I think I have a Trojan in my system

Similar Messages

• I think I have a trojan horse, what to do?

  First off, I'm going to start by admitting that this is my fault.
  Last month I was ***** and cruising around looking at internet **** on my brand new 21.5 iMac. I think I tried to view a video on one of the sites and was prompted to download a required plugin, which I did. I believe that's how the trojan was allowed onto my machine.
  There was one site I decided to join for $19.99/month (one month only) and I filled out the online form including my cc information. The next day or so I received a phone call from the people who monitor my cc. They said there had been some unusual activity on my account. After reviewing, I found that about $800 in charges were made to my card by someone else. The card was cancelled and now, a couple weeks later, I have a brand new card.
  Fast forward a couple weeks to this last Sunday. I decided to buy some new floor mats for my wifes car ($117)and went online with the same computer to a web site for a well known company and this time I used my Paypal account to purchase the floor mats. The next morning I got an email from Paypal telling me that I had sent $20 to a company called Garena Online Private Limited. I contacted Paypal and started the process to dispute the charge and also changed my password.
  So, that's the background but now what should I do to get rid of the trojan horse? Is there some kind of virus protection software I need to run? I've been a Mac user since 1992 and this is the first time this has happened. TIA.

  http://discussions.apple.com/thread.jspa?threadID=1764179&tstart=0
  Tho seemingly from 2008 and archived, some info is old, but some was updated Oct 2010. Also use openDNS per http://discussions.apple.com/thread.jspa?messageID=13268959
  Wipe out the hard drive and Reinstall everything from scratch. If you don't have an external drive, you could use the Partition tab in Disk Utilty to shrink existing volume, and create a new empty 2nd volume. I would not use any backup software first (as it might include the trojan), but just manually copy your files by drag and drop in the Finder.
  For good overview of how to prevent it in future...
  http://www.macforensicslab.com/ProductsAndServices/index.php?mainpage=document_general_info&cPath=11&productsid=174

• Help - I think I have a trojan on my macbook pro

  I think my macbook pro is infected with something. It's circa 2010 and OS is up to date and current, however I first started noticing issues when the trackpad wouldn't respond as normal (the mouse would be very slow and jump). I updated the software and it seemed to help but now applications open up on their own and the mouse has a life of it's own. I was watching a movie, wasn't connected to the internet, and watched as the mouse proceeded to close the movie, open up photobooth and the webcam came to life.
  Please help, I have no idea what to do and have not turned on my macbook since it happened.

  I have encountered a similar problem a few months ago .  I did a complete shut down, took a small amount of glass cleaner on a paper towel and wiped down my MBP.  I left it open to dry completely, and booted back up. Problem free since. 
  If this doesn't help then I would definitely stick with Linc Davis. 
  A few questions to ask yourself to consider before jumping to the conclusion that you've been cracked.
  A you a high profile individual?
  Do you frequent open networks?   For example coffee shops.
  Have you recently entered your admin password for no apparent reason?
  As a White Hat Skiddie I have read it is more difficult to install and open a Trojan on a Mac than on other OS's. Not impossible, but unlikely.
  Ds Store really puts out some good user tips.  here are 2 I like.
  https://discussions.apple.com/docs/DOC-3047
  My only disagreement about this one is, yes WPA2 can be cracked.  However it is much more secure.  wish I could PM Ds store.
  https://discussions.apple.com/docs/DOC-3291
  Hang in there.

• Do I have a Trojan? Help please!

