Mac Trojan?

Status
Not open for further replies.

ohrightantlers

macrumors newbie
Original poster
May 21, 2012
5
0
Hello. I ran two system scans with avast! on my macbook last night and both found 14 infections and 7 warnings. Here's what was found:



I haven't done anything yet and I really don't know what to do. I've asked at a few help forums (including the avast! forum) but I haven't gotten a response. I figured it wouldn't hurt to ask in different places. Should I Repair? Delete the infected? I really don't know what to make of the warnings either.

At this point I'm desperate because I'm really barely a novice at these things. What should I do? Has my mac been completely compromised? Is there a way to know and is there a way to fix it? Thanks :)
 

betatest

macrumors member
May 17, 2012
46
0
Hello. I ran two system scans with avast! on my macbook last night and both found 14 infections and 7 warnings. Here's what was found:

Image

I haven't done anything yet and I really don't know what to do. I've asked at a few help forums (including the avast! forum) but I haven't gotten a response. I figured it wouldn't hurt to ask in different places. Should I Repair? Delete the infected? I really don't know what to make of the warnings either.

At this point I'm desperate because I'm really barely a novice at these things. What should I do? Has my mac been completely compromised? Is there a way to know and is there a way to fix it? Thanks :)
Hi

I recommend you do a full scan with DrWeb Light for Mac.

http://www.freedrweb.com/drweb+mac+light/

Then you do a full scan to check if your computer is infected with any missed trojan,keyloggers with Macscan.

http://macscan.securemac.com

Do not install too many Antivirus in your OS. Use one software at a time to do a full scan.

See if it catches anything...

Quarantine it if it detected.

Do not do any Apple Software Update yet. (What ever you do do not do any Apple Software Update)

This is a known Java Vulnerabilities.

Once you do a full scan. Qurantine the detected files. And Delete it.

And do another full scan.

Once you know that there is no virus.

Backup all your important data to a DVD-R and burn it.

Before you intend to reformat the harddisk (zero out) and reinstall the OSX again.

(Before you do, make sure you have a USBThumbdrive for Mac OS X Lion, or 10.6 and iLife recovery DVD when you first bought the computer that comes with it)

** Take note: Java is a crossplatform, so it can infects any OS that have Java! **


This is for BootCamp for Windows for Mac (only)
------------------------------------------------------------------------

If you are using bootcamp with Windows on your Mac.

Boot up to your Windows OS.

Download,

http://www.freedrweb.com/download+cureit+free/beta/

Do a full scan.

Check to see if your Windows Boot Camp have been infected.

As usual download, Malwarebytes.

http://www.malwarebytes.org/

Do a full scan.

There is one that I like to use, HitMan Pro. (optional)

http://www.surfright.nl/en/downloads
 
Last edited:

Mal

macrumors 603
Jan 6, 2002
6,251
17
Orlando
I recommend strongly that you do the opposite of what betatest said. Do your software updates if you haven't, but you can also simply delete those files, they are Windows viruses and cannot affect your Mac. If you have a Bootcamp partition, then of course run antivirus on it, but stay far away from the links that betatest provided.

jW
 

SDub90

macrumors 6502a
Nov 9, 2009
685
3
Long Island
I recommend strongly that you do the opposite of what betatest said. Do your software updates if you haven't, but you can also simply delete those files, they are Windows viruses and cannot affect your Mac. If you have a Bootcamp partition, then of course run antivirus on it, but stay far away from the links that betatest provided.

jW
This. Your mac isn't infected, but those files can infect a Windows machine if you share them or load them onto a bootcamp partition.

I don't have much else to add, just wanted to reenforce what Mal has already said.
 

GGJstudios

macrumors Westmere
May 16, 2008
44,427
762
Mal is right, of course. Troj/Djewers-A is a Windows trojan that cannot affect your Mac OS X installation. If you're running Windows on your Mac, you should have a Windows antivirus running, which should detect and quarantine/remove any threats.

Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 10 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). Also, Mac OS X Snow Leopard and Lion have anti-malware protection built in, further reducing the need for 3rd party antivirus apps.
  1. Make sure your built-in Mac firewall is enabled in System Preferences > Security > Firewall

  2. Uncheck "Open "safe" files after downloading" in Safari > Preferences > General

  3. Disable Java in your browser (Safari, Chrome, Firefox). This will protect you from malware that exploits Java in your browser, including the recent Flashback trojan. Leave Java disabled until you visit a trusted site that requires it, then re-enable only for the duration of your visit to that site. (This is not to be confused with JavaScript, which you should leave enabled.)

  4. Change your DNS servers to OpenDNS servers by reading this.

  5. Be careful to only install software from trusted, reputable sites. Never install pirated software. If you're not sure about an app, ask in this forum before installing.

  6. Never let someone else have access to install anything on your Mac.

  7. Don't open files that you receive from unknown or untrusted sources.

  8. For added security, make sure all network, email, financial and other important passwords are long and complex, including upper and lower case letters, numbers and special characters.

  9. Always keep your Mac and application software updated. Use Software Update for your Mac software. For other software, it's safer to get updates from the developer's site or from the menu item "Check for updates", rather than installing from any notification window that pops up while you're surfing the web.
That's all you need to do to keep your Mac completely free of any Mac OS X malware that has ever been released into the wild. You don't need any 3rd party software to keep your Mac secure.
 

betatest

macrumors member
May 17, 2012
46
0
Mal is right, of course. Troj/Djewers-A is a Windows trojan that cannot affect your Mac OS X installation. If you're running Windows on your Mac, you should have a Windows antivirus running, which should detect and quarantine/remove any threats.

Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 10 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). Also, Mac OS X Snow Leopard and Lion have anti-malware protection built in, further reducing the need for 3rd party antivirus apps.
  1. Make sure your built-in Mac firewall is enabled in System Preferences > Security > Firewall

  2. Uncheck "Open "safe" files after downloading" in Safari > Preferences > General

  3. Disable Java in your browser (Safari, Chrome, Firefox). This will protect you from malware that exploits Java in your browser, including the recent Flashback trojan. Leave Java disabled until you visit a trusted site that requires it, then re-enable only for the duration of your visit to that site. (This is not to be confused with JavaScript, which you should leave enabled.)

  4. Change your DNS servers to OpenDNS servers by reading this.

  5. Be careful to only install software from trusted, reputable sites. Never install pirated software. If you're not sure about an app, ask in this forum before installing.

  6. Never let someone else have access to install anything on your Mac.

  7. Don't open files that you receive from unknown or untrusted sources.

  8. For added security, make sure all network, email, financial and other important passwords are long and complex, including upper and lower case letters, numbers and special characters.

  9. Always keep your Mac and application software updated. Use Software Update for your Mac software. For other software, it's safer to get updates from the developer's site or from the menu item "Check for updates", rather than installing from any notification window that pops up while you're surfing the web.
That's all you need to do to keep your Mac completely free of any Mac OS X malware that has ever been released into the wild. You don't need any 3rd party software to keep your Mac secure.

Hi

How do I do that on option 6???

There are cases that someone physically access to my mac and make changes to my system.

I even have that firmware password turn on.

Another thing which I need to inform you guys.

I'm not the only person who use a mac at home.

One of brother is also using a mac.

So either one is the main culprit.

----------

I recommend strongly that you do the opposite of what betatest said. Do your software updates if you haven't, but you can also simply delete those files, they are Windows viruses and cannot affect your Mac. If you have a Bootcamp partition, then of course run antivirus on it, but stay far away from the links that betatest provided.

jW
I will do a full scan first, if there is no infected files. Then I will do an update.

You should know better than me that Java is a cross platform.

It's run in all OSes! (if you install that is)

You install Java in Mac, Windows, Linux, BSD, Solaris etc.

If you are infected by it. You are infected by it.

Once you do a full scan, then if you know there aren't any infected file then you do Apple software update.

And did you know that in fact, Apple themselves are running Norton Antivirus in their Mac OS X in their company??

Apple stays MUM about it and did not want to tell you guys. They Denied it.

Asked Symantec. They know better.


Goto the Apple store in the US and check why Apple is selling Antivirus program.

http://store.apple.com/us/product/H7310LL/A?fnode=MTY1NDA1Mw

Go figure that one out.

How come there is still software such as ClamAV for the Mac???

Yeah right no viruses on a mac, but many Keyloggers! Remote control programs!

I even run antivirus on my Linux and Solaris! LOL!

If you have Java on your handphone. Don't tell me you are not infected?

Then why Steve Jobs talks about Java and Adobe Flash and get pissed off by it?

You know better than me, that last few years, there are cases in the US Schools that they install a remote program to spy on their students and and their parents sue the School for it.



http://news.cnet.com/8301-1009_3-10110852-83.html

CNET
News
Security & Privacy

Apple suggests Mac users install antivirus software

Apple advises Mac users to install antivirus software in nod that even Mac users aren't immune to rising malware threats.
Elinor Mills
by Elinor Mills December 1, 2008 5:30 PM PST

Updated 10:50 a.m. PST December 2 to correct that Apple previously recommended antivirus software to Mac users, and at 1:50 p.m. PST with call back from Apple and link to 2002 Apple anti-virus item. A follow-up blog will be posted that goes into more detail about the coverage.

Apple is recommending that Mac users install antivirus software.

But don't read this as an admission that the Mac operating system is suddenly insecure. It's more a recognition that Mac users are vulnerable to Web application exploits, which have replaced operating system vulnerabilities as the bigger threat to computer users.

On November 21 Apple updated a technical note on its Support Web site that says: "Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult."

The item offers three software suggestions: Intego VirusBarrier X5 and Symantec Norton Anti-Virus 11 for Macintosh, both available from the Apple Online Store, and McAfee VirusScan for Mac.

MacDailyNews unearthed the same note posted by Apple in June 2007 and published it on Tuesday,a long with a link to a March 2002 note from Apple urging people to use an anti-virus program.

Apple representatives did not respond to e-mails seeking comment on Monday, but did return a call on Tuesday. A spokesman said he would look into the matter.

Brian Krebs, who first reported on the Apple antivirus recommendation Monday in his Security Fix blog at The Washington Post, said an Apple store employee told him he didn't need antivirus software when he purchased a MacBook three months ago.
 
Last edited:

Mal

macrumors 603
Jan 6, 2002
6,251
17
Orlando
betatest, I have zero interest in your ridiculous "facts" and speculation. If you provided any correct information, I'd probably spend a few more minutes correcting the rest, but for now I'm going to continue to simply advise everyone who reads this thread to ignore you. Please put some effort into actually making sure you're posting truth instead of false information and conspiracy theories.

jW
 
  • Like
Reactions: keysofanxiety

GGJstudios

macrumors Westmere
May 16, 2008
44,427
762
How do I do that on option 6???

There are cases that someone physically access to my mac and make changes to my system.
If you can't trust them, it's your problem if you let them have access to your Mac.
I even have that firmware password turn on.
Those are easily circumvented.
You install Java in Mac, Windows, Linux, BSD, Solaris etc.

If you are infected by it. You are infected by it..
Read tip #3 in my post. If you do that, you will not be infected by any Java-based malware that exists in the wild.

And did you know that in fact, Apple themselves are running Norton Antivirus in their Mac OS X in their company??
Post a link to proof of that claim.
Asked Symantec. They know better.
That's ridiculous. Of course Symantec will say whatever promotes their product.

