Virus On my New Mac Pro

Discussion in 'macOS' started by Edmond4, Nov 18, 2010.

  1. Edmond4, Nov 18, 2010
    Last edited: Nov 19, 2010

    Edmond4 macrumors newbie

    Joined:
    Oct 23, 2006
    #1
    [If You Are Hurried, a synopsis is found near the end of this post.]

    In 2003, I got a very intense virus on a PC. It took me 2 weeks to get it off. The techies helping me found that it was "network aware" and we found it would move and change folders it was hiding in. Incidently, in that same time period, not hardly given status as it should have been, but burried deep in the back of papers, if reported at all was the FBI's new "Operation Magic Lantern" wherein the FBI and the Federal Criminals trampling the US Constitution and Bill of Rights with their newly passed Patriot Act took upon themselves power to "inject" anyones computer with a virus or trojan and conduct keylogging software. It was then a few more years that we then found out about the vicious and illegal abuses of the Bush Administration. The Patriot Act and the survailance state are not for Al Quida (al-CIA-duh) but for the American people (sheeple).

    Well, to not go further in what some will be perhaps castigate me for being political, suffice it to say that once my virus was dected and found, we had to "kill" it and it's process before it could be deleted. I was then sent to the techies who submitted it to Symantic Corporation for analysis. They reported back that they couldn't have caught that one, and didn't (for Norton was running on my PC). They said it was highly sophisticated. Then I was told where on my system I could find a folder, to look inside for a text file. Indeed, there it was, a text file with keylogging entry for two solid weeks of every keystroke I'd made. I could see Usernames, passwords. I had two cars on Ebay at the time being sold. I could see where it recorded even photoshop files being opened and closed. It was all recorded. Norton Anti-virus didn't catch it.

    Two years later, I bought a Mac, PowerPC. How great that mac has been. No known viruses.

    Now, this week I got my new Mac Pro. I copied my last system hard drive to the new Mac Pro. I had a few applications pop up a note asking to look for "Times New Roman" and "arial" fonts on my second hard drive on the system. Strange. Why weren't they finding the basic fonts on the boot drive.

    I was on with Apple Tech support today to find out why my front headphone jack on my new computer wouldn't work. We reset the power settings and corrected that problem, now sufficient power gets to the headphone jack.

    Then, I told them about my next little issue, for it was nothing major.

    Font Folder With Virus Invected Fonts?

    I had told tech support that in the last few days I'd had a few applications open up and ask for these alternate fonts (Arial, Times New Roman) on the second hard drive. I gave permission, but thought that was messed up and I knew I'd have to look into the problem later.

    So, today, with Apple Tech support, they had me go to my main user directory, and in the Library go to "fonts" and rename it to "Fonts1" It would not let me change the name. I then opened up the "more Info" tab and tried there. It was greyed out and I could not rename it. I unlocked it, I had to put in my administrator password, and yet the Fonts folder did not let me rename it. Then, tech support had me just make a new folder on the desktop. I put the all the fonts from the font folder (We were in safe mode, having booted up with me holding down the shift key, by the way), into the folder on the desktop. There were 28 fonts. All standard, I think. Then, the font folder was empty.

    We rebooted. Upon rebooting, I started up Firefox and a few other applications and sure enough, no problems. The app opened without asking to go to the 2nd drive for the basic fonts.

    After I was off the phone with Apple Tech support, then came the problems in a big way. I went back to the folder in the Library, and found it was "empty" which seemed strange. I assumed it had reloaded some basic system fonts. With an empty font folder, I thought I'd browse the fonts on my system with Font Book. I opened up Font Book. Wow, tons of fonts. Then it hit me and I remembered. Weeks ago I had been looking at fonts, and found I had tons of hebrew fonts, Arabic fonts, many asian languate fonts, none of which I had ever installed. I had gone through, and I thought, deleted them. I had been thinking of asking a brother if he had installed or enabled them as a joke on me, but I forgot about the issue and never asked.