  I made a mistake and deleted files for Avast Anti-Virus (and I also uninstalled it) because I thought I would be able to install another anti-virus program I saw at cnet. When I tried to install, I had problems and ended up trashing the file. Now I have nothing! (I like Avast ok, but I thought it slowed everything down.)
  Then I tried to download a free software file from Lexmark (windows 7-64bit for printer 9500) I really need this driver, so I can use my printer. (The same software was used on a Gateway computer and worked fine.) Because of my slower connection, it took 9 hours to download, only to be told that it was corrupt. Its possible the connection was too slow. I think I may have a Trojan.
  I am going to try and download Malwarebytes Anti-Malware from cnet. If I am not successful, rather than hire Geek Squad to get rid of the Trojan, I would like to try and do this myself. Does anyone know the procedure?
  Also- IE8 Freezes up and whites over, when I have several windows open. Sometimes IE disappears off the screen and then comes back. For awhile it stopped and then came back. Last few days, the connection has been slower.
  Windows updates continues to download and I cannot get it to stop.
  Any other thoughts? I'm open to suggestions. I don't want to spend anymore $ on Geek Squad or antivirus software, if I can get the same for free. If I don't have a Trojan, then great- I just have a lousy ISP. I need to know what it is....driving me nuts and taking all the fun out of my computing experience.
  Thanks for the help-

  Hi MRG1,
  The procedure depends on the type of malware on the system. If you are able to  download and run MBAM, please post your log. If you run System Sweeper and are still having problems, see if you are able to download DDS and save it to your desktop.
  Disable any script blocking protection
  Double click dds.scr to run the tool.
  When done, DDS.txt will open.
  Click Yes at the next prompt for Optional Scan.
  Save both reports to your desktop.
  Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Some instructions for disabling AV are HERE.
  Please include the contents of the following logs by copying and pasting the text of each into your next reply:
  DDS.txt
  Attach.txt
  Those scans are for diagnostic purposes and will not clean the malware. Based on what shows up in those logs I will post additional advice.
  ThinkPad: T530 / X1 Gen 2 / Helix - Yoga: Tablet 2 Pro (Win) / Yoga 3 Pro
  If you find a post helpful and it answers your question, please click the "Accept As Solution" button.
  Lenovo Advocate ~ I am not employed by Lenovo or Microsoft. I am a volunteer.
  Microsoft MVP - Consumer Security
  SpywareHammer

• I think I have a virus/spyware/adware???

  Hello!
  Last week while I was on www.google.com searching images, my Safari download manager popped up and began downloading "soft_58s7.exe". I immediately deleted it and assumed that I had clicked on an image that took me to a link that gave me a virus. I continued on using google, and when searching something completely different the download occurred again, and again. Each time I deleted the file from my computer by locating it in Finder and dragging it to the trash.
  However, not I get random pop-ups everyone once in awhile while using sites that I know do not have pop-ups (Google search, aol.com, facebook). So I think I have a virus.
  I also tried to download ProtectMac Antivirus, but it tells me that it cannot be downloaded because there is another antivirus software on my computer that it is not compatible with. I checked my applications and there was an app called "VirusProtect", which I drug to the trash as well. However I still received this message that ProtectMac could not be installed because of another antivirus application. I believe that I either did not uninstall VirusProtect correctly, which I need help doing because the icon is no longer there, or this is also an effect of the virus.
  Please help!!
  Im on a MacBook, running OS X 10 .5.8
  Thank you!
  I think this is also an effect of the virus because I have no virus protection on my com

  .exe files are Windows executables that do not run on Macs, and simply downloading one will not give you a virus. Random pop-ups in your browser may occur but as long as you dismiss them there should nothing of concern.
  You cannot delete virus protection software by dragging it to the Trash. You must use the appropriate uninstaller that is included with the software.
  Also see:
  Do You Need Anti-Virus Protection for Your Mac?
  According to Rich Mogull's article, Should Mac Users Run Antivirus Software?,
  "The reality is that today the Mac platform is relatively safe. There are hundreds of thousands of viruses and other malicious software programs floating around for Windows, but less than 200 are known to target the Mac, and many of those are aimed at versions of the Mac OS prior to Mac OS X (and thus have no effect on a modern Mac).
  It's not that Mac OS X is inherently more secure against viruses than current versions of Windows (although it was clearly more secure than Windows prior to XP SP2); the numerous vulnerabilities reported and patched in recent years are just as exploitable as their Windows equivalents. But most security experts agree that malicious software these days is driven by financial incentives, and it's far more profitable to target the most dominant platform."
  Mr. Mogull is a computer security expert. I recommend reading the entire article as it is quite informative.
  For additional information on viruses, trojans, and spyware visit The XLab FAQs and read the FAQs on viruses and spyware.