Goto the Apple store in the US and check why Apple is selling Antivirus program.
Apple sells a lot of 3rd party software and hardware. That doesn't mean they endorse or recommend any particular product.
How come there is still software such as ClamAV for the Mac???
There are millions of software apps out there. Just because they exist doesn't mean they're necessary.

Yeah right no viruses on a mac, but many Keyloggers! Remote control programs!
Which can only be installed if you do it yourself or allow someone to install them.
You know better than me, that last few years, there are cases in the US Schools that they install a remote program to spy on their students and and their parents sue the School for it.
Those were installed by the schools on school-owned computers.

http://www.infowars.com/students-to-be-spied-on-censored-with-school-issued-laptops/

You know better than me, that last few years, there are cases in the US Schools that they install a remote program to spy on their students and and their parents sue the School for it.
As for your other comments regarding Apple recommending antivirus, here is their statement in their own words:
Run an antivirus program if you find any suspicious files or applications, or if you notice any suspicious behavior on your computer.
That's not a recommendation to run antivirus all the time, but rather as a specific troubleshooting procedure.

The bottom line is that if you practice the safe computing steps I posted, you don't have to worry about infection from any Mac OS X malware that has ever existed in the wild. If you want to run antivirus, that's your choice, but it's not required to keep your Mac safe and there's no assurance it will protect you.
 
  • Like
Reactions: keysofanxiety

betatest

macrumors member
May 17, 2012
46
0
betatest, I have zero interest in your ridiculous "facts" and speculation. If you provided any correct information, I'd probably spend a few more minutes correcting the rest, but for now I'm going to continue to simply advise everyone who reads this thread to ignore you. Please put some effort into actually making sure you're posting truth instead of false information and conspiracy theories.

jW
False information??? Go and read www.securemac.com!



----------

[/COLOR]
If you can't trust them, it's your problem if you let them have access to your Mac.

Those are easily circumvented.

Read tip #3 in my post. If you do that, you will not be infected by any Java-based malware that exists in the wild.


Post a link to proof of that claim.

That's ridiculous. Of course Symantec will say whatever promotes their product.


Apple sells a lot of 3rd party software and hardware. That doesn't mean they endorse or recommend any particular product.

There are millions of software apps out there. Just because they exist doesn't mean they're necessary.


Which can only be installed if you do it yourself or allow someone to install them.

Those were installed by the schools on school-owned computers.

http://www.infowars.com/students-to-be-spied-on-censored-with-school-issued-laptops/



As for your other comments regarding Apple recommending antivirus, here is their statement in their own words:

That's not a recommendation to run antivirus all the time, but rather as a specific troubleshooting procedure.

The bottom line is that if you practice the safe computing steps I posted, you don't have to worry about infection from any Mac OS X malware that has ever existed in the wild. If you want to run antivirus, that's your choice, but it's not required to keep your Mac safe and there's no assurance it will protect you.
Infowars!!!! I know where it comes from. Isn't Inforwars comes from a conspiracy theories of 9/11???


Quote:" Well where did apple get their OS X security guide from??? Everyone knows it's from the NSA!" Mac Fanboys

Quote "Did you know that Steve Jobs hates Apple Fan Boys!" Mac Fanboys

Quote "Who is stealing IRAQ's Sumerian artifacts in the Museum for 2012 doomsday, and send a big ship of oil tanker and steals their Black Gold???" Skulls and Bones
 
Last edited:

betatest

macrumors member
May 17, 2012
46
0
;)
betatest, I have zero interest in your ridiculous "facts" and speculation. If you provided any correct information, I'd probably spend a few more minutes correcting the rest, but for now I'm going to continue to simply advise everyone who reads this thread to ignore you. Please put some effort into actually making sure you're posting truth instead of false information and conspiracy theories.

jW
I don't know Mal, if you said that those guys who produce antivirus programs are bogus just to get money out of you and as stated in the macrumors guide. I notice that clamxav is recommended choice to use.

I was wondering if in the clamav search database, clamav detected for OSX viruses.

http://clamav-du.securesites.net/cg...cgifields=case-sensitivity&.cgifields=display

