New Mac Owner think I have a Virus not sure how to get rid

Discussion in 'Community Discussion' started by bbacarat, Jan 23, 2010.

  1. bbacarat macrumors newbie

    Apr 17, 2009
    Hi People,

    I've no idea how to navigate around the operating system to fix stuff on a mac as I've been brought up on pc's.

    My GF was searching Google Images for pictures of steven baldwins wife!?
    She found an image and clicked on it that took her to a website.

    Anyhow when she clicked on the image to enlarge it, it came up with an anti spyware install panel. The mac was then passed over to myself.
    So I canceled out of everything and rebooted.

    It seemed fine but I was still worried that I might have a virus.
    So I went on and installed "Clam XAV" virus checker.

    After running for almost 2hrs it came back stating that it had found the following file:

    It states that it has not removed it and that I should either delete it myself or run the software again with a setting to delete checked. I don't really want to wait another 2hrs. However I've no idea how to find the file in the system?

    I've attempted to search using finder but it doesn't bring anything back.

    Can anyone tell me how best to protect my mac from any more viruses. I thought virus for the mac were super rare. Can't believe I've got one in under 6 months of owning it.:confused:
  2. spinnerlys Guest


    Sep 7, 2008
    forlod bygningen
    There are NO (repeat: NO, NADA, ZERO) viruses written for Mac OS X.

    This file you found is only effective on Windows.

    I don't know how you can remove that file via Finder, but running Clam for another two hours will not do your system any harm.

    The window your girlfriend saw, was only a web pop up designed to look like WINDOWS (the OS from Microsoft).

    So please don't worry, that virus Clam XAV found is not harming your system, it could stay there for the next decade and you would still be fine.

    For Mac OS X only malware like trojans or spyware exist, but they have to be installed manually and you have to enter your password to allow those malware applications to access system files.

    Clam XAV only looks for Windows viruses by the way.
  3. Hmac macrumors 68020

    May 30, 2007
    Midwest USA
    Technically, it's malware rather than a virus, and it doesn't work with Macs. Delete it if you want to, but the only harm it does is to get you upset and make you think you should buy an anti-virus program. My wife's MBP had the same experience as you describe. She just ignored it. That was months ago.

    I don't worry about viruses or malware. I haven't run any kind of anti-virus software on my Macs in more than a decade.
  4. abijnk macrumors 68040


    Oct 15, 2007
    Los Angeles, CA
    I've owned 7 or 8 macs over the past 5 years and have never bothered with anti-virus software. It's simply not needed. Welcome to Mac.
  5. bbacarat thread starter macrumors newbie

    Apr 17, 2009
    Thank you all

    Cheers people that's put my mind at rest.
    I best apologise to the missus now for giving her "that look"! lol:)
  6. Gregg2 macrumors 603

    May 22, 2008
    Milwaukee, WI
    But, he can't find it:

    You did the right thing.

    Now, did you use Spotlight to search for the file? You could check your Spotlight preferences pane in System Preferences to see if you have Spotlight set to show everything. Make a note of what is checked so you can restore it if you want to later.
  7. Rodus macrumors 6502a


    Oct 25, 2008
    Midlands, UK
    In Clam Xav you can set it up to move any virus files to a dedicated quarantine folder, then go into that and trash the offending file.
  8. Buzz Bumble Guest

    Oct 19, 2008
    New Zealand
    As others have said, there are NO viruses / malware for the Mac. (You can of course still get caught out by fake websites pretending to be your bank asking for your details.)

    Since it was "downloaded" while browsing, the file may well just be in the browser's cache. Simply clearing the cache may get rid of the file.
  9. sjinsjca macrumors 68020


    Oct 30, 2008
    Be glad this all happened on a Mac. The file that that website downloaded would infect a Windows PC; as it is, it's just sitting on your machine somewhere, inert and harmless.

    To get rid of it:

    1) As some folks have noted, clear your browser's cache first. That might take care of it. If your browser is Safari, you'll find a "Reset Safari" option in the Safari menu.

    2) Now look for the file on your disk. Up in the upper right corner of your screen, there's a little magnifying-glass icon. This is your Spotlight search gizmo. Click it. Type or paste in "HTML.Phishing.Pay5" (without the quotes)-- it's not even necessary to hit Return. Spotlight will search your disk for the file. If it finds it (meaning it was somewhere other than the browser cache), click the Show All... option at the top of the Spotlight results list. This will open a Finder window showing the list of hits-- presumably only this one file in one location. Right-click on the file and select "Move to Trash". Done!

    Exercise caution when cruising the Web, even on a Mac-- especially when you find nifty software utilities that sound too good to be true, like "free" versions of commercial software on warez sites. There have been occasions when Mac users got tricked into downloading and authorizing the installation of infected software. But that's the lengths the bad-guys need to go to-- in the PC world, they can just hide stuff on websites and Windows will get infected without anyone authorizing anything. On the Mac, no infection is possible unless you willingly open the door.
  10. sjinsjca macrumors 68020


    Oct 30, 2008
    One more thing. Clam only performs a scan when you tell it to. It does not scan incoming emails, at least on many popular email clients. Again, you don't need to worry about infected emails hosing your Mac as you would on Windows.

Share This Page