Trojan, Malware Or Not? Mail Shows Empty Window

stilbite

Registered
For the last few weeks I have been trying to solve a mystery where my Mac mail on a MacBook and an iMac keeps showing an empty window for my inbox mail.
Both Macs were running Snow Leopard so I updated the iMac to Mountain Lion and deleted the two mail accounts and totally re-installed them.
I have removed all non related folders and mail accounts from the server I am using.
For a brief period (6 hours) the two mail accounts worked ok but then when I went to check mail on the MacBook all the mails disappeared. If I then change the Port on either Mac from 143 to 993 and then back to 143 the Server refreshes and the mails show up again.. for a few minutes only.
The server company say that their system is all running fineand say it is a Mac Problem
The Mail accounts are accessed by a PC as well and this shows the mails and has no problems at all.
Sometimes when the mails are showing it can show a number of unread emails on the Mail icon but they are not showing in the window. Another odd glitch is a folder deleted on the server showed up again six hours later on the two Macs!
My next goal is to update the MacBook to Mountain Lion and re-install Mail and accounts.
I do not want to go to Mavericks or Yosemite as some of my software is not compatible.
Any pointers would be appreciated.
 
Do you have an anti virus app installed? Are you using Apple’s Java (Java Runtime Environment/JRE) or Oracle’s ?
Go here:
http://www.clamxav.com/download.html

Scroll down for the older versions for your OS. Once downloaded and installed, have it scan your entire drive. You don’t want to quarantine the bad files it finds, just delete them. (quarantine will not allow you to delete). Once all the ‘bad files if any are found and deleted, restart the machine and then empty the trash.

My suggestion is to make sure you have a copy on a separate drive of all your app installers, like the ones that don’t work on Mavericks. Back up all your documents as well ! Have your Mountain Lion disk ready and use it to boot your computer to it. Then use Disk Utility to erase the hard drive - totally! Then install Maverick on that fresh, clean drive.
 
Thanks for the reply.
The iMac has Macafee on it and despite finding two very small mail files that were deleted nothing else shows as a problem.
I am reluctant to back up, erase and re-install as in my opinion the back up would just bring back ant problem files would it not?
 
The iMac has Macafee on it and despite finding two very small mail files that were deleted

Those two very small files have the potential of making a big mess. If you are very selective in what you migrate back to the fresh system, you should do fine.
 
Hi Cheryl,

I didn't think you could actually isolate single files when migrating from Time Machine or CarbonCopyCloner which is use a lot when migratng back.
And I actually cannot find the two files despite trying for an hour.
The path shows fairly clearly in Macafee but not 100%.. you cannot access the Quarantined file, check its original location etc!
The problem re-occurred last Friday and now four different devices were affected, 1iMAc, 2 MacBook Pros and an iBook.
I managed to have all four devices in front of me and all were acting the same way with a blank window when looking at the SALES account in mail.
One particular folder on the server re-appeared after being deleted several times over the last two weeks.. then re-appeared on the Macs when this folder is deleted ALL MACS REVERT TO BEING NORMAL.
Sophos on one MacBook Pro says there is a Trojan.. but you cannot locate it
McAfee just isolates files and you cannot determine if they are Malware or Trojans or nothing at all as you cannot access them.
I am beginning to think unless I wipe the other three MacBooks I won't resolve this problem!
 
When you quarantine a file, it is like putting a concrete barrier around it. It appears that the invected file was on your mail server and it spread most likely in a file or email you shared or downloaded on the other computers.

Now you need to do some detective work. You need to get rid of the source before cleaning up your machines. Log into your web mail of your email accounts and without clicking links or opening attachments, delete the email (s) that could have that trojan. Empty the trash of your web mail. Do this to all your accounts.

Next - Make sure Macafee and Sophos is up to date, and run it on all your machines. If you allow quarantine, you may not be able to locate and trash the invected file (s). When it finds one, trash it. Now empty the trash with Secure Trash. See if that allows you to work on the machines. If not, a total erase and install is needed.
 
Back
Top