ClamAV Virus Database Search
Search for: begins withcontainsexactregex
Case-sensitive search: YesNo
Search database(s): DailyMain
Display results: DatabaseFileVirus NameSignature
Search results:
Code:
daily.cvd      not-OSX.Tored                                
daily.cvd      OSX.Flashback-1                              
daily.cvd      OSX.Flashback-3                              
daily.cvd      OSX.Flashback-2                              
daily.cvd      OSX.Flashback-4                              
daily.cvd      Trojan.OSX.Miner                             
daily.cvd      OSX.Flashback-6                              
daily.cvd      OSX.Flashback-7                              
daily.cvd      OSX.Flashback-17                             
daily.cvd      OSX.Flashback-18                             
daily.cvd      OSX.Flashback-15                             
daily.cvd      OSX.Flashback-16                             
daily.cvd      Adware.OSX                                   
daily.cvd      OSX.Flashfake.Java                           
daily.cvd      OSX.Defma                                    
daily.cvd      MacOSX.Revir-1                               
daily.cvd      OSX.BlackHol                                 
daily.cvd      OSX.BlackHol-1                               
daily.cvd      MacOSX.iMuler-1                              
daily.cvd      Trojan.OSX.FlashBack.A                       
daily.cvd      OSX.DevilRobber                              
daily.cvd      OSX.Flashback-5                              
daily.cvd      Trojan.OSX.Imuler                            
daily.cvd      OSX.Word.Malware                             
daily.cvd      OSX.Word.Malware-1                           
daily.cvd      OSX.Flashback-8                              
daily.cvd      OSX.Flashback-10                             
daily.cvd      OSX.Flashback-12                             
daily.cvd      OSX.Flashback-9                              
daily.cvd      OSX.Flashback-13                             
daily.cvd      OSX.Flashback-14                             
daily.cvd      OSX.Flashfake                                
daily.cvd      OSX.SubPub                                   
daily.cvd      OSX.Flashback-19                             
daily.cvd      OSX.Flashback-20                             
daily.cvd      OSX.Maljava                                  
daily.cvd      OSX.Flashback-21                             
daily.cvd      OSX.Flashfake-1                              
daily.cvd      OSX.Flashfake-2                              
daily.cvd      OSX.Flashback-22                             
main.cvd       OSX.RSPlug                                   
main.cvd       Trojan.OSX.iservices.A                       
main.cvd       Trojan.OSX.iservices.B                       
main.cvd       OSX.DNSChanger.dmg                           
main.cvd       OSX.DNSChanger.dmg-1                         
main.cvd       Trojan.OSX.RSPlug.F.dmg                      
main.cvd       Trojan.OSX.RSPlug.F.dmg-1                    
main.cvd       Trojan.OSX.RSPlug.F.dmg-2                    
main.cvd       Trojan.OSX.RSPlug.F.dmg-3                    
main.cvd       Trojan.OSX.RSPlug.F.dmg-4                    
main.cvd       Trojan.OSX.RSPlug.F.dmg-5                    
main.cvd       Trojan.OSX.RSPlug.G.dmg                      
main.cvd       Trojan.OSX.RSPlug.G                          
main.cvd       Exploit.OSX.Safari                           
main.cvd       Trojan.OSX.Cowhand                           
main.cvd       Backdoor.OSX.BlackHole                       
main.cvd       Trojan.Downloader.OSX                        
main.cvd       OSX.Flashback                                
main.cvd       Trojan.Downloader.OSX-1                      
main.cvd       OSX.DNSChanger                               
main.cvd       OSX.Trojan-2                                 
main.cvd       Trojan.OSX.Opener                            
main.cvd       Trojan.OSX.RSPlug.C                          
main.cvd       Trojan.OSX.RSPlug.D                          
main.cvd       OSX.Tored                                    
main.cvd       OSX.RSPlug-2                                 
main.cvd       Trojan.OSX.OpinionSpy.B                      
main.cvd       Trojan.OSX.OpinionSpy.A                      
main.cvd       Trojan.OSX.MacDefender                       
main.cvd       Trojan.OSX.MacDefender.B                     
main.cvd       Trojan.OSX.MacDefender.C                     
main.cvd       OSX.Defma-1                                  
main.cvd       OSX.Defma-2                                  
main.cvd       Trojan.OSX.MacBack                           
main.cvd       Trojan-Downloader.OSX.Fav.A                  
main.cvd       Trojan-Downloader.OSX.Fav.B


----------

betatest, I have zero interest in your ridiculous "facts" and speculation. If you provided any correct information, I'd probably spend a few more minutes correcting the rest, but for now I'm going to continue to simply advise everyone who reads this thread to ignore you. Please put some effort into actually making sure you're posting truth instead of false information and conspiracy theories.

jW
Tell you what Mal, you show me the fact finding.

I don't know if this is bogus and a liar as well.

MacScan offers Privacy & Security for Mac OS X

MacScan offers protection against malware and privacy threats such as trojan horses, keystroke loggers, dialer applications and spyware. MacScan also detects commercially available software that may allow for remote access to the computer or violate privacy and security.

To learn more about the types of software detected click below.

Below is a list of spyware, keystroke loggers, dialer applications, remote administrative applications, trojan horses and other malware MacScan identifies and protects against.
Recently Added
Code:
AceSpy 1.0
Refog Keylogger 1.4.420
Refog Personal Monitor 1.4.420
SniperSpy 1.0
SniperSpy 1.0a

MacScan Detection List
Instant Access Dialer
Trojan Horse
OSX
SpyMe
Remote Admin Program
OSX
Spector Pro 2010
Keylogger
OSX
KeyBag
Keylogger
OSX
TypeRecorder
Keylogger
Classic
Keyboard Spy
Keylogger
OSX
MAC Defender
Trojan Horse
OSX
Kidlogger
Keylogger
OSX
Keystroke Recorder
Keylogger
Classic
trojan.osx.boonana
Trojan Horse
OSX
Agent Bob
Keylogger
OSX
MacLifeInsurance
Keylogger
Classic
TypeRecorder X
Keylogger
OSX
CarbonKeys
Keylogger
OSX
BlazingTools Perfect Keylogger
Keylogger
OSX
OSXvnc
Remote Admin Program
OSX
Screenshots Remote
Spyware
OSX
TextMeleon
Keylogger
OSX
DevilRobber Trojan Horse
Trojan Horse
OSX
KeystrokeRecorder X
Keylogger
OSX
EZmal
Trojan Horse
OSX
Tsunami Trojan Horse
Trojan Horse
OSX
DNSChanger
Trojan Horse
OSX
SniperSpy
Keylogger
OSX
AceSpy
Keylogger
OSX
Spector
Keylogger
OSX
Amac Keylogger
Keylogger
OSX
Refog Personal Monitor
Keylogger
OSX
Refog Keylogger
Keylogger
OSX
DutyWatch Remote
Keylogger
OSX
Qhosts Trojan Horse
Trojan Horse
OSX
Olyx
Trojan Horse
OSX
Imuler
Trojan Horse
OSX
HellRaiser
Trojan Horse
OSX
TIFF Vulnerability
Exploit
OSX
Aobo Keylogger
Keylogger
OSX
BlackHole RAT
Trojan Horse
OSX
Tored
Trojan Horse
OSX
Invisible Oasis
Keylogger
Classic
Spy
Trojan Horse
OSX
Termite(OS9)
Trojan Horse
Classic
Monitorer
Keylogger
Classic
Spector Pro 2009
Keylogger
OSX
Super Save
Keylogger
Classic
Keybag Pro
Keylogger
OSX
TypeAgent
Keylogger
OSX
Aobo Keylogger Pro
Keylogger
OSX
MonitorerX Pro
Keylogger
OSX
TakeDown Suite
Trojan Horse
Classic
iMunizator
Scareware
OSX
Last Resort
Keylogger
Classic
KeystrokesWatch
Keylogger
OSX
BackTrack
Keylogger
OSX
Keyboard and Mouse Recorder
Keylogger
OSX
Termite(OSX)
Trojan Horse
OSX
Xover
Trojan Horse
OSX
Monitorer X
Keylogger
OSX
TextTrap
Keylogger
Classic
PokerStealer
Trojan Horse
OSX
TypeSaver
Keylogger
Classic
Mac Remote Control
Remote Admin Program
OSX
KeyCaptor
Keylogger
OSX
AppleScript.THT
Trojan Horse
OSX
Lose Lose
Malware
OSX
DutyWatch
Keylogger
OSX
Keylogger
Keylogger
OSX
FlashBack Trojan Horse
Trojan Horse
OSX
UnderHand
Trojan Horse
OSX
Peeping Tom
Keylogger
Classic
eWatch
Trojan Horse
OSX
KeyStroke
Keylogger
Classic
Mac Spyware Definitions

