I'm on a Macbook running Mac OS X 10.5.8. Yesterday I ran a full Symantec scan (Symantec 10.2 with virus definitions from Sept. 21), which identified 10 files as Trojan horses. The files were all in archives and had names like Gmerrew, Gmailer, Greader, bof.jar and gsb2.jar. I browse and download fairly carefully (download only software from reputable sources, no visits at all to porn sites, Bittorrent, etc.), so I'm not sure where they came from. I had Symantec delete them, but I couldn't find much about them online so I wasn't sure if that was enough to take care of the problem.
I then ran a full scan with MacScan. It identified four email messages as being KeyBag. The files are now isolated in a folder on my desktop. I used Cmd-I to get information, and they look fairly normal to me; I know all the senders (Borders, spaceweather.com, a client I get email from all the time, and Facebook). I googled around a bit, and it sounds like other people have had false positive KeyBag IDs from MacScan as well.
I ran a full scan with iAntiVirus and it gave me a clean bill of health. I'd be inclined dismiss the whole thing as puzzling but probably harmless, except that the four email messages AND the files identified by Symantec were all created on the same day, late in May.
Could I have inadvertently downloaded some malware back in May that is messing things up this way? And if so, how could I find it? Does anyone know anything about the Gmerrew, etc., files?
Thanks for any insights you might have.
M
I then ran a full scan with MacScan. It identified four email messages as being KeyBag. The files are now isolated in a folder on my desktop. I used Cmd-I to get information, and they look fairly normal to me; I know all the senders (Borders, spaceweather.com, a client I get email from all the time, and Facebook). I googled around a bit, and it sounds like other people have had false positive KeyBag IDs from MacScan as well.
I ran a full scan with iAntiVirus and it gave me a clean bill of health. I'd be inclined dismiss the whole thing as puzzling but probably harmless, except that the four email messages AND the files identified by Symantec were all created on the same day, late in May.
Could I have inadvertently downloaded some malware back in May that is messing things up this way? And if so, how could I find it? Does anyone know anything about the Gmerrew, etc., files?
Thanks for any insights you might have.
M