home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
MacWorld 1999 June
/
Macworld (1999-06).dmg
/
Shareware World
/
Anti Virus
/
Agax v1.1
/
Agax Manual
< prev
Wrap
Text File
|
1999-02-25
|
6KB
|
125 lines
Agax v1.1 Manual
----------------------------------------------------------------------------
Agax
Agax is an antivirus application. It scans your disks and files for virii.
It also contains Defender, which is an antivirus extension. Both of these
use Additives to discover and (in the case of Agax) repair infected files.
Additives are stored in the folder 'Additives' in the same folder as Agax.
The main window of Agax has the title 'Log'. It records Agax's antivirus
activity - in particular reporting the discovery of infected files, and the
success it has in repairing them. You can perform operations on the log with
the File menu.
Agax has two menus with identical contents but different titles - the
'Examine' and 'Repair' menus. These both do the same thing (scan for virii),
except that 'Repair' will attempt to remove virii from infected files,
whereas 'Examine' will just report the infection. Some files cannot be
repaired, and you are given the option of deleting these (if the Additive
responsible considers the file a threat) at the end of the scan. Agax
displays a progress bar during its scan of a volume. To stop the scan, click
the close box of the progress bar.
The 'Virii' menu contains a list of the currently installed Additives. You
can view more information about an Additive by selecting it from this menu.
You can change when this Additive is used from the window which results.
There are three checkboxes: 'Examine files for this virus' uses this
Additive when it is examining; 'Repair files with this virus' uses this
Additive when repairing; 'Proactively repel this virus' uses this Additive
in Defender. Changes to the last checkbox will only take effect on restart.
These options as recorded in the preferences. When Agax starts up, it checks
to see how the list of Additives has changed from last time. If any are
missing, it will warn you of the fact, and if there are any new ones, it
will ask you what you want to do with them (enable all or disable all). You
can change this later through the information boxes described above. If Agax
can't find its preferences, it tells you and enables all Additives.
Defender
The only available option in the Edit menu is 'Preferences'. Currently,
this controls only the preferences for Defender. Any changes made here only
take effect on restart. The first checkbox 'Enable Defender' controls
whether or not the Defender extension is installed. If the status of this
checkbox has changed when you close the preferences, Agax will take the
appropriate action (i.e. create or delete Defender in the Extensions
folder).
When Defender is enabled, you can choose how it protects your computer.
There are currently three types of protection:
- 'Examine volumes when mounted'. When a volume is mounted, it is examined.
If a virus is found you are asked to run Agax on the volume. There is a
further option under this: 'Simple examination' or 'Thorough examination'.
'Simple examination' is quick and will find virii which always live in the
same place on a volume (such as AutoStart worms ... not that there's an
Additive for these yet). 'Thorough examination' does a complete scan of the
volume, as if it was selected from the 'Examine' menu, but without the
progress bar. As you can imagine this is very slow, so I don't recommend it.
(Note: After startup, all volumes except the system volume will be scanned
in the method indicated if volume examination is enabled)
- 'Examine applications when launched'. When an application or desk
accessory is launched, it is examined. If a virus is found, the launch is
prevented and you are told that the application is infected. Control Panels
are not examined, as they execute inside the Finder. To catch infected
control panels (not that I know of any) you would have to use the next type
of protection.
- 'Examine resource forks when opened'. When a resource fork is opened, it
is examined. If the file is infected, the open is prevented and you are told
that the file is infected. If this type is on as well as the examining
launches type, clean applications will be examined twice (but it doesn't
take long, so don't worry about it too much). When this type is selected,
even the Finder's 'Get Info' command will warn you of infection (for
applications at any rate).
Alongside all of these types of protection there is the option to log when
the checks occur. Even if these boxes are unchecked, infections will still
be logged - unchecking them just cuts out the 'Started...'/'Completed ...'
log entries. Warning: Turning this option on for resource forks is a bad
idea - resource forks are opened and closed all the time. It will
significantly slow down your computer, and make the log huge (too big for
SimpleText) very quickly. The log is also useful for determining the virus
causing the infection (without running Agax), as the notification message
does not tell you this information.
Defender's log is called 'Defender Log' and stored inside the System folder.
Defender too keeps track of which Additives are around - newly discovered
additives are disabled. The Additives which Defender uses are those beside
the last Agax which was run - so make sure you don't use Agax on a server
(actually, I haven't tested this - it might actually mount the server during
startup).
Warnings, bugs, etc.
Warning: Both Defender and Agax make an attempt to guard against themselves
being infected. Thus you shouldn't fiddle with them - in particular, don't
unlock Agax, and don't change its memory allocation. This will likely be
improved and extended to Additives in the near future.
Agax replaces Antigax and GAx Defender - you should delete these and use
Agax and Defender instead.
System Requirements
Theoretically, Agax should work from System 7.0 up, however Defender only
works from System 7.5 up. The current version has only been tested on System
8.0 and 8.1 (that should probably be MacOS 8.0 ... ), so I really don't know
about anything other than those.
Disclaimer
#include <std_disclaimer.h>
----------------------------------------------------------------------------
{P^/
John Dalgliesh
johnd@cse.unsw.edu.au