Warning: Trojan horse found in old KC picture files

My computer has been very slow and acting like someone else was on it for a long time. I ran Ad-aware, McAfee virus scan, and lots of other tools. No viruses were found. Tonight I ran a free scan on the Symantec website. It took a long time, but it found two trojan horses in the files I downloaded when KC's photobucket pictures were released. My McAfee protection keeps getting turned off, so I think these trojans are to blame. I'll re-post if not.

One reason no other software found the trojan horses is because I normally scan my C drive since that's the one most targeted. My drive is partitioned, so I keep photos and other files on my D drive, which is where all my KC Anthony files are located. Symantec did not give me a choice as to which drives to scan so it scanned all of them (free, too). I deleted the files and hope that takes care of it. Symantec did not list what kind of trojan horses they were or I'd search for a removal tool

If any of you downloaded KC's photobucket photos, you might want to check it out. Here's the results Symantec gave me:

149260 files scanned, 2 file(s) infected on your disk drives.

No viruses were detected in memory.

Search for the name of the threat(s) listed below on the Symantec Security Response site for removal information.

Your computer is infected with at least one known virus or Trojan horse.

D:\Casey Anthony Files\icons157\active\11\thmyspaceicons143.gif is infected with Trojan Horse

D:\Casey Anthony Files\icons157\active\11\th_thmyspaceicons143.gif is infected with Trojan Horse

Just researched this a little, and from what I've read so far there should be no problem (if anybody finds differently, please post info here).

Viewing the file on my Mac, it IS a picture file and not a renamed .doc file or anything.

Nevertheless, I shall remove these particular files from the original PB file and re-upload to it's current location just to be safe.


http://hubpages.com/hub/Basic-Steps-To-Keep-You-Safe-From-Email-Viruses

If the attached file ends in .GIF or .JPG, then it is an image or a graphic. Your drawing program will be used to open it. No viruses can be launched by viewing GIF/JPG files, and even if someone were to rename an infected .DOC file as .GIF or .JPG, Microsoft Word will not run if you double-click on the GIF file, because Word will be superseded by the drawing program: When your computer sees a file ending in GIF or JPG, it will run a graphics program (not Word) if you want to open the file. It is theoretically possible to include a virus in a GIF/JPG file, but that virus would not be executable by viewing. It would have to be consciously extracted in another manner, so don't worry about it.

This Trojan horse is all over the place. It happened to me while viewing my son's pictures on his MySpace page.

Thanks, ya'll, my McAfee detected a Trojan yesterday. I am still trying to learn to navigate computerland and I appreciate all the info I get here from you savvy ones.

Thanks for posting this Quiet Storm.

I don't know if this is any relation but my desktop was infected with a trojan last week. Heck of a booger to get rid of it too!

Here's my theory since it happened on my desktop AND my Mac.....the trojan is possibly coming from Photobucket! My husband was viewing coins on Ebay when the trojan popped up and then I was uploading icons from PB to my crafting board when the trojan showed up on my Mac.

I freaked when it showed up on my Mac but thankfully the trojan wasn't written for a Mac so it didn't embed itself on my laptop.

I ran Windows Defender on my desktop and it found nothing. I then ran F-secure online scanner with the same results. Finally I ran a "full scan" with my PC Tools Antivirus and it found the trojan and quarantined it.

Was the trojan called virus.DOC.Monxia? The one that popped up on my desktop was best-antivirus09.

Hope this helps someone else who may get infected.

Trapshooter said:

Thanks for posting this Quiet Storm.

I don't know if this is any relation but my desktop was infected with a trojan last week. Heck of a booger to get rid of it too!

Here's my theory since it happened on my desktop AND my Mac.....the trojan is possibly coming from Photobucket! My husband was viewing coins on Ebay when the trojan popped up and then I was uploading icons from PB to my crafting board when the trojan showed up on my Mac.

I freaked when it showed up on my Mac but thankfully the trojan wasn't written for a Mac so it didn't embed itself on my laptop.

I ran Windows Defender on my desktop and it found nothing. I then ran F-secure online scanner with the same results. Finally I ran a "full scan" with my PC Tools Antivirus and it found the trojan and quarantined it.

Was the trojan called virus.DOC.Monxia? The one that popped up on my desktop was best-antivirus09.

Hope this helps someone else who may get infected.

Click to expand...

Did you run those programs on your Mac? I've got a MacBook and came across some funky looking screens in Face Book but I don't have any anti-virus software on my laptop. Do I need to get it? TIA.

Lacey I did download the i-version of PC Tools AV for Macs. I ran the antivirus and it didn't find a thing!

I asked one of my tech guys and he is the one that told me the virus was written for the Mac OS so it wasn't able to embed itself in my Mac.

Google PC Tools AV and download the i-version. Once I downloaded it to my Mac, I do run it every few days just to be safe! Hope this helps!

lacey clementine said:

Did you run those programs on your Mac? I've got a MacBook and came across some funky looking screens in Face Book but I don't have any anti-virus software on my laptop. Do I need to get it? TIA.

Click to expand...

If you upgrade to Snow Leopard ($29 and WORTH IT!) it has some malware protection built in.

http://www.macworld.com/article/142457/2009/08/snowleopard_malware.html


There's also the free iAntivirus which is pretty good. I ran this on the PB file and it did not find anything.

http://www.macworld.com/article/140538/2009/05/iantivirus1.html

Muzikman said:

If you upgrade to Snow Leopard ($29 and WORTH IT!) it has some malware protection built in.

http://www.macworld.com/article/142457/2009/08/snowleopard_malware.html


There's also the free iAntivirus which is pretty good. I ran this on the PB file and it did not find anything.

http://www.macworld.com/article/140538/2009/05/iantivirus1.html

Click to expand...

Thanks Muzikman!

I've been contemplating purchasing the new Snow Leopard and I think you have helped me decide!

Thanks for the info about the iAntivirus too.....didn't know about this one! I'm still learning about my Mac! lol

Trapshooter said:

Lacey I did download the i-version of PC Tools AV for Macs. I ran the antivirus and it didn't find a thing!

I asked one of my tech guys and he is the one that told me the virus was written for the Mac OS so it wasn't able to embed itself in my Mac.

Google PC Tools AV and download the i-version. Once I downloaded it to my Mac, I do run it every few days just to be safe! Hope this helps!

Click to expand...

Muzikman said:

If you upgrade to Snow Leopard ($29 and WORTH IT!) it has some malware protection built in.

http://www.macworld.com/article/142457/2009/08/snowleopard_malware.html


There's also the free iAntivirus which is pretty good. I ran this on the PB file and it did not find anything.

http://www.macworld.com/article/140538/2009/05/iantivirus1.html

Click to expand...

Excellent information- Thank you so much! Going to get the upgrade today.

you guys this is everywhere and we have a whole thread on it in the software forum:
[ame="http://www.websleuths.com/forums/showthread.php?t=88028"]Virus Alerts? - Websleuths Crime Sleuthing Community[/ame]

I'll move this thread over there shortly.