 17:17:21 -0800 >From: p1@arkham.wimsey.bc.ca (Rob Slade) Subject: Review of SCAN (PC) Comparison Review Company and product: McAfee Associates 4423 Cheeney Street Santa Clara, CA 95054 USA SCAN, CLEAN, VSHIELD, SENTRY - virus detection, disinfection and protection, also FSHIELD and VCOPY Summary: A useful and regularly updated set of products with a large user base. Separate distribution of the programs may be a problem. Cost: $25 - $35 US per program, $159 for the set as of version 72 Rating (1-4, 1 = poor, 4 = very good) "Friendliness" Installation 2 Ease of use 3 Help systems 2 Compatibility 3 Company Stability 3 Support 3 Documentation 2 Hardware required 4 Performance 2 Availability 3 Local Support 3 General Description: SCAN is a boot sector, memory and file scanning program, with some disinfection capabilities. CLEAN is a disinfection program. VSHIELD and SENTRY are resident file infection and activity checking programs. The programs are widely available on electronic bulletin board systems in the U. S. and Canada, at varying version levels. They are widely used, and supported by third party "front ends", utilities and menuing systems. The programs are updated regularly, and are supported by the "Homebase" BBS run by McAfee associates. Comparison of features and specifications User Friendliness Installation SCAN and CLEAN do not require installation as such. All programs, however, are distributed in .ZIP format and, beginning with version 72, require PKUNZIP version 1.10 for unpacking with authenticity verification. VSHIELD is distributed in two, mutually exclusive, versions. Both versions require the use of SCAN's /AV option, which adds an authentication CRC check onto programs. A second level of protection is added in one version with file infection checking for known viri. (Note that the /AV code must be added to all programs before installation of VSHIELD for it to be effective, and that this will cause programs, such as Word Perfect, which contain their own "change detection" programming, to fail.) VSHIELD must be installed "manually" by the user in the AUTOEXEC.BAT file with all desired options and switches. SENTRY is a change detection program which examines boot sectors, system software and even memory structure. It is distributed as an installation program, but as any change to the system (including software updates) will cause alarm warnings, it must be re-installed upon each change. Ease of use The SCAN program is fairly simple to execute, but provides for a very large number of options in the form of software "switches". These can complicate the use of the program, but probably will not be used by most users. The base scanning function is simple to operate, and novice users will probably not use any other functions. (The one major exception is the /AV option. If used on a program that is already "self checking" it will likely cause the program to terminate, and so must be identified and removed.) Use of CLEAN or VSHIELD is complicated by the fact that SCAN must be a part of the process, but again the basic operation is straightforward. Help systems If SCAN is invoked with no specifications, it gives three examples of use. There is no "online" listing for the software "switches" for the various programs. Compatibility SCAN and the other programs in the suite are updated regularly, and the latest version should be able to handle almost all viri that a user would encounter. The addition of the external file option in version 71 is also a major increase in utility. Company Stability John McAfee has been producing versions of SCAN for a number of years, updating on a very regular basis. SCAN is probably the most widely used virus scanner in North America at present. Recent versions have been subject to a number of "bug fix" releases. Company Support McAfee Associates lists their address and phone number in all documentation, and support the Homebase BBS. Documentation The directions for use of the programs are clear in all cases, if somewhat concise. However, novice users will find little conceptual information about viri, or specific information about the various viri that SCAN will deal with. The documentation, while not quite alarmist, certainly strongly suggests that the user, if any virus is ever found, should "retain" the services of McAfee Associates. Also, outside sources (such as the Hoffman virus list) often state that viri can be dealt with by, for example, using the "SCAN /D" option, without warning that this merely deletes and overwrites the existing file. Hardware Requirements No special hardware is required. The SCAN program itself will not work with local area networks, but a NETSCAN program is available (again as a separate package which must be separately obtained.) Performance For boot, memory and file scanning only, SCAN is measurably faster than FPROT, although not anywhere as fast as VPCSCAN. SCAN did miss some viri in testing, but the only viri missed were all, in some way, crippled. SCAN does not have the range of functions of FPROT. In addition, FPROT consistently offered superior "disinfection" capabilities. Versions of CLEAN tested (and the earlier MDISK) have, in my own experience, occasionally left the computer or disk in a worse state than the virus. Local Support Because of the very wide use, local support of SCAN is more generally available. The available version, however, is not always the latest, as many users, in my experience, tend to use the one version they obtain for at least a year before seeking another. There are also a number of shareware products that "enhance" the use of SCAN, such as menuing "front ends" or programs to assist in checking archived files. Support Requirements If at all possible, it would be best if knowledgeable users assisted with the use of SCAN. The programs are simple enough to be operated by a novice user, and no harm should result, but best results will be obtained with the program if someone aware and informed of virus operation is involved. General Notes SCAN is a very useful virus scanning program, and John McAfee is to be commended for keeping it updated over the years. It has undoubtedly saved, without exaggeration, many millions of dollars in lost computer services. That said, one is still left with the impression that the program, as a program, could benefit from more attention to function, and less to the promotion of the services of McAfee Associates. The breaking of the program into different packages for distribution increases the difficulty in installation and use, and seems only to serve to hide the true cost of the program, which is very high for shareware. copyright 1991 Robert M. Slade ------------------------------ End of VIRUS-L Digest [Volume 4 Issue 16] ***************************************** Downloaded From P-80 International Information Systems 304-744-2253