I'm infected with the flashback trojan. It's been at least a couple days. I've been following the instructions at f-secure, but I'm getting stuck at the final steps.
Here's an outline of what I've done so far:
I ran:
And I got:
So I followed the f-secure instructions to remove that file, but when I got to step step 14, and entered
The instructions at f-secure say not to proceed unless there's only one output, so I decided to come here. I'd be very grateful if anyone can help. FWIW, when I now enter
it returns that it is empty, so I think I've made some progress, but clearly there is still something wrong with my machine. What are the effects of the flashback trojan? Should I be worried about my personal info?
Here's an outline of what I've done so far:
I ran:
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
And I got:
Users/myname/Library/Application Support/.AdvancedMpWma.tmp
So I followed the f-secure instructions to remove that file, but when I got to step step 14, and entered
ls -lA ~/Library/LaunchAgents/
terminal returned the following, which seemed suspicious:-rw-r--r-- 1 myname staff 894 2 Aug 2010 com.apple.CSConfigDotMacCert-my.name@me.com-SharedServices.Agent.plist
-rw-r--r-- 1 root staff 695 10 Feb 16:09 com.divx.agent.postinstall.plist
-rw-r--r--@ 1 myname staff 479 28 Mar 15:28 null.plist
The instructions at f-secure say not to proceed unless there's only one output, so I decided to come here. I'd be very grateful if anyone can help. FWIW, when I now enter
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
it returns that it is empty, so I think I've made some progress, but clearly there is still something wrong with my machine. What are the effects of the flashback trojan? Should I be worried about my personal info?
