Help!! I Have A Mac Trojan/virus

Discussion in 'Mac Apps and Mac App Store' started by samrulestothema, Jun 15, 2008.

  1. samrulestothema macrumors regular

    Joined:
    Feb 6, 2008
    #1
    HELP ME PLEASE!!!

    OK so i went onto a free site with high quality music videos, i clicked on a link which took me to another page to view the video.

    It then told me that I needed to install a new codec in order to view the video.


    I downloaded and did this :(

    The video still did not play and so I eventually gave up, and just bought the song in iTunes.

    Over the last week or so, my supposedly broadband speed internet is VERY slow, and when i go to a secure website it directs me to other pages. I noticed this with my online banking. I knew it was wrong because when i first started online banking last year i memorized the url, and i check each time . (scare tactics make me do this). Bu the URL is different. :(
    I had a look on the net, and it says that there are at least a dozen "codecs" out there and that only a few people have been fooled into this. Ha, my luck. It also says that they are most common on porn sites. Im sure this is not how i got it, browsing porn is not one of my favorite things to do.

    Im not very computer literate.

    How do i get rid of this?! Will a clean install of OS X do this?!?!?!

    What do i need to do a clean install? Just the OS X cds my mac came with ?!

    sorry to go on, but i thought the more info i give you the easier you guys can help me out.

    HELP ME PLEASE!!! i have 2 OS X cds/dvds. they came with my mac i bought this year. are these enough to reinstall it? i have an external hard drive, i would put my pictures and music onto that and just wipe everything. any chance the trojan is in my pictures or music?


    Sam
     
  2. migulic macrumors member

    Joined:
    Mar 25, 2008
    #2
    Yes, a clean install of OS X from the discs that came with your computer should do the trick. As for your pictures and music, try restoring them after doing the clean install and seeing if the problem comes back. If it doesn't, that means you're safe.

    Otherwise you could try running some anti-virus software such as Norton AntiVirus or ClamXav (http://www.clamxav.com/).
     
  3. Osarkon macrumors 68020

    Osarkon

    Joined:
    Aug 30, 2006
    Location:
    Wales
    #3
    Surely you could try uninstalling the codec?

    Also, were you using Safari? If so, goto Safari - Reset Safari in the menu bar.

    That might do the trick.
     
  4. samrulestothema thread starter macrumors regular

    Joined:
    Feb 6, 2008
    #4
    hi there,

    i have tried resetting safari but im not sure if that worked, still getting slow net.

    how di find and uninstall the codec?
     
  5. motulist macrumors 601

    motulist

    Joined:
    Dec 2, 2003
    #5
    Alright, here's the deal.

    #1. Never ever install something that comes from a site you don't have a good reason to trust.

    #2. You probably don't have a trojan, just a lame piece of software messing up your system.


    About determining the problem:

    A) Open up the program called Activity Monitor (use spotlight to find it)

    B) select to view "All Processes" from the pull down menu in the upper right of that program's window. Now look to see if anything is taking up a large percent of your CPU, and tell us what you see.

    C) click the network tab at the bottom, and look at how much data it says is going up and down, and tell us those numbers.


    EDIT: and oh yeah, tell us exactly which site this came from so we can go check out what it is that they had you install.
     
  6. richard.mac macrumors 603

    richard.mac

    Joined:
    Feb 2, 2007
    Location:
    51.50024, -0.12662
    #7
    ive actually downloaded one of these trojans before. to get infected you have to open the disk image, open the installer, give your password and then click install.

    did you do this? if so youre infected and follow the link to remove it above… if not you will be fine
     
  7. samrulestothema thread starter macrumors regular

    Joined:
    Feb 6, 2008
    #8
    yes i did do this unfortunetely.bu thats ok because i have just reinstalled mac os x and the problem has gone :D

    Thank You all for helping so quickly.

    Very appreciative. I love how the Mac community help eachother out without questioning themselves.

    thanks
    Sam
     
  8. Schtumple macrumors 601

    Schtumple

    Joined:
    Jun 13, 2007
    Location:
    benkadams.com
    #9
    It's what we're here for :)
     
  9. MBHockey macrumors 68040

    MBHockey

    Joined:
    Oct 4, 2003
    Location:
    New York
    #10
    I've never heard "high quality music videos" used as a euphemism for porn :p
     
  10. r.j.s Moderator emeritus

    r.j.s

    Joined:
    Mar 7, 2007
    Location:
    Texas
    #11
    I believe this is the first case of someone coming here claiming they have a virus/trojan/malware, and it actually be true - malware in this case, but true none the less.
     
  11. northy124 macrumors 68020

    northy124

    Joined:
    Nov 18, 2007
    #12
  12. samrulestothema thread starter macrumors regular

    Joined:
    Feb 6, 2008
    #13
    HAHAHAHA.you got me ;) lol
     
  13. CanadaRAM macrumors G5

    CanadaRAM

    Joined:
    Oct 11, 2004
    Location:
    On the Left Coast - Victoria BC Canada
    #14
    No, because the codec wasn't a codec.
    Look up Trojan Horse -- it seems likely this was a genuine trojan.

    more likely a malicious piece of software messing up the system -- AKA a trojan.

    The remapping of secure internet hosts is not something that's going to happen with a benign piece of software misbehaving.

    If a piece of software can trick the user into issuing password permission to install, the fabled Mac "invulnerability" is out the window.

    samrules: Good work on being vigilant about watching your banking site URLs, and searching the net for identification of the likely malware.
     

Share This Page