• In disk utility, below Macintosh HD I have 4 trojan "decryptedFile.dmg (flash player)" and my computer is super slow, does erasing Macintosh HD will also erase these files?  If not how can I erase? (bear in mind computer so slow a click takes forever)

  in disk utility, below Macintosh HD I have 4 trojan "decryptedFile.dmg (flash player)" and my computer is super slow, does erasing Macintosh HD will also erase these files?  If not how can I erase? (bear in mind computer so slow a click takes forever)

  Thank you Thomas in fact I have seen your guide before  and had gone thru the steps including repair disk which didn´t work. I am erasing disk before checking hardware. I have posted a photo of the 4 decrypted files in the disk utility and also of the adobe icons in the dock and question marks. Some people say if the adobe appears in the dock is because it is the trojan flash player and they keep jumping in the dock.  If this is not malware it seems to be an incredible coincidence that when I start seeing these things in my dock and the decrypted files in my disk utility is when my computer goes so slow (I am typing this in my macbook air because to write this message in my imac would be about 6 hours, I am not kidding, it is completely useless at this point it took me 2 and half days too instal mac os x after disk repair, it took me 3 days to transfer just 100 gigabites and now is taking the whole day (and it says another day more) just to erase the disk. Despite all this the icon of adobe keeps jumping in the dock so, although I am no computer and mac expert, just an user, I am inclined to think that it is malware and it is a shame that mac doesnt´recognize it or have anything here to help me get rid of this.  I am not even sure if erasing the disk will work since repairing didn´t work... all advice is welcomed.

• Is there a fix for a virus I think I have on my SOX 10.7.3 system.  Has to do with email everyone on my list received about a week ago and I didn't send anything

  Is there a fix for a virus I think I have on my system  Has to do with email people received.  I didn't send it and some of them couldn't open it.  Is this a trojan virus and how do I fix it

  Generally that either means someone hacked your email account and sent the emails from your account, or one of your Windows using friends has a virus. You can check to see if your account was hacked by looking at your sent items folder. If it was sent from your account, it would be in the sent items folder. If it was accessable from the Web, check whatever webmail interface you have.
  The more common opition is that it is a virus on one of your friend's Windows computer that uses his email contact list to spoof the return address of the spam it sends out. The email is sent from somewhere else, but uses your email address as the return address.

• I have  at trojan horse.norton can not remove or quarrantine.virus is 36c09694-167c0775.Help

  I have a trojan horse virus.36c09694-167c0775 Norton can not remove or quarrantine.Help

  I don't think anyone here will be able to identify which trojan that is, or whether, even, it's a Mac trojan. I would contact them. Only they will know what that code is supposed to mean.
  BTW, there is no such animal as a trojan horse virus. There are trojans and viruses, two entirely different things. Thre are no viruses at all for Mac.

• HT1918 Hi - I think I have different apple devices recorded under different apple IDs. Now I would like to consolidate all the devices under one Apple-ID.  I have tried to do this going through the manage accoung like, but it timed out - could somebody he

  Hi - I think I have different apple devices recorded under different apple IDs. Now I would like to consolidate all the devices under one Apple-ID.  I have tried to do this going through the manage accoung like, but it timed out - could somebody help, pls

  Purchases of multple Apple ID accounts cannot be merged as noted here >  Frequently asked questions about Apple ID

• I think I have opened the sobig.f virus in my hotmail account and it keeps seding emails to my contacts. How do I stop it, and will it effect any of my other transactions like internet banking/shopping, is it safe?

  I think I have opened the sobig.f virus in my hotmail account and it keeps seding emails to my contacts. How do I stop it, and will it effect any of my other transactions like internet banking/shopping, is it safe To continue using my ipad ?

