Virus/Malware

Discussion in 'Mac Basics and Help' started by JMacDavis, Jul 9, 2010.

  1. JMacDavis macrumors newbie

    Joined:
    Jul 9, 2010
    #1
    I have a MacBook Pro that recently started making a zipping/whooshing sound (much like when I send off mail) shortly after my desktop is up and running. It was not happening previously. It sounds and acts very much like a virus/malware that I had on my PC laptop once. The closest change that I can trace it back to was when I plugged in my external hard drive to search for some files. This external drive has previously been plugged into other computers (all Windows driven) that may or may not have been infected at one time. I downloaded the ClamXav and ran it a couple of times. It picked up a couple of phishing emails that I promptly deleted, but the sound continues. I'm new to Mac so I'm not too familiar with the system structure and don't really know what's suspicious in the Activity Monitor.

    Has anyone ever experienced this? And if it's not normal (which I obviously suspect it isn't) what should I do to fix it?

    Thank you for your help.
     
  2. Schtumple macrumors 601

    Schtumple

    Joined:
    Jun 13, 2007
    Location:
    benkadams.com
    #2
    First things first, it won't be a virus, and it'll only be malware if you've installed anything. Have you installed any fishy apps recently?

    There was another thread almost identical to this a while back, turned out it was some app causing the mac to read out the clock, might be related, I'll try and hunt it down later.
     
  3. spinnerlys Guest

    spinnerlys

    Joined:
    Sep 7, 2008
    Location:
    forlod bygningen
    #3
    Have a look at Activity Monitor (Applications > Utilities) and select All Processes and sort by NAME to see what the culprit may be.

    image below uses sorting by CPU as an example
    [​IMG]


    Post the results here via clicking into the process window, pressing CMD+A > CMD+C and pasting the copied contents in your next post via CMD+V.

    Please also read the following, to not confuse your Mac's behaviour with non-existing viruses and a couple of malware titles.

    A more descriptive and precise thread title will help cater to the right audience and get you more responses. (see rule #3 under Minor Problems)

    To edit your thread title, just click on the [​IMG] button on the bottom right of your original post and then click the "Go Advanced" button below your message.

    Have you also taken a look at MRoogle, since that question may have been asked several times? [/COLOR]


     
  4. JMacDavis thread starter macrumors newbie

    Joined:
    Jul 9, 2010
    #4
    Recent App downloads

    Skype
    iSkysoft DVD Ripper (trying to get a clip from a DVD I created)
    Microsoft Silverlight (Netflix)
    Movie Converter for Mac Trial 2.2.8
    ClamXav 2.0.6

    That's really all I think I've added since I started hearing the sound.

    Thanks for you help on the matter.
     