Spyware - Spyware is a generic term for any program that takes your personal information and stores it on your computer or sends it out to the internet for retrieval by a third party. There are a few different types of individual spyware programs, including keyloggers, trojan horses, dialer applications, remote administration programs, as well as tracking cookies. Spyware can exhibit a combination of traits found in trojan horses, keyloggers, and remote administration programs, and these programs are considered hybrid spyware.

Keystroke Loggers - MacScan detects against keystroke loggers, also known as keyloggers, keystroke recorders, key nabbers, key loggers or key capture programs. When a keystroke logger is installed, keystrokes are recorded — capturing data such as usernames, passwords, credit card numbers, social security numbers, personal data and other information typed. The data may be logged to a file for later retrieval or transfered over the Internet.

MacScan detects both commercially available keystroke recorders as well as keyloggers released by hackers. Although many of the commercially available keystroke recorders are marketed to parents as a way to monitor their children on the internet, many of these programs can be used in the same manner to spy on others without consent. Scenarios may include shared use computers (school, office, cyber cafes) and corporate espionage.

Trojan Horses - Trojan Horses are malicious programs that are disguised as innocent files, usually run invisibly on your system, and enable a remote attacker to transfer files to and from your computer, delete your files, and view your sensitive information. The DNSChanger trojan horse, which recently attacked OS X, can intercept the websites you are attempting to visit, and redirect you to malicious websites which will steal your login information.


Code:


----------

betatest, I have zero interest in your ridiculous "facts" and speculation. If you provided any correct information, I'd probably spend a few more minutes correcting the rest, but for now I'm going to continue to simply advise everyone who reads this thread to ignore you. Please put some effort into actually making sure you're posting truth instead of false information and conspiracy theories.

jW
Are this lies from Kaspersky as well???

https://www.securelist.com/en/descriptions?words=osx&behavior=&Search=Search&search_type=1

And from Ikarus Antivirus. Is this a lie as well??? You tell me.
Code:
    Exploit.OSX.Safari.a
    Worm.OSX.Inqtana.a
    Java.OSX.Inqtana
    Worm.OSX.Niqtana.a
    Virus.OSX.Macarena.a
    Trojan.Osx.Exploit.Launchd.B
    Trojan.Osx.Exploit.Launchd.A
    Trojan.OSX.Imunizator
    Virus.OSX.Leap.B
    Trojan.OSX.Loader.A
    Hoax.OSX.Mcsweeper.a
    Virus.OSX.Niqtana.D
    Virus.OSX.Macarena
    Worm.OSX.Inqtana
    Exploit.OSX.Safari
    Exploit.OSX.Launch
    Trojan.OSX.Dropper
    Trojan.OSX.Loader
    Hoax.OSX.Mcsweeper
    JS.OSX.Troj
    Trojan-Downloader.OSX.Jahlav
    Virus.OSX.RSPlug
    Virus.OSX.Weapox
    Backdoor.OSX.Lamzev
    Trojan.OSX.Jahlav
    Trojan.Osx.Exploit.Launchd
    Trojan-PWS.OSX.Corpref
    OSX.Trojan-PWS.Corpref
    MAC.OSX.Trojan.DNSChanger
    IM-Worm.OSX.Leap
    Worm.OSX.Niqtana
    Win32.Worm.Osx.Niqtana
    Trojan.Exploit.Osx.Launch
    Rootkit.OSX.Weapox
    Trojan.Osx.Weapox
    Suspect.OSX.iWorkS
    Backdoor.OSX.iWorm
    MAC.OSX.Trojan.Krowi
    Virus.OSX.Niqtana
    not-a-virus:FraudTool.OSX.iMunizator
    OSX.Worm.Tored
    Worm.OSX.Tored
    Email-Worm.OSX.Tored
    Exploit.OSX.Libtiff
    Exploit.OSX.Smid
    not-a-virus:Monitor.OSX.Keylogger
    Trojan.OSX.Gaslome
    not-a-virus:RiskTool.OSX.Baoba
    Trojan.OSX.HellRTS
    not-a-virus:NetTool.OSX.Mech
    Backdoor.OSX.Reshe
    not-a-virus:RemoteAdmin.OSX.Cowhand
    Trojan.OSX.Spynion
    Backdoor.OSX.Sunam
    Trojan.OSX.Inqtana
    MAC.OSX.Trojan.Boonana
    Trojan.OSX.Launchd
    MAC.OSX.Spyware.OpinionSpy
    Backdoor.OSX.BlackHol
    Hoax.OSX.Defma
    MAC.OSX.Trojan.FakeAlert.A
    MAC.OSX.Trojan.FakeAlert.B
    MAC.OSX.Trojan.FakeAlert.C
    Trojan-Downloader.OSX.FavDonw
    MAC.OSX.Trojan.FakeAlert
    MAC.OSX.Backdoor.BlackHol
    MAC.OSX.Trojan.FakeAlert.D
    MAC.OSX.Trojan.FakeAlert.F
    MAC.OSX.Trojan.FakeAlert.G
    MAC.OSX.Trojan.FakeAlert.E
    MAC.OSX.Trojan.FakeAlert.H
    Backdoor.OSX.Olyx
    MAC.OSX.AdWare.MacSweeper
    Backdoor.OSX.Imuler
    Trojan-Dropper.OSX.Revir
    Trojan-Downloader.OSX.Revir
    Trojan-Downloader.OSX.Flashfake
    Application.Osx.Cosmac
    MAC.OSX.Backdoor.Tsunami
    Trojan.OSX.Agent
    Backdoor.OSX.Miner
    Trojan.OSX.Miner
    MAC.OSX.Trojan.DevilRobber
    Application.Posx
    MAC.OSX.Trojan.FlashBack
    MAC.OSX.Trojan.FakeAlert.I
    MAC.OSX.Backdoor.Olyx
    OSX.Niqtana
    Hoax.OSX.MacKeeper
    MAC.OSX.Trojan.FakeAlert.J
    MAC.OSX.Trojan.Imuler
    MAC.OSX.Trojan.Lamadai
    Backdoor.OSX.MaControl
    not-a-virus:Monitor.OSX.LogKext
    not-a-virus:Monitor.OSX.SniPo
    OSX.Weapox
    OSX.Safari
    Backdoor.OSX.SabPub
    Backdoor.OSX.Flashback
    not-a-virus:Monitor.OSX.BackTrack
    Backdoor.OSX.Lasyr


