zeke@gonzo.eta.com (Robert Scott) (11/04/88)
Ouch! I think my machine has been infected by a virus, but
it doesn't match the description of any I know about.
Interferon reports that there isn't any virus that it knows
about present, but it reports anomoly 103 on several system
files (the ones I suspect may be infected by other evidence
given below). Anomoly 103 isn't listed in the Interferon
documentation, so question 1 is: does anybody know what
anomoly 103 is?
The symptoms are rather innocuous, but then again aren't almost
all virus (viruses, viri, virium?) seemingly so?
Symptom 1: In the system folder, the System, Finder,
Multifinder, Scrapbook, and Clipboard files all have
different icons than standard. They all appear similar
to the uninfected icons, but the disk drive has the little
open space on the right (which the normal icons dont) and
there appears to be some kind of objects where the screen
should be (looks almost like some books of various heights).
Symptom 2: When switching from Multifinder to Finder, via
resetting the startup option and issuing the "restart" menu
command, the machine always hangs right after the "Welcome
to Macintosh" message appears, and right before the Vaccine
icon appears in the lower left corner. I have to power down
or hit the restart button to get it going again, then it loads
just fine.
Symptom 3: Just for jollies, I rebuilt the desktop on my disk.
When this completed, the icons for the Finder and the Clipboard
file changed to a blank document page icon. The other system
files described above still have the strange icons.
There are extenuating circumstances here that point to the
possibility that my newly repaired hard disk may have come from
the factory repair shop with the virus already in the system file.
When it returned from repair, it was loaded with the System 4.2,
Finder 6.0 set, but all seemed well at the time.
If anybody recognizes this virus, or has any clues as to how
to proceed to track it down further (I can make my way around
reasonably with Resedit and Macsnoop), please post here or
respond by email.
P.S. Vote Bill D. Catt for President.
%%%%%%%%%%%%%%%%%%%%%%%%% From the Final Frontier %%%%%%%%%%%%%%%%%%%%%%%%%
These are my opinions, of course. Why the hell would my company want them?
Robert K. "Zeke" Scott internet: zeke@wilbur.sunfun.eta.com
ETA Systems, Inc. ETC03J uucp: {amdahl,rutgers}!bungia!eta!sunfun!zeke
1450 Energy Park Drive fax: (612) 642-3448
St. Paul, MN 55108 voice: (612) 642-3493pkahn@meridian.ads.com (Phil Kahn) (11/08/88)
In article <819@nic.MR.NET> zeke@gonzo.eta.com (Robert Scott) writes: >Ouch! I think my machine has been infected by a virus, but >it doesn't match the description of any I know about. This virus scare is getting a bit out of hand. Computer viruses are much like human viruses (e.g., AIDS); if you show care and practice "safe file transfer," then you are likely OK. Make sure you have vaccine, ensure backups are maintained on a timely basis, only bring programs onto your hard disk if you are confident they have been tested, and if you want to use a program which you're not sure of, boot off a floppy, dismount your hard disk, and run it off of floppy to check it out. If you do this, you have reasonable certainty that every little abnormal belch by your Mac isn't a viral attack. That aside, the very first thing anyone should do when they have a problem such as was described here (bootup problem, strange system behavior, etc), is boot off of a system floppy, delete the system from your hard disk system folder and replace it with a new one. Most often these problems occur because the system somehow became corrupted. Don't ask me how this happens, seems like this shouldn't be possible, but it does happen. phil...