[X4U] Trojan horse on the Mac?

[John Richardson]

________________________________________
From: John F. Richardson [mailto:richards at spawar.navy.mil] 
Sent: Friday, October 20, 2006 12:30 PM
To: 'A place to discuss Mac OS X for the casual user.'
Subject: RE: [X4U] Trojan horse on the Mac?

Hello Bob,

Lots of explanations on the list. I’ll discuss your church’s options
..

1) =======Note the following ====================
Randy B. Singer

Co-Author of:
The Macintosh Bible (4th, 5th and 6th editions)

Show his list response to your church friends. You can also print out all
the others. Use his “Guruness” as evidence that Mac’s are the best current
“safe” system.

Note to List: Appologies to the other Guru’s!!!! There are lots of them.
Also note that this post is to the list because I could not figure out how
to get Bob’s original address. The list hid it!!! I’m also using Outlook on
a PC to answer and I used to be able to reveal the entire mail header, which
was useful for investigating the source of spam and phishing. The MS Office
help function is confusing most of the time and has defeated me! Actually,
the list “taking over management of replies” could be a security feature.
THIS IS A GREAT LIST! LETS HAVE AN X4U PARTY AT MACWORLD SF 2007.

2) Zip up the emails (Singer’s and the others) and send to the ISP. The
inclusion of the Mac is a dead giveaway that they need to investigate
further and tighten up THEIR (the ISP’s) server standard operating
procedures.

3) Consider another ISP if they do not respond in a satisfactory manner.

Note: If this is the only ISP in your area.  Oh well



4) Get an antivirus program for the Mac. I know that the probability of
infection is very low and close to 0.0000000000000000001. So, you can take a
deep breath and take your time to investigate the various products. Note
that running a scan on a Mac and sending a screenshot of a “clean” scan
result can allow you to confront an ISP (or AOL or Yahoo or
) customer
service rep with proof that will help get your account or connection
restored to normal operation. A clean scan of the PC’s (NAV) can also help.

Bottom line. Your church needs to rethink it’s connection strategy. Keep the
zip file in a handy place in case this happens again.

John F. Richardson

________________________________________
From: x4u-bounces at listserver.themacintoshguy.com
[mailto:x4u-bounces at listserver.themacintoshguy.com] On Behalf Of Bob
Aldridge
Sent: Thursday, October 19, 2006 7:48 PM
To: x4u at listserver.themacintoshguy.com
Subject: [X4U] Trojan horse on the Mac?

This question deals with a Trojan horse on the Mac and anti-virus software.

I have a situation I’m at a loss to understand and could use some help from
someone who may have encountered it before.

I have installed some Mac’s at my church’s office. They have both Mac’s and
PC’s for now. The local cable company that supplies the internet access
stopped the outgoing mail because they said four of the machines (3 PC’s and
1 Mac) were infected with something that is sending out msg’s. They named
the offending PC’s by e-mail, including the Mac. Only one of the PC’s is the
big problem, apparently sending out a msg every 3 seconds, and the other two
PC’s and one Mac were only sending a few msg’s. 

Sounds like a Trojan horse installed itself on the PC’s and is causing the
big problem. Norton Anti-virus was up to date and did not catch it. I’ll
figure out how to clean the PC but I’ve never heard of a Mac getting the
same thing that infected a PC. And what do I run to clean the Mac? I didn’t
buy any Mac anti-virus because I didn’t think Mac’s would get Trojan
horse’s.

My questions are: Is the cable company correct? Did the same Trojan horse
infect the Mac & the PC’s? And if so, how do I clean the Mac of the Trojan
horse.

If you have a suggestion to how to clean the PC I’ll take it too. Norton
Anti-virus did not detect it. 

Thanks,

--Bob Aldridge
Huntsville, AL