----------

betatest, I have zero interest in your ridiculous "facts" and speculation. If you provided any correct information, I'd probably spend a few more minutes correcting the rest, but for now I'm going to continue to simply advise everyone who reads this thread to ignore you. Please put some effort into actually making sure you're posting truth instead of false information and conspiracy theories.

jW
I don't know again. Is this one of the typical American lying to it's citizen?

http://www.intego.com/mac-security-blog/

Oh yeah another conspiracy theories right.

https://home.mcafee.com/VirusInfo/ThreatSearch.aspx?term=osx

So don't confuse me with facts and fiction.

If you got windows virus on your mac, I know it will not get infected.

But Java???

I know that one of my friend is a Java programmer. He did told me that Java runs all platform. If you install JAVA in your OS.

You can run Java programs in Linux, Windows, Solaris & Mac OS X!

So are you telling me that Java program with malicious intend cannot get infected by MAC OS X?

Well are you telling me again that Mac OS X is a superior beings in this world?

I do not know what are you trying to imply here.

Well those guys who are working in a Security Firm is a perpetual liar. is this what you trying to say to me.

How the heck they got the job???
 
Last edited by a moderator:

GGJstudios

macrumors Westmere
May 16, 2008
44,427
762
I was wondering if in the clamav search database, clamav detected for OSX viruses.
Not a single item in your ridiculously long post is a Mac OS X virus, since none have ever existed in the wild. Users who follow the safe computing practices I posted earlier are completely protected against all Mac OS X malware that has ever existed in the wild. In other words, by prudent action, users can avoid ALL Mac OS X malware that has ever existed, without the need for any antivirus app. On the contrary, many users who didn't practice safe computing but did have antivirus installed were infected by malware that the AV apps didn't detect.

The rest of your post makes no sense at all. The link I posted from infowars was just one of many sources reporting the same facts about those school computers. Google it yourself and learn the truth.

Over the past few years I've seen plenty of newcomers join the forum to post nonsense like you have, trying to stir up fear and worry among users, then they disappear again, having accomplished nothing but demonstrating how uninformed they are. It would be extremely wise of you to quit while you're ahead, but, of course, I'm not expecting you to exercise that much wisdom.
 
  • Like
Reactions: keysofanxiety

betatest

macrumors member
May 17, 2012
46
0
I recommend strongly that you do the opposite of what betatest said. Do your software updates if you haven't, but you can also simply delete those files, they are Windows viruses and cannot affect your Mac. If you have a Bootcamp partition, then of course run antivirus on it, but stay far away from the links that betatest provided.

jW
I dead confuse now. So you are telling me that even US Homeland Security (us-cert.gov) that teach how to secure you computer is also a perpetual liar!

----------

Not a single item in your ridiculously long post is a Mac OS X virus, since none have ever existed in the wild. Users who follow the safe computing practices I posted earlier are completely protected against all Mac OS X malware that has ever existed in the wild. In other words, by prudent action, users can avoid ALL Mac OS X malware that has ever existed, without the need for any antivirus app. On the contrary, many users who didn't practice safe computing but did have antivirus installed were infected by malware that the AV apps didn't detect.

The rest of your post makes no sense at all. The link I posted from infowars was just one of many sources reporting the same facts about those school computers. Google it yourself and learn the truth.

Over the past few years I've seen plenty of newcomers join the forum to post nonsense like you have, trying to stir up fear and worry among users, then they disappear again, having accomplished nothing but demonstrating how uninformed they are. It would be extremely wise of you to quit while you're ahead, but, of course, I'm not expecting you to exercise that much wisdom.
I know that since long ago. But many Mac users install wares!