  5. JMacDavis thread starter macrumors newbie

    Joined:
    Jul 9, 2010
    #5
    Activity Monitor

    167 Activity Monitor admin 2.9 3 19.6 MB Intel (64 bit)
    170 activitymonitord root 0.9 1 1.2 MB Intel (64 bit)
    126 AirPort Base Station Agent admin 0.0 4 5.5 MB Intel (64 bit)
    308 AppleSpell.service admin 0.0 2 7.8 MB Intel (64 bit)
    53 autofsd root 0.0 2 876 KB Intel (64 bit)
    17 blued root 0.0 3 4.0 MB Intel (64 bit)
    588 clamd admin 0.0 2 138.3 MB Intel
    177 ClamXav Sentry admin 0.2 7 4.6 MB Intel
    15 configd root 0.0 6 2.7 MB Intel (64 bit)
    93 coreaudiod _coreaudiod 0.0 3 4.0 MB Intel (64 bit)
    27 coreservicesd root 0.0 4 25.0 MB Intel (64 bit)
    30 cupsd root 0.0 3 2.6 MB Intel (64 bit)
    83 cvmsServ root 0.0 1 792 KB Intel (64 bit)
    11 DirectoryService root 0.1 6 9.2 MB Intel (64 bit)
    13 diskarbitrationd root 0.0 2 1.4 MB Intel (64 bit)
    16 distnoted daemon 0.0 2 1.2 MB Intel (64 bit)
    100 Dock admin 0.0 3 23.3 MB Intel (64 bit)
    316 DVD Player admin 0.0 8 32.4 MB Intel
    47 dynamic_pager root 0.0 1 680 KB Intel (64 bit)
    102 Finder admin 0.1 4 42.5 MB Intel (64 bit)
    687 Flash Player (Safari Internet plug-in) admin 0.1 5 8.5 MB Intel
    111 fontd admin 0.0 2 4.8 MB Intel (64 bit)
    45 fseventsd root 0.0 12 2.9 MB Intel (64 bit)
    609 gfslogger root 0.0 1 340 KB Intel
    44 hidd root 0.0 2 848 KB Intel (64 bit)
    58 integod root 0.0 2 1.5 MB Intel (64 bit)
    133 IntegoStatusItemHelper admin 0.0 2 5.7 MB Intel (64 bit)
    134 iTunesHelper admin 0.0 3 2.6 MB Intel (64 bit)
    0 kernel_task root 9.4 61 154.7 MB Intel
    42 KernelEventAgent root 0.0 3 888 KB Intel (64 bit)
    10 kextd root 0.0 2 2.4 MB Intel (64 bit)
    32 krb5kdc root 0.0 2 1.6 MB Intel (64 bit)
    96 launchd admin 0.0 2 872 KB Intel (64 bit)
    1 launchd root 0.0 3 944 KB Intel (64 bit)
    129 Little Snitch Network Monitor admin 0.0 4 4.4 MB Intel
    128 Little Snitch UIAgent admin 0.0 3 3.7 MB Intel
    41 loginwindow admin 0.0 2 8.3 MB Intel (64 bit)
    60 lsd root 0.0 2 3.1 MB Intel
    568 Mail admin 0.0 6 51.8 MB Intel (64 bit)
    18 mDNSResponder _mdnsresponder 0.0 3 1.9 MB Intel (64 bit)
    40 mds root 0.0 3 49.8 MB Intel (64 bit)
    669 mdworker admin 0.0 3 15.4 MB Intel (64 bit)
    662 mdworker _spotlight 0.0 3 11.4 MB Intel (64 bit)
    74 NetBarrier Daemon X5 root 0.1 4 2.5 MB Intel
    31 nmbd root 0.0 1 1.1 MB Intel (64 bit)
    12 notifyd root 0.0 2 496 KB Intel (64 bit)
    29 ntpd root 0.0 1 984 KB Intel (64 bit)
    115 pboard admin 0.0 1 736 KB Intel (64 bit)
    59 qmasterd root 0.0 2 5.8 MB Intel
    267 Safari admin 7.0 9 217.2 MB Intel (64 bit)
    24 securityd root 0.0 2 2.9 MB Intel (64 bit)
    57 sh root 0.0 1 512 KB Intel (64 bit)
    136 Skype admin 0.1 17 77.0 MB Intel
    154 smbd root 0.0 1 240 KB Intel (64 bit)
    147 smbd root 0.0 1 1.6 MB Intel (64 bit)
    135 smcFanControl admin 0.0 2 4.8 MB Intel
    14 syslogd root 0.0 4 628 KB Intel (64 bit)
    35 SystemStarter root 0.0 2 868 KB Intel (64 bit)
    101 SystemUIServer admin 0.0 3 12.1 MB Intel (64 bit)
    56 TaskManagerDaemon root 0.0 2 1.7 MB Intel (64 bit)
    34 usbmuxd _usbmuxd 0.0 3 1.1 MB Intel
    120 UserEventAgent admin 0.0 3 5.2 MB Intel (64 bit)
    271 WebKitPluginAgent admin 0.0 2 900 KB Intel (64 bit)
    75 WindowServer _windowserver 0.6 5 65.3 MB Intel (64 bit)
     
  6. JMacDavis thread starter macrumors newbie

    Joined:
    Jul 9, 2010
    #6
    Recent App downloads

    Recent app downloads:

    ClamXav_2.0.6.dmg
    isky-dvd-ripper-intel-1.dmg (to edit a clip on a DVD I made)
    isky-dvd-ripper-intel.dmg
    isky-dvd-ripper-powerpc.dmg
    MovieConverterForMacTrial2.2.8(regnow-188295).dmg
    Silverlight.pkg
    Skype_2.8.0.851.dmg
    Skype_2.8.0.851.dmg.download
     
  7. spinnerlys Guest

    spinnerlys

    Joined:
    Sep 7, 2008
    Location:
    forlod bygningen
    #7
    I don't see any culprits right now, but why do you have Intego, ClamXAV and NetBarrier (even though it is nor integrated with Intego) running at the same time? One AV software is enough, probably none is needed. I don't run it and I have visited so-called shady sites often.

    Have you also taken a look at System Preferences > Accounts > your account > Login Items?

    No need to download one application three times, and as you have an INTEL Mac, you don't need the PPC version of it.

    Btw, here is a link that might interest you, as you don't need to pay money for that software, as there is better out there:
    How to backup/copy/rip video DVDs to your HDD and transcode them to another format.

    dvd import to imovie


    Btw, you can edit your posts via the [​IMG] button as sequential posts are "against" the rules.

    Minor Problems

    6. Sequential posts.
    Combine your comments into one post rather than making many consecutive posts to a thread within a short period of time.
     
