A Mac Virus?!?!?

Discussion in 'Mac Basics and Help' started by yankeefan24, Feb 14, 2006.

Thread Status:
Not open for further replies.
  1. Benjamindaines macrumors 68030

    Benjamindaines

    Joined:
    Mar 24, 2005
    Location:
    A religiously oppressed state
    #26
    I added in the EDIT that you have to do it from a new account.
     
  2. yankeefan24 thread starter macrumors 65816

    yankeefan24

    Joined:
    Dec 24, 2005
    Location:
    NYC
    #27
    from a new sub account it is giving me the same apps and data that you were saying should come out. it said overwrite and answered no, it gave a list (before it wouldn't give a list). How would this affect iChat/AIM? Also, what would happen if you said yes (i am NOT saying that someone should try).

    and if a MOD sees this thread, please ban lasthope, or make him give an explanation of what this does and how to fuly get rid of this, and then ban him (second is preferred).
     
  3. iMeowbot macrumors G3

    iMeowbot

    Joined:
    Aug 30, 2003
    #28
    This might be a good time for a little public service announcement. It's not the best idea to do everything from your default Mac user account (the admin one). If you poke around in your applications folder, you may notice that you have write access to many of those files, no password required. Installers could and should do a better job here, but they don't.

    Set up a second, non-privileged account, and do your day-to-day stuff from there.
     
  4. Benjamindaines macrumors 68030

    Benjamindaines

    Joined:
    Mar 24, 2005
    Location:
    A religiously oppressed state
    #29
    It just gives you the same list. Unless you have already removed the infected apps, then it picks all new ones.
     
  5. yankeefan24 thread starter macrumors 65816

    yankeefan24

    Joined:
    Dec 24, 2005
    Location:
    NYC
    #30
    yes, i removed skype and it gave me another game. :(
     
  6. yankeefan24 thread starter macrumors 65816

    yankeefan24

    Joined:
    Dec 24, 2005
    Location:
    NYC
    #31
    i think i have a side note. i still believe that it is going to be something big, and will be hard (if possible) to remove. It is putting itself into the apps scripts to make sure that it is not removed. I tried to uninstall it, but it came up again. I believe that something big is going to happen. Backup your drive EXTERNALLY and then stop using any chatting apps on your infected computer. The fact that it came as a tar file (i know nothing about it) suggests that there may be an extra file somewhere hidden within the computer.
     
  7. CoMpX macrumors 65816

    CoMpX

    Joined:
    Jun 29, 2005
    Location:
    New Jersey
    #32
    I am currently backing up RELIGIOUSLY everything on all of the computers in the house to my external. Then I'm going to disconnect my external so it doesn't get infected. My Mac is not infected yet *knocks on wood* but I cannot afford to lose any data. Right now, I am genuinely scared as to what is going to become of this.

    I wonder what the mods are doing about this? Are they aware of it? This guy might be punished by law if anything serious happens like data loss. I'm like shaking. Someone please comfort me.
     
  8. Benjamindaines macrumors 68030

    Benjamindaines

    Joined:
    Mar 24, 2005
    Location:
    A religiously oppressed state
    #33
    Alright guys, I am VERY relived to discover that my laptop is the only computer of mine infected. I am running ClamXav during the night to see what comes up (I am also running it on the other computers just incase). I have backed everything up but there isn't anything important on my laptop. So I am dedicating my laptop to the effort of removing this virus and to find out what exactly it does (if i can't / haven't get rid of it)
     
  9. yankeefan24 thread starter macrumors 65816

    yankeefan24

    Joined:
    Dec 24, 2005
    Location:
    NYC
    #34
    I LOVE THE COURT OF LAW, except we don't know if he is in the US or the UK (the only confirmed places i have heard this virus exists), so if he is in india or russia or china, we have to rely on extradition (probably to the US because that is where this site is hosted), and if their mysterious government doesn't comply, we have a problem. But if he IS in the US/UK, i guess when we press charges (if we) he has a real problem.

    This is a what if situation, btw.
     
  10. CoMpX macrumors 65816

    CoMpX

    Joined:
    Jun 29, 2005
    Location:
    New Jersey
    #35
    This might be a n33b question, but can this be officially called the first Mac virus?
     
  11. yankeefan24 thread starter macrumors 65816

    yankeefan24

    Joined:
    Dec 24, 2005
    Location:
    NYC
    #36
    that's wat i am calling it. It might be more technically a mac TROJAN but the same concept. any one who receives it from iChat/AIM/whatever would indeed have the first mac VIRUS. so its a split. i am calling it a virus.

    glad you are dedicating your laptop to the cause. i am basicly doing the same with mine, just don't know as much as you probably do. i tried to do a full hdd scan with ClamXav and it said it couldn't, but i am pretty sure that my TiBook doesn't have it.
     
