Hey, I got a virus/spyware! tell me I don't...

Discussion in 'iMac' started by Snakey Pete, Jun 23, 2008.

  1. Snakey Pete macrumors newbie

    Joined:
    Jun 23, 2008
    #1
    When I do a search in google and click on one of the links sometimes it does not take me to the desired website, but redirects me elsewhere- sometimes to dealtime or even to a rude personals site, -anywhere. If I use the back button to go back to google and try again it works fine. It happens a lot.

    If this was my PC I would know what to do about it...but a Mac???

    Help!!
     
  2. jmadlena Guest

    #2
    There was thread earlier today from a user that had similar problems. Are there any strange websites in your history?

    His problem was a plug-in that another user may have installed. And I doubt you have a virus, maybe a trojan. Been downloading anything shady lately? Using torrents or Limewire?

    EDIT: Are you using Safari 3.1, Firefox 3? Tiger, or Leopard? Give us some more information, please.
     
  3. Snakey Pete thread starter macrumors newbie

    Joined:
    Jun 23, 2008
    #3
    Leopard and Safari 3.1

    Nothing shady, but the kids use bebo, facebook possibly limewire etc, but there are no viruses for macs, right?

    Also my wife's ebay account got hijacked last week, don't know how. I am suspicious that there is some form of malwre- keylogger, trojan or otherwise, but I don't know how to deal with it on a mac.
     
  4. blinkie macrumors regular

    Joined:
    Sep 7, 2007
    #5
    My friend phoned me today to tell me his macbook had caught a virus that did just the same, he's managed to fix it. No idea where this is coming from.
     
  5. dool macrumors newbie

    Joined:
    Jun 10, 2008
    #8
  6. ihabime macrumors 6502

    Joined:
    Jan 12, 2005
    #9
    It sounds like nout72 is right, that means that someone DLed and installed the fake video codec. If your kids are on facebook, myspace etc those kind of things are rampant. It would be a good idea to set your kids up with their own non-admin user accounts to head off more of this in the future.
     
  7. Chrycopsycho macrumors member

    Joined:
    Feb 5, 2008
    #10
    Sure sounds odd. Reminds me of the time I tried to go to a midget amputee granny machine porn site and Microsoft.com opened instead.....
     
  8. marbles macrumors 68000

    marbles

    Joined:
    Apr 30, 2008
    Location:
    EU mostly
    #11
    If it where me , I would do an erase and install , then I would set the kids up with an account of there own with VERY limit privileges , but only after a period of complete bannation from the machine for a month or so... .

    Upon starting afresh & giving the little darlings a new account I would install some kind of program (yes spyware ) to monitor there online activities............ used correctly ie: protecting your family !! ..it has its place If after a while they aren't getting up to mischief then give em a bit more 'freedom' .
     
  9. motulist macrumors 68040

    motulist

    Joined:
    Dec 2, 2003
    #12
    There are no viruses for Mac, but that doesn't mean you can install anything without worry. A virus means a piece of software that does something to your computer without your approval. But if you download a piece of software and type in your administrator password when OS X prompts you for your password to allow it to install, then all bets are off.

    If anyone using your computer is installing things that require them to type in the computer's administrator password, then it's entirely possible that you've installed a non-virus malicious piece of software called malware. The point of the administrator password is that nothing can be installed without you explicitly giving your approval telling the system that the software is to be trusted. There's no security system real or imagined that could possibly protect your computer from malicious software after you've explicitly given it permission to run on your computer.

    If your kids have been installing random downloaded software, which you made it sound like they have, then it's entirely possible that they typed in the administrator password to allow some malicious software to have free reign.

    No security system can keep out the bad guys if you choose to open the door when they ask if they can come in.

    I suggest you backup your disk and do a clean install of OS X. When you setup the new system choose an administrator password that your kids don't know.
     
  10. jons macrumors 6502

    Joined:
    Apr 24, 2008
    #13
    Wow, wierd. Guess I can't surf those sites anymore...
     
  11. AlexisV macrumors 68000

    AlexisV

    Joined:
    Mar 12, 2007
    Location:
    Manchester, UK
    #14
    You can, just don't download and run any file that says it's a video codec (apart from legitimate sites like Flip4Mac and DivX)
     
  12. benzslrpee macrumors 6502

    benzslrpee

    Joined:
    Jan 1, 2007
    #15
    Snakey Pete

    after you remove the malware please go to your Safari preferences > General > and un-check "open safe files after downloading" if you haven't already. that may or may not be how you got the fake video codec installed on your Mac.
     
  13. IJ Reilly macrumors P6

    IJ Reilly

    Joined:
    Jul 16, 2002
    Location:
    Palookaville
    #16
    Let's see, you can either remove the offending software or erase and install.

    Tough choice.
     
  14. Snakey Pete thread starter macrumors newbie

    Joined:
    Jun 23, 2008
  15. Phil A. Moderator

    Phil A.

    Staff Member

    Joined:
    Apr 2, 2006
    Location:
    Shropshire, UK
    #18
    I think we're seeing the effects of the root escalation security issue with ARDAgent (mentioned in the OS X forum a week or so ago) - with this issue, you won't be prompted for your administrator password as part of a trojan install. Yes, you still have to download and run the program, but the protection afforded by the secondary authentication is out of the window: Time to be more vigilant!
     
  16. MacFanatic08 macrumors member

    Joined:
    Jun 1, 2008
    #19
    I agree with the others, set your kids up a non-admin account.
     

Share This Page