  8. JMacDavis thread starter macrumors newbie

    Joined:
    Jul 9, 2010
    #8
    Activity Monitor - sorted by NAME (sorry about that)

    167 Activity Monitor admin 6.2 2 25.9 MB Intel (64 bit)
    170 activitymonitord root 0.9 1 1.2 MB Intel (64 bit)
    126 AirPort Base Station Agent admin 0.0 4 5.5 MB Intel (64 bit)
    308 AppleSpell.service admin 0.0 2 7.9 MB Intel (64 bit)
    53 autofsd root 0.0 2 876 KB Intel (64 bit)
    17 blued root 0.0 3 4.0 MB Intel (64 bit)
    588 clamd admin 0.0 2 138.3 MB Intel
    177 ClamXav Sentry admin 0.2 8 4.6 MB Intel
    15 configd root 0.0 7 2.7 MB Intel (64 bit)
    93 coreaudiod _coreaudiod 0.0 3 4.0 MB Intel (64 bit)
    27 coreservicesd root 0.0 4 25.0 MB Intel (64 bit)
    30 cupsd root 0.0 3 2.6 MB Intel (64 bit)
    83 cvmsServ root 0.0 1 792 KB Intel (64 bit)
    11 DirectoryService root 0.1 6 9.2 MB Intel (64 bit)
    13 diskarbitrationd root 0.0 3 1.4 MB Intel (64 bit)
    16 distnoted daemon 0.0 3 1.2 MB Intel (64 bit)
    100 Dock admin 0.0 3 23.4 MB Intel (64 bit)
    316 DVD Player admin 0.0 8 32.4 MB Intel
    47 dynamic_pager root 0.0 1 680 KB Intel (64 bit)
    102 Finder admin 0.0 8 43.1 MB Intel (64 bit)
    687 Flash Player (Safari Internet plug-in) admin 0.1 5 19.9 MB Intel
    111 fontd admin 0.0 2 4.8 MB Intel (64 bit)
    45 fseventsd root 0.0 12 2.9 MB Intel (64 bit)
    609 gfslogger root 0.0 1 340 KB Intel
    44 hidd root 0.0 2 848 KB Intel (64 bit)
    58 integod root 0.0 2 1.5 MB Intel (64 bit)
    133 IntegoStatusItemHelper admin 0.0 2 5.7 MB Intel (64 bit)
    134 iTunesHelper admin 0.0 3 2.6 MB Intel (64 bit)
    0 kernel_task root 8.9 61 156.5 MB Intel
    42 KernelEventAgent root 0.0 3 888 KB Intel (64 bit)
    10 kextd root 0.0 3 2.4 MB Intel (64 bit)
    32 krb5kdc root 0.1 2 1.6 MB Intel (64 bit)
    96 launchd admin 0.0 2 872 KB Intel (64 bit)
    1 launchd root 0.0 3 944 KB Intel (64 bit)
    129 Little Snitch Network Monitor admin 0.6 4 4.4 MB Intel
    128 Little Snitch UIAgent admin 0.0 3 3.7 MB Intel
    41 loginwindow admin 0.0 2 8.3 MB Intel (64 bit)
    60 lsd root 0.0 2 3.2 MB Intel
    568 Mail admin 0.0 6 51.6 MB Intel (64 bit)
    18 mDNSResponder _mdnsresponder 0.0 3 1.9 MB Intel (64 bit)
    40 mds root 0.1 5 50.1 MB Intel (64 bit)
    669 mdworker admin 0.0 3 15.5 MB Intel (64 bit)
    662 mdworker _spotlight 0.0 4 13.8 MB Intel (64 bit)
    74 NetBarrier Daemon X5 root 0.0 4 2.5 MB Intel
    31 nmbd root 0.0 1 1.1 MB Intel (64 bit)
    12 notifyd root 0.0 2 496 KB Intel (64 bit)
    29 ntpd root 0.0 1 984 KB Intel (64 bit)
    115 pboard admin 0.0 1 736 KB Intel (64 bit)
    59 qmasterd root 0.0 2 5.8 MB Intel
    267 Safari admin 7.7 9 226.9 MB Intel (64 bit)
    24 securityd root 0.0 2 2.9 MB Intel (64 bit)
    57 sh root 0.0 1 512 KB Intel (64 bit)
    136 Skype admin 0.2 17 77.0 MB Intel
    154 smbd root 0.0 1 240 KB Intel (64 bit)
    147 smbd root 0.0 1 1.6 MB Intel (64 bit)
    135 smcFanControl admin 0.0 2 4.8 MB Intel
    14 syslogd root 0.0 4 628 KB Intel (64 bit)
    35 SystemStarter root 0.0 2 868 KB Intel (64 bit)
    101 SystemUIServer admin 0.0 3 12.1 MB Intel (64 bit)
    56 TaskManagerDaemon root 0.0 2 1.7 MB Intel (64 bit)
    34 usbmuxd _usbmuxd 0.0 3 1.1 MB Intel
    120 UserEventAgent admin 0.0 3 5.2 MB Intel (64 bit)
    271 WebKitPluginAgent admin 0.0 2 900 KB Intel (64 bit)
    75 WindowServer _windowserver 2.0 5 63.5 MB Intel (64 bit)
     
