[X4U] Trojan horse on the Mac?

Bob Aldridge aldridgebob63 at comcast.net
Fri Oct 20 05:36:34 PDT 2006 

Randy, thanks for the info! Very helpful! --Bob


On 10/20/06 2:03 AM, "Randy B.Singer" <randy at macattorney.com> wrote:

> Bob Aldridge said:
> 
>> Cable company gave the e-mail of the offending PC's and Mac.
> 
> That means nothing.  It is very common for PC viruses to do what is known
> as "spoofing".  That is, they take over the e-mail program of the
> infected PC, and replicate and send themselves out using addresses in the
> e-mail program's address book as the "to" and "from" addresses.  So,
> looking at the "from" address of a message sent out due to a virus
> infection is useless with regard to determining where the e-mail
> originated.
> 
> http://www.plattsburgh.edu/help/virus/spoof.php
> 
> Actually I'm really surprised that your cable company didn't already know
> this.  PC viruses that spoof e-mail addresses have been around for years.
> 
>> I doubt the cable company too, but I need to prove them wrong on this and
>> prove to the staff Macs are safe as I professed.
> 
> There has only ever been *one* Macintosh virus or Trojan that has been
> able to successfully send itself out to other users and that is the
> Simpsons virus:
> 
> http://vil.nai.com/vil/content/v_99102.htm
> http://www.macintouch.com/simpsonsvirus.html
> 
> The Simpsons virus circulated about 5 years ago.  It is only for OS 9 and
> it required Outlook Express to spread.  It was never a prevalent virus
> and at this point, with the passing of Outlook Express, and the rise of
> OS X, it is probably extinct.
> 
> Currently there are *no* viruses that infect OS X.  (NONE.)  There are a
> few very rare Trojans.  Trojans do not self-propogate.  There are
> hundreds of Word macro viruses, but they are irrelevant if you don't use
> Word, or if you have Word's macro feature turned off.  There are a
> handful of viruses that can infect OS 9, and which can also infect
> Classic running in OS X, but these are now very rare also.  None of
> these, other than the Simpson's virus, can spread via e-mail.
> 
>> Doing a little checking around I found ClamXav. I'll give it a shot.
> 
> ClamXAV is free, which is, of course, very attractive.  However, the
> product is  misleading.  ClamXav is an OS X port of ClamAV, which is a
> UNIX server anti-virus application for use with Windows networks. (ClamAV
> comes with Mac OS X Server.) The problem is that ClamXav uses ClamAV's
> anti-viral database, with few additions in consideration of the
> Macintosh.  
> You can search the ClamAV database here:
> http://clamav-du.securesites.net/cgi-bin/clamgrok
> As a test, do a search for, for instance, "Macintosh", or for one of the
> known (though very rare) Macintosh Trojans, for instance: "Opener" or
> "Renepo," and see if anything shows up.  (Nothing will.)
> What this means is that ClamXav doesn't look for much in the way of
> Macintosh-specific malware.  Sometimes free isn't a good deal.
> 
> It is *extremely* unlikely that your Macintosh is infected with any sort
> of Malware, and I would say that the liklihood that spam originated from
> your Macintosh is just about zero.  But if you feel that you must get an
> anti-virus program, at least get one that can recognize the rare
> instances of Mac malware that exist and can deal with them.  I recommend
> Intego's Virus Barrier:
> http://www.intego.com/virusbarrier/
> 
> 
> 
> Randy B. Singer
> 
> Co-Author of:
> The Macintosh Bible (4th, 5th and 6th editions)
> 
> OS X Routine Maintenance
> http://www.macattorney.com/ts.html
> 
> _______________________________________________
> X4U mailing list
> X4U at listserver.themacintoshguy.com
> http://listserver.themacintoshguy.com/mailman/listinfo/x4u
> 
> Listmom is trying to clean out his closets! Vintage Mac and random stuff:
>          http://search.ebay.com/_W0QQsassZmacguy1984

More information about the X4U mailing list