There seem to be a growing number of programs which also combat this virus, so I've started a list here. If your program isn't here, email me and I'll put it in.
This stops the virus spreading further if you are already infected, and prevents it from installing itself if you are not. It will not however stop infected applications from deleting your files.
The docs include a good technical summary by Peter Creath, which first showed most people that this virus was more than just an annoyance (it also has pointer to my site which is especially good ;-). It is also easy to use and can be installed over a network
Graphics Innoculator is currently at version 1.2
GAx Defender is not compatible with Graphics Innoculator - see my readme for more information
I had some problems with downloading this file earlier but they've been fixed up now.
Angel Warrior is an extension which loads before the virus, and prevents it from loading. It also prevents infected applications from launching - it terminates them.
How it works: It patches two traps, SetToolTrapAddress - which the extension version of the virus uses to infect applications, and InitMenus - which infected applications use (unknowingly) to install the extension, and to delete your files.
Before I go on it's time for a little history: The Graphics Accelerator virus looks very much like 4 other similar viruses which appeared in Jan 1998 and were added to major antivirus program definitions in July. These previous versions were called MDEF-9806, strains A to D. (According to MacVirus and others). So Tom calls this virus MDEF-9806-E, with considerable justification. (The previous strains together had all the elements of Graphics Accelerator, but not in the same strain)
So back to Angel Warrior: Instead of just looking for the extension by name, like 'Defender does, Angel Warrior looks for extensions patching the trap that the MDEF-9806-E virus does. It then looks at the code which the patch is being pointed to in an attempt to determine whether or not it is a virus - specifically, it checks that the patch will make a Count1Resources('MDEF') call at a certain spot, and that the virus's 2-byte signature (at a certain backwards offset from the patch) is present. These chekcs appear to be designed to catch renamed versions of the virus (done by people, not programs or the virus itself). GAx Defender doesn't check for this at all. When it detects the virus it stops it from patching InitMenus, so applications will not be infected.
The InitMenus patch Angel Warrior installs checks to see if the application is infected and if so quits it, notifying you afterwards (this would be bad if the Finder was infected - but fortunately I don't think it happens).
The current version is 1.0a7. The icon is really cool, and the extension is v small (1K vs 'Defender at 5K - but who's counting?), however, it doesn't actually repair apps or remove the extension. It will 'tho keep your files safe - nothing would get a chance to delete them.
The docs in 1.0a7 are quite good, including good info and recent (to me) insights. Tom says applications can sometimes get infected twice ('tho I have not seen it) and that the System can be infected when using old-style Desk Accessories. He also notes that applets (e.g. AppleScripts) can appear infected, but the infection is not permanent. Tom writes that Angel Warrior is in alpha and thus untested and incomplete, but it looks pretty good to me (for what it says it does) ... The docs also include a good bit about possible confusion with real Graphics Accelerators (which I should have had long ago :)
Angel Warrior is currently at v1.0a10
Last updated 8/10/98 22:45 AEST