  9. spinnerlys Guest

    spinnerlys

    Joined:
    Sep 7, 2008
    Location:
    forlod bygningen
  10. JMacDavis thread starter macrumors newbie

    Joined:
    Jul 9, 2010
    #10
    Account Login Items

    I'm pretty new to Mac and still learning what everything is about. I can only tell you that what starts when I turn on the computer is what's running when I'm on the computer (except ClamXav, which I recently installed). I don't really visit any shady sites (obvious ones, anyway). I do visit Facebook often.

    These are the results of My Account Login Items:
    iTunesHelper
    smcFanControl
    Skupe
    ClamXavSentry
    IntegoStatusItemHelper

    Forgive my ignorance at this time. I'm still learning on the slow end of the curve right now. ;)
     
  11. spinnerlys Guest

    spinnerlys

    Joined:
    Sep 7, 2008
    Location:
    forlod bygningen
    #11
    Maybe it is Skype, that makes that sound? Look into its preferences for the Sound tab and set or listen to the startup sound that is offered there.

    If it is not that, look at ClamXAV and Intego preferences, if they have any sounds.

    Btw, there is no need to run AV software on a Mac, especially TWO, as it might slow down your Mac.

    And your thread title does not really mirror your problem. It is misleading and might attract the wrong crowd, like me for example.


    Also have a look at the following links, as the information presented there might be helpful in your future endeavours into Mac OS X and could clear up initial confusion and may even prevent harm to your system or your files.

    Mac OS X Basics
    Switch 101 - guide with articles made by Apple on how to accustom yourself, after you switched to Mac OS X from Windows​

    Mac 101 - How to get started with Mac OS X​

    Find out how - tutorial videos made by Apple on how to do certain thing in Mac OS X​

    Pro tips - tips made available by Apple for easier ways of doing certain tasks​

    Mac OS X Keyboard Shortcuts - Learn about common Mac OS X keyboard shortcuts.​

    Mac OS X Beginner's Guide by MacRumors - learn about software, media players, shortcuts and some useful tips, tricks and hints​

    Mac Guides - tutorials, product guides and more​



    MRoogle - a very effective tool to search these fora using Google and made available by edesignuk, introductory threads: 1, 2 and 3

     
  12. JMacDavis thread starter macrumors newbie

    Joined:
    Jul 9, 2010
    #12
    Not a virus?

    Sorry...just don't know what to post as a thread title.

    Anyway, I believe you are correct in assuming that it is a startup sound for Skype. I quit and restarted the application several times and each time I heard the sound on startup.

    I removed the ClamXav from my accounts login so now only the IntegoStatusItem Helper is running at startup.

    I appreciate your help, links and patience.
     
  13. John Doe 57 macrumors 65816

    John Doe 57

    Joined:
    Jan 26, 2008
    Location:
    Los Angeles, CA
    #13
    Its optional. You don't have to unless you are creating a completely new thread. Just leave it blank in the future.
     
  14. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #14
    Maybe something like "Strange sound during startup"

    If you don't want to hear the sound:
    1. Go to Skype > Preferences > Notifications > Event: When I Sign In
    2. Uncheck the "Play sound" box.
     
  15. Nitrus macrumors member

    Joined:
    Nov 20, 2009
    #15
    Meh.

    Install ESET's NOD32 and be done with it!

    beta.eset.com.
     
  16. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #16
    That won't help, since the OP's problem isn't malware of any kind, and there are no viruses in the wild that run on current Mac OS X. You would know this if you took the time to actually read the thread! :rolleyes:
     
  17. spinnerlys Guest

    spinnerlys

    Joined:
    Sep 7, 2008
    Location:
    forlod bygningen
    #17
    Who does read anyway? In today's age, if it is not twittered (wow, Dictionary/spell check has no problem with this word), it is not really recognisable, anything with more than 140 characters is not even seen by most folks.

    (drunk posting, may contain some truth)
     
  18. Schtumple macrumors 601

    Schtumple

    Joined:
    Jun 13, 2007
    Location:
    benkadams.com
    #18
    Drunk posting = truth posting.


    On an unrelated note, friends don't let friends drunk post. Go to bed Spinnerlys :p
     

Share This Page