----------

Not a single item in your ridiculously long post is a Mac OS X virus, since none have ever existed in the wild. Users who follow the safe computing practices I posted earlier are completely protected against all Mac OS X malware that has ever existed in the wild. In other words, by prudent action, users can avoid ALL Mac OS X malware that has ever existed, without the need for any antivirus app. On the contrary, many users who didn't practice safe computing but did have antivirus installed were infected by malware that the AV apps didn't detect.

The rest of your post makes no sense at all. The link I posted from infowars was just one of many sources reporting the same facts about those school computers. Google it yourself and learn the truth.

Over the past few years I've seen plenty of newcomers join the forum to post nonsense like you have, trying to stir up fear and worry among users, then they disappear again, having accomplished nothing but demonstrating how uninformed they are. It would be extremely wise of you to quit while you're ahead, but, of course, I'm not expecting you to exercise that much wisdom.
Aren't those Mac OS X known virus which detected by antivirus companies???

Interesting I follow your steps in your guide.
 

GGJstudios

macrumors Westmere
May 16, 2008
44,427
762
I know that since long ago. But many Mac users install wares!
Antivirus software doesn't protect against all foolish user actions. Rather than post long lists of malware (most of which are either repetitive variations of the dozen or so existing trojans or they are keyloggers, which cannot be installed without user permission), simply practice safe computing and stop hyping the suggestion that antivirus is required or completely effective in protecting against malware.
Aren't those Mac OS X known virus which detected by antivirus companies???
No. Not a single one is a Mac OS X virus. There has never been one released in the wild. Go back and read my first post in this thread, as well as the Mac Virus/Malware FAQ, so you'll understand the difference between various forms of malware.
 
  • Like
Reactions: keysofanxiety

betatest

macrumors member
May 17, 2012
46
0
Antivirus software doesn't protect against all foolish user actions. Rather than post long lists of malware (most of which are either repetitive variations of the dozen or so existing trojans or they are keyloggers, which cannot be installed without user permission), simply practice safe computing and stop hyping the suggestion that antivirus is required or completely effective in protecting against malware.

No. Not a single one is a Mac OS X virus. There has never been one released in the wild. Go back and read my first post in this thread, as well as the Mac Virus/Malware FAQ, so you'll understand the difference between various forms of malware.
Fine! I follow your word for it! I'll switch to BSD!

----------

Antivirus software doesn't protect against all foolish user actions. Rather than post long lists of malware (most of which are either repetitive variations of the dozen or so existing trojans or they are keyloggers, which cannot be installed without user permission), simply practice safe computing and stop hyping the suggestion that antivirus is required or completely effective in protecting against malware.

No. Not a single one is a Mac OS X virus. There has never been one released in the wild. Go back and read my first post in this thread, as well as the Mac Virus/Malware FAQ, so you'll understand the difference between various forms of malware.
That encourge someone at home to Remote Control my Mac and install SSH, Kerberos. Even I turn 40s, he turn on Parental Control in my root account!
Copy everything in root, and changes everything when I'm not around.

How am I supposed to protect from this happening from him!

Can you teach me, any good free software to lock this guys out! From physical access to my Mac?
 

GGJstudios

macrumors Westmere
May 16, 2008
44,427
762
That encourge someone at home to Remote Control my Mac and install SSH, Kerberos. Even I turn 40s, he turn on Parental Control in my root account!
Copy everything in root, and changes everything when I'm not around.

How am I supposed to protect from this happening from him!

Can you teach me, any good free software to lock this guys out!
Use passwords on your computer, or take it with you when you leave, if it's a portable. Or buy a safe and lock it in the safe. There is no completely effective protection if someone knowledgeable has physical access to your computer. Personally, I wouldn't live with anyone I couldn't trust.
 

Mal

macrumors 603
Jan 6, 2002
6,251
17
Orlando
betatest, I've ignored you before, but your posts are ridiculous and I sincerely feel a need to combat your misinformation. You also need to post in clear English, instead of ridiculously long one-liners that don't even make grammatical sense, much less actually logical sense. Instead of posting links to lists of meaningless names from antivirus companies trying to sell their software, please try to read and understand the information that GGJstudios has posted all over the board. You also keep bringing up the story of someone who has supposedly remotely accessed your computer, despite the clear evidence provided in that thread that you are completely misunderstanding what is going on. I don't begrudge you a lack of knowledge, because there are certainly things I know very little if anything about, but please spend more time listening and trying to understand instead of posting misinformation because you don't understand the basics. We'll gladly try to help you understand, but you have to do your part to learn.

jW
 
  • Like
Reactions: keysofanxiety

betatest

macrumors member
May 17, 2012
46
0

MonkeySee....

macrumors 68040
Sep 24, 2010
3,858
435
UK
And why you deleted the video. It's baseless is it?

You give me proof.

https://www.youtube.com/watch?v=sJqZ2S4Z6ZQ

You ask the mate who stays in UK. And he did use many Macs and PCs.

https://www.youtube.com/watch?v=Mn5yBU_vuCQ
https://www.youtube.com/watch?v=J4s_RhsV0XU

The guy in this video is a red,white and blue American way. And I trust him more!
He talks facts! Asked him in Youtube. He has a Mac. But he use Linux!

Do not delete this videos.
That guy looks a bit......slow.
 

betatest

macrumors member
May 17, 2012
46
0

MonkeySee....

macrumors 68040
Sep 24, 2010
3,858
435
UK
Yeah a self denial.

This is a school that teaches about computer security.

If you think this is baseless and a hype ignore it. Otherwise, download see the file and read.

If you are not blind. See! If you are blind. Use a braille.

https://www.sans.org/reading_room/whitepapers/forensics/mac-os-malware-analysis_33178

----------



See if Kevin Mitnick can hack your Mac in 2 Minutes! Or better still asked Gary Mckinnon. LOL!
Why would I want someone to hack my Mac?
 

betatest

macrumors member
May 17, 2012
46
0
Why would I want someone to hack my Mac?
Just a figure of speech.

