joel_glickman@MTS.RPI.EDU (11/22/89)
I have just recently noticed a problem on my Mac. After using Cricket Graph I checked the last modified date and the program had just been modified. After noting this, I began checking other programs and found that my copy of Versaterm Pro was also being modified every time I ran it. It was at that point that I checked these programs on other people's Macs in the office and saw that these programs were not being modified on some, while they were being modified on others.. I am running Gatekeeper and Vaccine and have checked these programs with Disinfectant and they report no trouble. My question is: Should these programs modify themselves when I just run them. All I do is run them and quit immediately and they are modified??? Do you think I have a virus problem??? Joel Glickman Rensselaer Polytechnic Institute.
m20280@mwvm.mitre.org (Jason D. Blue) (11/22/89)
In VIRUS-L V2 #246, Joel Glickman writes: >I have just recently noticed a problem on my Mac. After using Cricket >Graph I checked the last modified date and the program had just been >modified. After noting this, I began checking other programs and >found that my copy of Versaterm Pro was also being modified every time >I ran it. It was at that point that I checked these programs on other >people's Macs in the office and saw that these programs were not being >modified on some, while they were being modified on others.. I am >running Gatekeeper and Vaccine and have checked these programs with >Disinfectant and they report no trouble. I have noticed the same problem, with a number of applications (among them are TinCan and Mac286). I use SAM Intercept from Symantec, and it alerts me from time to time that an application is trying to change itself. I checked for viruses, using a number of packages (Virex, Sam, Disinfectant and Virus detective), but found none. I don't think this is a virus, but I find it disturbing because, like Joel mentions, this happens even when I only start an application and then quit out of it, without changing preferences or options that might need to be saved to disk. Jason User Services /~~~ Jason D. Blue The MITRE Corporation |o|o| (703) 883-7999 7525 Colshire Drive MS W130 _v_/ jblue@mdf.mitre.org McLean, VA 22102-3481
time@uunet.UU.NET (Tim Endres) (11/28/89)
joel_glickman@MTS.RPI.EDU writes:
My question is: Should these programs modify themselves when I just
run them. All I do is run them and quit immediately and they are
modified??? Do you think I have a virus problem???
Joel Glickman
Rensselaer Polytechnic Institute.
Many Macintosh programs modify their resource forks!
All of mine do. If the program saves any "state" for you it is most
likely storing the data in the RF. Rest easy. For now.