# Trojan virus on Mac systems



## PaulGunnion (Oct 14, 2004)

I've had an email today from my ISP (ntlworld.com) saying that other users have complained about receiving spam from my email address. Assuming, as they do, that I am a PC user they sent me a file to look for trojans: "Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions. For details see the attached file."

Of course, the attachment is a .exe file.

Before joining this forum I visited a few other sites and can find little advice about dealing with viruses on Macs. One guy maintains, as I used to, that Macs are virus free.

If my ISP is correct and I have been infected how do I find and get rid of the virus?

I'm using Mac OS 9.2.2.

I did receive Max OS X when I bought this iBook but I couldn't get OS X to connect to the internet, so i went back to using the system that had been connecting successfully  OS 9. Now I can't find the CD on which OS X was first delivered to me.

Like most folk outside the security of office networks, I get my share of spam, though it has been reduced by a painstaking policy of opting-out. I don't want to annoy otheers so I'd like to do everything I can to reduce the nuisance value of my email address.

I have also noticed recently, and I'm trying to find a way to tell NTL about this, but they don't make it easy to tell them anything, that I get more spam addressed to other email addresses, that is my email address is not in the header. It could be anything from from [email protected] to [email protected] or even [email protected]

Any suggestions about dealing with the supposed trojan?

Paul Gunnion


----------



## Chicon (Jul 29, 2004)

Hi PaulGunnion,

The fact that many people receive spam with your e-mail address doesn't mean you are responsible.
There are a lot of tools for spammers to make all possible combinations with name, surname and domain name.
Your ISP must know that and he must be able to make the difference between a true e-mail you are sending from your computer and a fake e-mail stamped with your e-mail address.
I don't think you have a trojan installed on your system.


----------



## KrashedKris (Dec 23, 2003)

Just a guess but it's possible that the email purporting to be from NTL is itself a fake, trying to trick you into running the attached .exe file on your machine, and of course the .exe may be a malicious file.

This is a common viral tactic, trying to panic you into opening the attachment. I had a similar message recently ostensibly from my ISP which turned out later to be one of the MyDoom family of viruses. Ironically if it was MyDoom, I guess you would be immune being a Mac user!

There is a site where you can forward suspect mails for a virus scan, I don't know if it detects Mac-specific viruses though, but here is the link -

http://www.virustotal.com/flash/index_en.html

This site was recommended to me by a TSG moderator, and I know it works as it detected the aforementioned MyDoom mail for me.

NB Just forward the whole mail to the site as per instructions on the homepage - don't save the .exe file to your machine and upload the file only, in case it is malicious


----------



## Rockn (Jul 29, 2001)

BTW, opting out is the WORST thing you can do. This jsut tells the SPAMmers that this is an actual and functional email address. Expect far more emails of the SPAM variety if you do opt out of non-legitimate emails. Better to just delete them altogether.


----------



## emoxley (Jan 6, 2004)

There ARE mac virus' out there, but they are few and far between. You can check somewhere like www.versiontracker.com for a mac virus protection program, and install and run it. As others said, it may not be a virus, but better safe than sorry.
Good luck!


----------



## PaulGunnion (Oct 14, 2004)

Trojan virus on Mac systems 
Guys,
Thank you for the information and your advice 
Practical suggestions have been put into effect.
Paul Gunnion


----------



## akad (Jul 31, 2004)

although i haven't updated on mac viruses in a while (because there are none), the only trogans ever to affect the mac were back in the pre-win9x days. nothing you should worry about, my guess is it is just a server worm.


----------



## PaulGunnion (Oct 14, 2004)

Thanks, akad,
Paul Gunnion


----------

