[OS X TeX] OT: effective Macintosh Trojan in the wild
Alain Schremmer
Schremmer.Alain at verizon.net
Thu May 5 20:28:14 EDT 2005
Thomas A. Schmitz wrote:
>
> On May 5, 2005, at 2:00 AM, Bruno Voisin wrote:
>
>> Earlier, looking for swap files, we had found on my colleague's HD
>> one /private/var/vm/swapfile0 (and indeed I have one too, 64 MB in
>> size, on my Tiger PowerBook), but no swapfile1 which was the file
>> reported by Norton AV as infected. Odd!
>>
>
> Just a small remark: when the load average goes up, OS X will create
> those swapfiles and number them consecutively. When the load average
> goes down again over an extended period of time, it will delete them
> again. I have seen this behavior on my box: after doing some memory-
> intensive stuff, I could see swapfiles0 through 3 in /var/vm. After a
> while of normal use, swapfiles 2 and 3 were deleted again. So, to sum
> up: the fact that you couldn't find the offending file doesn't mean
> it wasn't there when Norton reported it.
>
> This being said: I've stayed away from all Norton products since the
> advent of OS X, and my computing exeprience has been a lot smoother.
> Even on Mac OS 9, the latest atavars of Norton System Works were
> extremely unstable and dangerous; with OS X, it was disastrous.
A couple of days ago I renewed my subscription to Norton Antivirus.
Today, I got "hit by the Hacktool". I am glad I saw the previous
exchange so I did not panick and since I kept it I will now know what to do.
Still, I don't like that and I was wondering if you would say what you
are using instead.
Regards
--schremmer
--------------------- Info ---------------------
Mac-TeX Website: http://www.esm.psu.edu/mac-tex/
& FAQ: http://latex.yauh.de/faq/
TeX FAQ: http://www.tex.ac.uk/faq
List Post: <mailto:MacOSX-TeX at email.esm.psu.edu>
More information about the MacOSX-TeX
mailing list