Viruses

Discussion in 'General Mac Discussion' started by Abstract, Apr 4, 2004.

  1. Abstract macrumors Penryn

    Abstract

    Joined:
    Dec 27, 2002
    Location:
    Location Location Location
    #1
    Has anyone ever gotten a virus here?

    I think I have one, but I don't even know how to check. On a PC, my Norton Antivirus would generally kick in, tell me I have something, and either get rid of it, or tell me to go to the Norton website to d/l the appropriate small program from their site to get rid of it.

    Problem is that I've never had a virus checker on my Mac because I haven't needed one until now, and all I really want to get rid of is this one virus. I suspect it to be a Netsky.D virus, as I've received emails from strange addresses telling me that I'm sending emails with this Netsky worm. I checked at Norton for the Mac equivalent of those free virus-eliminating programs that you can easily d/l for Windows, but they don't have it for Macs, although they DO seem to sell antivirus software for Macs. :confused:

    Anyone know what to do? I don't really want to buy software that I really don't use often. I always thought that was the benefit of using a Mac. Viruses are the main reason why I hope Apple never acquires a significant chunk of the computing world. The more people who use it, the more reason people will have to make these pesky little things, I believe. :mad:
     
  2. HexMonkey Administrator

    HexMonkey

    Staff Member

    Joined:
    Feb 5, 2004
    Location:
    New Zealand
    #2
    The Netsky.D virus only runs on Windows. There are no Mac OS X viruses. What's probably happened is that the virus has forged a from address, so that when other people get it it might appear that it's from you when it's really not.
     
  3. gekko513 macrumors 603

    gekko513

    Joined:
    Oct 16, 2003
    #3
    That's entirely correct. Most of the recent major mail viruses forge the sender's address. Here's what I found on the Netsky.B
    I'm sure the Netsky.D does the same.
     
  4. Abstract thread starter macrumors Penryn

    Abstract

    Joined:
    Dec 27, 2002
    Location:
    Location Location Location
    #4
    How do my particular email addresses get found out? How is it forged if I don't have the virus on my computer? Could it be from friends who have the Netsky virus and have me in their Address Book, or are the addresses randomly generated, and happens to be the same as mine through chance??
     
  5. HexMonkey Administrator

    HexMonkey

    Staff Member

    Joined:
    Feb 5, 2004
    Location:
    New Zealand
    #5
    I'm not sure of the details, but it searches [Windows] hard drives for email addresses. It then sends the worm to these addresses, and uses one of them (or possibly one from your address book, I'm not sure) to forge the from address.
    Details of Netsky.D can be found here.
     
  6. suebee macrumors newbie

    Joined:
    Apr 1, 2004
    #6
    and this is from the imac website:

    Netsky only infects systems running Microsoft Windows...

    Note: Receiving an email alert stating that the virus came from your email address is not an indication that you are infected as the virus often forges the from address.

    I,too, thought I had the virus, especially because i have received emails saying a virus came from my email (see above)
    Glad I'm on a mac. :)
     
  7. mikepctp macrumors member

    Joined:
    Nov 17, 2003
    Location:
    just north of Toronto, Canada
    #7
    FYI, I have Norton for the Mac. It is really useless for all the reasons listed by others... Macs just don't get viruses. I only use it for the Utilities portion and haven't even used it for that since upping to OSX.

    I have PC's here as well but usually use the Mac for email in order to assist the PC's in staying healthy. This is a HUGE benefit (one of many thousands) of working with a Mac and avoiding Master Bates' OS.

    MP
     
  8. IJ Reilly macrumors P6

    IJ Reilly

    Joined:
    Jul 16, 2002
    Location:
    Palookaville
    #8
    This is probably the source. Unfortunately, the more people you know, the more of this junk you'll get. If you own a domain, the problem can be orders of magnitude worse.
     
  9. varmit macrumors 68000

    varmit

    Joined:
    Aug 5, 2003
    #9
    How your address gets forged

    Someone is infected with the virus. Well, the virus goes into the address book of that person, picks a random address, then sends out to everyone on that address book using the random address that it choose. Well, you are the lucky chosen one. This could be someone you know, or it could be someone of someone of someone of someone of someone you know. If they get your address some how in an email just because it was forward on and on till this person got a virus and had and somehow has your address.
     
  10. dukemeiser macrumors 6502a

    dukemeiser

    Joined:
    Dec 17, 2002
    Location:
    Iowa
    #10
    Yep, I've gotten viruses in the form of emails from people I know. Of course it didn't affect me. It's great to have the power of X.
     
  11. janey macrumors 603

    janey

    Joined:
    Dec 20, 2002
    Location:
    sunny los angeles
    #11
    mmmm virii...
    virex is out there, for free, if you're a .mac user...
    but honestly there is no point.
    mac os x might be as hole-ridden as windows, but nobody cares because the number of people who use it is just too little.
     
  12. blue&whiteman macrumors 65816

    blue&whiteman

    Joined:
    Nov 30, 2003
    #12
    more proof that in sevral ways of life its better to be one of the few rather than one of the many..
     
  13. Simon Liquid macrumors regular

    Joined:
    Jul 4, 2001
    Location:
    Iowa
    #13
    I had to get a *really* old virus off my friend's grandma's Mac Plus a few years ago. It was quite a challenge and more time consuming than you'd think- the virus had worked its way onto about 20 of a several dozen of her floppy disk, each of which had to be checked at glacial speeds.
     
  14. Les Kern macrumors 68040

    Les Kern

    Joined:
    Apr 26, 2002
    Location:
    Alabama
    #14
    It's Netsky.
    Imagine my problem.... hundreds of Mac users of all abilities, getting mail addressed to them from the "the tech staff@myplace.com", and trying for the 300th time to convince them it's harmless. I've sent hard copy letters, PDF's, e-mails and stood up at meetings. Useless.
    THEM: "Uh, hey Les, is this mail okay? It say's it's from you but I can't open the attachment."
    ME: "Uh, hey John, you, uh, dumbass, delete it. You're fine. The sentence "drtv456ybv45yvb5y" should have been a clue. Looking forward to your similar letter next week."
    (Okay, since I'm a professional I don't treat them like that, but still....)
    For April Fool's Day I sent an all-call e-mail describing the dangers of that virus that erases PC and installs OSX. It worked... another dozen calls.
     
  15. maxterpiece macrumors 6502a

    maxterpiece

    Joined:
    Mar 5, 2003
    #15
    I had the same problem you are having. I was getting literally thousands of emails a day saying i had sent an infected file. I went as far as to reformat my hd to no avail. Fortunately these viruses get bored and destroy their host after a while. After that the person usually catches on. After about 2 months of the above nonsense it stopped. THis was before mail.app so i set up filters on my email that filtered out anything that mentioned that virus name or mentioned the word virus. That worked well. My student email was like 1000% full at one point (yes, 10x past its 100mb limit). I would routinely erase all my emails and had to get a different address. It sucked.
    There are two things you can do - you can email everyone you know and ask them to scan their computer. If they don't have antivirus software, housecall.antivirus.com allows you to scan a windows pc for free. Tell them that the virus is gonna fry their computer sooner or later and that should get their butts in gear.
    Secondly you can look at the ip address on the details of the returned mail of sender. You can then trace the IP (search for ip trace in google) and try to figure out where that address is and then maybe who it is.
     

Share This Page