  12. CoMpX macrumors 65816

    CoMpX

    Joined:
    Jun 29, 2005
    Location:
    New Jersey
    #37
    This is a VERY< VERY sad day for the Mac platform. I always hoped that this would not happen in my lifetime. I am almost in shock now, I can't believe this is reality. All because of this bastard with hi pics. I am extremely pissed, sad, and scared. This guy needs to pay. This is war IMO.
     
  13. iMeowbot macrumors G3

    iMeowbot

    Joined:
    Aug 30, 2003
    #38
    There have been Mac viruses in the past, before OS X. This program falls more in between a worm and trojan horse. This incident does, however, provide a wonderful opportunity to tell overly complacent Mac users "I told you so." Stuff like this, and not classical viruses, is how most Windows malware spreads.
     
  14. Laser47 macrumors 6502a

    Laser47

    Joined:
    Jan 8, 2004
    Location:
    Maryland
    #39
    Maybe someone should email the file to symantec or another antivirus company so they can analyise it.
    If it is the first mac virus then I can proudly say "I was one of the first people to get a mac virus"
    Also has anyone tried Pm'ing an admin to see what they say about it.
    The other day after I got the virus, before the 10.4.5 update I reinstalled the OS. 1. to get the virus off my ibook, and 2. because my KB was acting up again and wanted to see if it would fix it (It didint), but all is good because apple is sending me a new one.

    Also a quick question for those who got the virus. At the time I ran the file i had my external hard drive connected which has some apps on it, along with my backups. Does this only propigate in the main drive or everywhere an app exists.
     
  15. hcuar macrumors 65816

    hcuar

    Joined:
    Jul 23, 2004
    Location:
    Dallas
    #40
    It's not surprising that an Admin account would allow something to cause problems via the terminal. :rolleyes:

    This still seems more of a social engineering Trojan than a virus. I'm not worried about catching it. Don't you have to accept the file from IM to get the "infection"?
     
  16. Airforce macrumors 6502a

    Airforce

    Joined:
    Jan 12, 2006
    #41
    Did you just proclaim war over this? lol... :p
     
  17. furryrabidbunny macrumors 6502

    furryrabidbunny

    Joined:
    May 10, 2005
    Location:
    Mesa, AZ
    #42
    Really late into this

    But reading this thread is giving me a headache. Can someone simply spell out a few things: How do you become infected? How do you know your infected? How do you treat?
     
  18. Benjamindaines macrumors 68030

    Benjamindaines

    Joined:
    Mar 24, 2005
    Location:
    A religiously oppressed state
    #43
    Well if we think of the positive side, one of us can now have the honour of posting to SlashDot the first Mac Trojan / Virus...
     
  19. yankeefan24 thread starter macrumors 65816

    yankeefan24

    Joined:
    Dec 24, 2005
    Location:
    NYC
    #44
    I can't believe i was the first Mac OS X user to get a virus.

    i don't know about external hdd. this is a problem to all. and i think war is NOT a bad idea. ;) but an mod should check this guys IP to make sure he doesn't try to sign up again.

    EDIT: ON MY INFECTED COMPUTER, I CAN NOT DO A FULL LOG OUT. is this a coincidence or virus affected, i can only quick log out.

    This is only on a sub account that i have done most of my attempts to try to get the virus uninstalled, not the first account to get it (an admin).
     
  20. Benjamindaines macrumors 68030

    Benjamindaines

    Joined:
    Mar 24, 2005
    Location:
    A religiously oppressed state
    #45
    I have sent a threatening PM to lasthope and have forwarded the PM to DoctorQ as well. I have also asked DoctorQ for the users email address or if he can't release that for him to forward my message to it as well. Of course I have asked that lasthope be banned.
     
  21. Benjamindaines macrumors 68030

    Benjamindaines

    Joined:
    Mar 24, 2005
    Location:
    A religiously oppressed state
    #46
    What do you mean by full logout VS a quck logout?
     
  22. CoMpX macrumors 65816

    CoMpX

    Joined:
    Jun 29, 2005
    Location:
    New Jersey
    #47
    I submitted a story to Macrumors about this, lets see what happens. Just watch, front page of MR, Mac virus!!
     
  23. yankeefan24 thread starter macrumors 65816

    yankeefan24

    Joined:
    Dec 24, 2005
    Location:
    NYC
    #48
    full logout as in apple menu then log out, quick logout as in switch user, thats just what i use because i only have one account on it.
     
  24. Benjamindaines macrumors 68030

    Benjamindaines

    Joined:
    Mar 24, 2005
    Location:
    A religiously oppressed state
    #49
    Oh ok, I can full log out on my laptop but iChat Agent crashes so im trying to find it and replace it with an unaffected copy.
     
  25. CoMpX macrumors 65816

    CoMpX

    Joined:
    Jun 29, 2005
    Location:
    New Jersey
    #50
    Has anyone contacted Apple about this? Someone with more knowledge than me should really contact Apple and let them know that this is becoming serious and many people are becoming infected. Maybe they will know what to do or release a patch or something.
     
Thread Status:
Not open for further replies.

Share This Page