Anyone repair Mac problems?

[wcjp]

I talked some friends parents into DSL. I hooked up two Window's and one Mac computer to the high speed. The 6month old Dell had a virus downloaded courtesy of the new Yahoo email account. I downloaded the S-T-I-N-G-E-R from McCaffee. Also ran a full system scan. Computer was back up. Before debugging I noticed the I. E. browser appeared to have a redirect when connecting. After the two scans the computer was back up. Soon after I left they downloaded another virus from Yahoo. Full system scans this time didn't catch anything. I'm thinking the original virus corrupted the XP Winsock.



My Mac question is how to fix the same problem. Since I'm not able to make it over there until tomorrow (sat) the virus was again downloaded to the Mac. I think it's a G3. The O. S. might be 9. ?. They've since disavowed Yahoo mail. How is the TCP/IP stack fixed in the world of Mac. I don't even know enough to be dangerous.

 

[guava]

I talked some friends parents into DSL. I hooked up two Window's and one Mac computer to the high speed. The 6month old Dell had a virus downloaded courtesy of the new Yahoo email account. I downloaded the S-T-I-N-G-E-R from McCaffee. Also ran a full system scan. Computer was back up. Before debugging I noticed the I. E. browser appeared to have a redirect when connecting. After the two scans the computer was back up. Soon after I left they downloaded another virus from Yahoo. Full system scans this time didn't catch anything. I'm thinking the original virus corrupted the XP Winsock.



My Mac question is how to fix the same problem. Since I'm not able to make it over there until tomorrow (sat) the virus was again downloaded to the Mac. I think it's a G3. The O. S. might be 9. ?. They've since disavowed Yahoo mail. How is the TCP/IP stack fixed in the world of Mac. I don't even know enough to be dangerous.

I can't usually do MAC fixes by memory but... I highly doubt that it has the same virus that the windows machine had. I'd first want to know how everything is connected and what resources are shared. (is the windows machine sharing its connection or is there a hub/router inbetween)



I'm located up in Kent so maybe I can offer a hand.



Usually re-doing the connection wizard will fix any corrupt connection in the MAC.

 

[wcjp]

Thanks. I'll try resetting TCP/IP. Both machines are connected by a Linsys WRTG54 dynamically. No type of file sharing is setup. I thought it was odd the Mac would be affected by the same virus as the Windows machine. It's my understanding the Mac's are more resilient against viruses. Also, the Mac was fine until the wife checked her Yahoo email.



When the problem first started on the Windows machine I was able to ping yahoo but not able to connect. I was thinking a DNS issue. But, I noticed when trying to connect directly to the modem the browser redirected to some unknown IP. The antivirus scans were completed after I left. I didn't see the final screens when the scans were complete.



Thanks for the tip.

 

[PC12Driver]

If I was getting redirects on a Windows machine, I'd take a look at the hosts file (no extension, just "hosts", in the \Windows\system32\drivers\etc folder). Just open it with notepad. It should look like this:



# Copyright (c) 1993-1999 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102. 54. 94. 97 rhino. acme.com # source server

# 38. 25. 63. 10 x. acme.com # x client host



127. 0. 0. 1 localhost





Some trojans and viruses will add entries below the localhost entry, and that's what causes redirects. Make it look like what I pasted above and reboot the machine and that should get rid of the redirects. Unless you still have an active trojan or virus, of course. The mac should have a similar file.



If one machine has an active trojan or virus and you leave it on the network there's a good chance it will get the others. You can clean one, and by the time you finish the other two the first one can get the virus again. So only have one at a time plugged into the switch 'till they're all cleaned.



The machines need to be hit with a good virus scanner (McAfee, Symantec), a good spyware scanner (Ad Aware, Spybot S&D), and a good trojan remover (TDS3).



And of course, if they don't have all the latest MS patches and a good, updated real time virus scanner on their computers, punch 'em in the head. That's just stupid. They'll have the same problem with any email provider unless they do (especially if they blindly open every piece of email they get). Shoot, I've had bad things dropped on my pc just browsing to some of the diesel related sites that are close to the TDR crowd. McAfee caught everything, though. I'll work on my friend's and family's computers too; but if everything isn't patched and they don't have current antivirus software running, I'll charge 'em $50/hour, minimum 1hr.



It's not that macs are more resilient against viruses, it's just that macs only account for 3% of the computer population so no one bothers. If you're gonna spray some grafitti, you'll do it on the side of a building or a train, not the walls of your basement closet.