    So, tonight I began to delete these fonts. Then, I began from fontbook look them up by "reveal in finder" to see where they were stored. Sure enough they were in my main system directory in the font folder in the library. After deleting many from there, I found they would somehow regenerate and reappear. I then deleted the whole font folder, which asked for my administrator password to perform. I deleted it to teh trash adn emptied the trash. Back in Font Book, the fonts were still there, but how could they be?

    I found the whole folder again someone regenerated with all the fonts previously deleted within either Font Book or the Finder.

    So, then, I started browsing for virus issues with fonts and OSX. Obviously, hardly anything existant on that topic.

    I then found a free virus scan for Mac OS X. Skeptical I read a while and searched other sites and comments of posters to see if I thought it was legit. I downloaded it, and by the time I installed it, the whole OS was in corruption mode, all my "menus" were disappearing. I could see buttons, but no text. Text everywhere was disappearing. It was awful to see this happening on a mac. I installed the anti-Virus software anyway, just clicking on the right button through setup. It ran a scan, but I couldn't see the results of the scan. I rebooted. Same problem, but this time worse than ever. All the system text and menus were blank.

    I rebooted in safe mode, where I can once again read menus, and I opened up that anti-virus software again which is currently scanning my system.

    I thought I'd make an appeal to any technically minded people here on what their thoughts might be.

    Specs:

    The hard drive from my old mac was running OS 10.4.11 on it. I migrated that whole drive to my new Mac Pro running the latest and best.

    I do have a folder on my second drive that has some fonts in it. As I've typed this, I realize that folder might be the very source of some virus, as the system had asked for fonts from that second drive.

    The anti-virus software currently doing a scan is called:

    ClamXav

    Update:

    That virus scan revealed nothing of note, e-mail stuff of no consequence: "phishers."

    Booting back up in Safe mode I went to the same system font folder and looked through it. I also looked at the font folder on the desktop, and it now has three times the fonts it did before. I went through them and opened them all up, to see if a re-install of them through the Font Book would flag any problems. It installed them, but yet "installed" they fail to show up in Font book anywhere. All of the fonts in Font Book are gone, even after I install fonts.

    To reboot the computer, the thing is just messed up. It freezes up. I can't even Command+Tab through windows, there is no response. I can't see the dock. I reboot and get the same thing.

    The computer went from wonderfully operating to total joke in a matter of hours. I'll appreciate a call from Apple in the Morning (it's scheduled) but I don't much anticipate a whole lot of help unless they really have a sharp person on there who knows their stuff. Maybe a full re-install will be what happens, but that will suck.
     
  2. Hal Itosis macrumors 6502a

    Hal Itosis

    Joined:
    Feb 20, 2010
  3. iStudentUK macrumors 65816

    iStudentUK

    Joined:
    Mar 8, 2009
    Location:
    London
    #3
    Ok, I can see two possibilities-

    1-It is clearly the CIA using the patriot act to infect your computer to force you to use specific fonts so they can monitor you and keep your information on a giant computer hidden near the north pole. They will then sell all your personal information to the North Koreans. You should remove your hard drive, shred it, burn it, shred the ashes and bury it at least 10 miles from your house.

    2- This is a

    D
    N
    I
    W
     
  4. brijazz macrumors 6502

    brijazz

    Joined:
    Jul 31, 2008
    #4
    Nothing is wrong. Proceed as usual.

    Sincerely,
    Kim Jong-Il

    cc: UN Secret Division of Privacy Invasion


    --------

    Seriously though, how did you go about migrating your old Mac's contents to your new Mac Pro?
     
  5. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #5
    TLDR

    What I did come away from this thread is people have a knee jerk reaction when something goes wrong on their computer - its a virus. Heck my wife on her Pc does the same thing. Something weird if happening and she panics thinking she's got a virus.

    As for November 19th, 2010. There is no viruses for OSX. Just because a font or something in the OS got corrupted means there's malware.
     
  6. PatrickCocoa macrumors 6502a

    Joined:
    Dec 2, 2008
    #7
    Thank You

    This post made my day.