  This isn't due to malware. There is no known malware capable of infecting an iPad that has not been jailbroken (ie, hacked to allow apps from outside the App Store).
  As lizdance40 says, your Hotmail account has been hacked remotely. Change the password immediately. Hotmail accounts are popular targets, but as long as you choose a good password, and make sure that password is not the same as a password you use with any other account, you should be safe.
  I disagree with lizdance40's statement that you have to abandon the account and create a new e-mail address. If a hacker is able to get back in even after changing the password, the problem is not with the account itself. There's another vulnerability of some kind somewhere. Perhaps the account allows hackers to leave a "back door" to get back in (such as with GMail's delegation feature), in which case any such feature needs to be reviewed and have settings changed. Perhaps you are checking mail in an insecure manner while on an insecure network (ie, a wireless network that requires no password). Perhaps you are using a password on multiple accounts, and a different account has been compromised. Perhaps a hacker has used knowledge gained by prior access to your account to achieve "social hacking" (ie, convincing a tech to give him access because he has "forgotten the password"). There are many scenarios, but there's no good reason to abandon the account entirely.

• TS3297 I have an iPhone and recently bought an iPod 4 touch what l am using the same apple ID for. The iPod won't let me download songs from iTunes it is asking me security questions which I don't think I have put answers to in the first place.

  I have an iPhone and recently bought an iPod 4 touch what l am using the same apple ID for. The iPod won't let me download songs from iTunes it is asking me security questions which I don't think I have put answers to in the first place, because of this it won't let me buy any songs on iTunes

  It's probably asking you to verify the security code found on the back of your credit card.
  Regards.

• Can't I get my old iTunes that I have purchased downloaded from Apple?  I don't have the old computer anymore.  Also, is there a number to call if I think I have more than one account and would like them to consolidate my accounts?

  I have two problems:
  1.  I no longer have my old computer and want to download the iTunes I have purchased in previous years.  Aren't they all in "the cloud?"
  2.  I think I have more than one account and would like to get them combined.  Is there a good number or email to Apple that I could get that done?
  THanks!
        SHawn

  It has always been very basic to always maintain a backup copy of your computer.  Have you failed to do this?
  You can redownload some iTunes purchases in some countries:
  Download past purchases - Apple Support
  As provided, you cannot merge accounts
  Sorry

• HT204053 Can't get into old account, I think I have 2 accounts and the APP Store is under an old one and somisnItunes and I can't get in to change the password

  Can't get into old account, I think I have 2 accounts and the APP Store is under an old one and somisnItunes and I can't get in to change the password

  How to find your Apple ID:
  http://support.apple.com/kb/HE34

• What happens if you think you have two apple IDs?

  I think I have two apple IDs. One I created many years ago with an IPod, but I don't know what that one is now. It has most of my music attached to it. Now I have one with my email that doesn't have all that music and I can't get the music to attach to it??

  Content from the iTunes Store is permanently bound to the Apple ID through which the content was purchased. If you used two different Apple IDs, you'll need to use both IDs to authorize computers, view your purchase history, or re-download items. If you can't remember an ID or its password, try this page:
  https://iforgot.apple.com
  Regards.

• Apple ID issues? i think i have two accounts but i cannot find out the password for the one that controols my apps!? please help!

  I think I have two apple ID accounts.
  The account I am using right now is Alexiaann22. Im like 99.9999% possitive that before this was my origonal account(rosepetttals).
  When I am buying an app in the app store the apple id is already there and all you have to do is change the password. But the apple ID thaat is there is the Rosepetttals.
  I am no longer using that email so I cannot get the password sent to it. I also cannot retrieve the password for rosepetttals because it says that the birthday I am entering is incorrect. but im pretty sure I would know my own birthday.
  I know its alittle confusing but I would appreciate any feedback. Thanks you! 

  I am having this same issue, please help asap... I cannot listen to half of my music library and have never encountered this issue before.