October 21st, 2010, 06:06 PM #1
HELP!! I think my Macbook Pro's infected with a trojan!!
I woke up this morning and it was like my computer and net connection had been totally hijacked -- not the applications or anything actually located on my computer - my programs seem to run fine for the most part (though ODDLY I found a series of photos that I did not put on my computer and DID NOT BELONG TO ME in my Library folder, just sitting there..) -- But basically anything connected to the internet is running abnormally ..
My date and time settings are messed up and when I go into that window to have it 'locate' where i am, it cannot do so.
My dropbox which loads every time my computer and airport is on automatically won't connect.
Every website runs VERY slowly , loading google takes a minute and we have the fastest internet connection available in Quebec. Most websites won't load at all - when try to open www.hotmail.com I get the message:
'the certificate for this website is invalid. you might be connecting to a website that is pretending to be login.live.com' which could put confidential information at risk. Would you like to connect anyway'?
It won't let me connect anyway.
Even most regular sites I get a script error, or script loading problem.
On top of it, my girlfriend and I have a shared email address that we both noticed last week was sending spam mails ... So I think this is connected.
My roommate is on the same router - and his connection and net works perfectly.
Called my ISP they said it was almost 100% a problem w/ my computer, and I called Apple and they said the only thing I could do was ERASE/INSTALL OSX.
Did some research on the net, which brought me into the terminal and my internet plugins folder but there are no plugins in that folder and none of the virus programs i have run on my program can locate anything out of the ordinary.
WAT is going on??? And if I do go thru the hassle of backing up and reinstalling all my stuff tonight to reinstall everything clean -- will this for SURE rid myself of the problem?
Thanks for any info you might have, i've been using Macs for years and despite some HW issues - logic board fail last year - never had a virus or anything like this .
October 22nd, 2010, 05:44 PM #2
By chance did you visit a website that wanted you to download a " codec" so you could watch a video?
October 23rd, 2010, 12:30 AM #3
yes I did, I watch a lot of US tv online that is not available in quebec and remember getting that message on dailymotion very recently...
Is this where u think it happened??
i have gotten messages like this in the past (netflix silverlight plugin etc) and have never had any issue.
I have since erased and reinstalled everything, and the problem seems to have gone away ... But I still have some questions - how can I be sure that the 'problem' is not lingering -- if it is a trojan -- I ran all freeware antivirus programs I could find and not one could locate anything resembling a trojan... What antivirus software is standard and most reliable in terms of updates etc for Mac osx?? What would be the best defense against this....
And - what was it DOING on my computer? What was it capable of doing? What did it compromise, besides my passwords potentially?/ Should I be going around canceling all my credit cards (I ordered something online within the last couple weeks) , changing all my email passwords etc? Or by removing it , is the problem gone forever??
October 23rd, 2010, 01:06 AM #4
You might have installed the "DNS Changer trojan" but coming from DailyMotion it seems unlikely.However you did the right thing with a fresh install.And no you don't need to worry about changing paswords,etc.All this trojan did was scramble your DNS settings and slow things down.and try to take you to other sites.Given this day and age though it is a good idea to change passwords on a regular basis and use something like "Little Snitch" to monitor your outgoing connections.