    I was sitting here, minding my own business, working as usual at the Trilateral Commission. My latest op, False Flag XIX, was proceeding as planned. By the way, don't buy any Heinz ketchup for the next two weeks. Anyway, Robot Al Gore and I were playing liar's poker with US Treasury Bills, laughing a people who pay income tax (it's unconstitutional, folks) when Soros walked in (well, actually, it was Soros' head in a jar and he was wheeled in).

    "FEMA really dropped the ball when we gave them martial law power after Katrina, so I've switched to the TSA - I've modeled them on the Brownshirts and we should take power sometime in June or July of 2012". Soros is always the joker - we all know the coup is scheduled for August 2012. "But there's a mac user who may cause trouble - can either of you help?"

    At that point Jimmy Carter came in from the sheep pens - he volunteers to miniaturize himself and be injected as a virus into the mac user's mac. "I'll mess his fonts, then move on to the sensitive data he has stored in the folder named 'Porn'", says Jimmy, smiling.

    Nothing to see here, citizen, move along.
     
  7. santaliqueur macrumors 6502a

    Joined:
    Aug 7, 2007
    #8
    When did the word "virus" become the catch-all word for "problem"?

    Read up on what a virus is. You don't have one.
     
  8. chrismacguy macrumors 68000

    Joined:
    Feb 13, 2009
    Location:
    United Kingdom
    #9
    This thread has not only made my day, but reminded me how many Mac Users dont realise that 1) Virus. Mac OS X. Pah. and 2) OMG THE SYSTEM RESTORES FILES. THAT HAPPENS. OMGOMGOMG THIS MUST BE A VIRUS. Is the standard reaction whenever it does something that keeps the system working, such as regenerating the Fonts Folder.

    Maybe I should start running tons of Virus Scanners on all my Macs (11 at last count) just incase the CIA or the British Government really want to look thru all my tedious college work and my iChats with friends...
     
  9. robert05au macrumors regular

    robert05au

    Joined:
    May 19, 2005
    Location:
    Dubbo, NSW
    #10
    ClamXav gives a lot of false positives also.

    It sound much like a corrupt font.

    Also one thing I didn't read was the mac running 10.4.11 and intel or PPC mac as going from a PPC mac to intel mac could possibly cause issues with the system
     
  10. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #11
    Exactly! Too much time spent on Windows, where viruses and other malware are the first things you think of. In the Mac world, make it the last thing.
    First, you don't have a virus on your Mac. I don't need ClamXav to tell me that, and neither do you. There are no viruses in the wild that run on current Mac OS X, and only a handful of trojans, that you must actively install yourself before they can function.

    You really need to read this: Mac Virus/Malware Info

    Second, you have two fonts folders:
    /Library/Fonts/
    /Users/username/Library/Fonts/​
    As these are system-generated folders, you shouldn't try to delete the folders. You can add and remove fonts, but some fonts are required for your Mac to operate properly, and shouldn't be removed.

    You simply had some corrupted fonts and should have validated your fonts with Font Book and removed any faulty fonts, rather than trying to delete them all.

    Whenever you have a problem on your Mac, here's a recommended approach:
    1. It's NOT a virus, so don't waste time scanning for such.
    2. It's most likely something you don't understand, so research and find out what the problem is.
    3. If you need help, search this forum with MRoogle for threads where others have had the same problem (you're not the first).
    4. Don't panic...... THINK!
     
  11. Lostanddamned macrumors 6502a

    Lostanddamned

    Joined:
    May 3, 2009
    Location:
    London, UK
    #12
    I was curious about this thread - after all, mac users tend to be complacent about OSX viruses - as there are "none" (better safe than sorry etc), so I like to keep abreast of what is going on with regards to this.

    Then I read the word sheeple, and realised there is nothing to worry about here.

    The mac is slightly corrupted and I am sure it will be fixed easily

    also, Al-cia-da doesn't even work as a pronunciation
     

Share This Page