Well I have found a link to be useful as compared to the one in the guide.macrumors.com pertaining to malware.

This person knows better. And I trusted him more. And none that he wrote is a hype!

https://discussions.apple.com/docs/DOC-3291

The guy who posted in the Apple Support forum talks facts.

See ... what he says here... under the section

Hardening your Mac and yourself to prevent future attacks.

And he says, and I quote:-

"la la de da, I have a Mac and nothing can hurt me, because Mac's never get viruses"

Don't think like that any longer, Mac's have been attacked, not as frequently or as easily as Windows, and not by viruses mainly, but through other means like trojans and driveby attacks on browsers and plug-ins.

Nothing gives hackers more pleasure (and a challenge) than to beat cocky Mac users behind and root their machines en massé like what has occurred with the Flashflake botnet and other Mac based botnets in the past.

-
 

GGJstudios

macrumors Westmere
May 16, 2008
44,427
762
This person knows better. And I trusted him more. And none that he wrote is a hype!
How do you know he knows better? And how do you know that none of what he wrote is hype? And what "hype" did you find in the Mac Virus/Malware FAQ?
"Don't think like that any longer, Mac's have been attacked, not as frequently or as easily as Windows, and not by viruses mainly
For Mac OS X, not by viruses ever. And no one has suggested that you not take steps to protect your Mac. Read the safe computing suggestions I posted earlier, that also appear in the FAQ. Practicing those will completely protect you from any Mac OS X malware that has ever existed in the wild. Installing an antivirus app will not add any protection that safe computing doesn't provide.
Nothing gives hackers more pleasure (and a challenge) than to beat cocky Mac users behind and root their machines en massé like what has occurred with the Flashflake botnet and other Mac based botnets in the past.
Any Mac user that practiced those safe computing tips was completely unaffected by the Flashback trojan.
 
  • Like
Reactions: keysofanxiety

S-mac-k

macrumors member
Mar 30, 2011
72
0
Me being a bit special

Basically, been reading this thread. I have sent a load of emails recently to companies requesting quotes for this & that. I then get an email from this company saying I've subscribed to a mailing list. Click this link to unsubscribe. Me being soft & it being late, I tried to press the button to unsubscribe thinking I've accidentally subscribed to something? The reason being, on some of the sites there were buttons to uncheck otherwise I'd automatically subscribe to their crap which I obviously don't want.

To cut a long story, I click link, blank page comes up & nothing happens? Nothing loads? I'm upstairs in the top of my house thinking its a poor connection? Nope. I thought ****. I've seen this before. This happened to me when I had a pc. I tried to open on my iphone. Same scenario.

What is going on? Do I now have an infected mac? Is this a trojan/malware programme for a pc? How do I check to see whether I've got a virus, trojan or any malicious software on my mac? No virus exist in wild etc, but what about keyloggers etc?

I followed most the steps in the guide provided earlier in the thread but I still can't help but feel I'm now infected & I want to find out if I am or not. If so, I want to throw petrol on whoever developed the programme & throw them a light.

Please help
 

betatest

macrumors member
May 17, 2012
46
0
Basically, been reading this thread. I have sent a load of emails recently to companies requesting quotes for this & that. I then get an email from this company saying I've subscribed to a mailing list. Click this link to unsubscribe. Me being soft & it being late, I tried to press the button to unsubscribe thinking I've accidentally subscribed to something? The reason being, on some of the sites there were buttons to uncheck otherwise I'd automatically subscribe to their crap which I obviously don't want.

To cut a long story, I click link, blank page comes up & nothing happens? Nothing loads? I'm upstairs in the top of my house thinking its a poor connection? Nope. I thought ****. I've seen this before. This happened to me when I had a pc. I tried to open on my iphone. Same scenario.

What is going on? Do I now have an infected mac? Is this a trojan/malware programme for a pc? How do I check to see whether I've got a virus, trojan or any malicious software on my mac? No virus exist in wild etc, but what about keyloggers etc?

I followed most the steps in the guide provided earlier in the thread but I still can't help but feel I'm now infected & I want to find out if I am or not. If so, I want to throw petrol on whoever developed the programme & throw them a light.

Please help
You should have not click that link from your email. Next time if you have any of those email. Trash them. Do not open it.

You need to isolate one at a time.

By the way, did you check your Wifi Router settings are okay???

First off, check your Windows PC is infected by this virus.

If you have a reputable antivirus program and it is of the current version make sure you have it updated.

Do a full scan.

If you have an outdated and not having a current version of antivirus for your Windows PC, uninstall that and use a free version. Like Avira or Microsoft Security Essentials.

http://windows.microsoft.com/en-US/windows/products/security-essentials
https://www.avira.com/en/downloads#home

Download Malwarebytes to check if your system is infected by any malware.
http://www.malwarebytes.org/

Do a full scan with Malwarebytes.

Or try Hitman pro.
http://www.surfright.nl/en

Also check whether your Windows hosts files are changed.

http://support.microsoft.com/kb/972034

Check to see if any of DNS settings are being changed under your network settings of your Windows PC.

Look at your Windows task manager. See if you suspect any file.
http://support.microsoft.com/kb/323527

Do a msconfig.
http://support.microsoft.com/kb/310560

You can check for any potential rootkit in your Windows PC.
By downloading.
http://support.kaspersky.com/faq/?qid=208283363

On a mac, check your DNS settings under your network configuration.
see if it is being changed. Check your network settings if anything have been changed.

check to see if you are infect by DNS Changer malware via this link.

https://www.us-cert.gov/current/archive/2012/04/24/archive.html#dnschanger_malware
http://www.dcwg.org/detect/
http://www.dns-ok.us/

check the fix for this malware
http://www.dcwg.org/fix/
 
Last edited:
Status
Not open for further replies.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.