Skip navigation

Flashback Trojan infection

1058 Views 17 Replies Latest reply: May 1, 2012 11:11 AM by LexSchellings RSS
1 2 Previous Next
Jack Q Level 1 Level 1 (20 points)
Currently Being Moderated
May 1, 2012 12:30 AM

My Macbook Pro has been running funny recently and I decided to install ClamXav to see if anything was wrong. It came back showing infection names: OSX.Flashback-8 & OSX.Flashback-12.

 

What shoud I do at this point?

I am running version 10.5.8.

 

Is there any way I can remove this trojan? I want to make sure my computer is safe.

I am really concerned and need quick help.

Thank you.

  • clintonfrombirmingham Level 7 Level 7 (26,655 points)
    Currently Being Moderated
    May 1, 2012 1:02 AM (in response to Jack Q)

    Both of these websites have tools to detect and repair the Flashback malware:

     

    http://flashbackcheck.com/ and here - http://www.f-secure.com/weblog/archives/00002346.html

     

    Good luck,

     

    Clinton

  • MadMacs0 Level 4 Level 4 (3,320 points)
    Currently Being Moderated
    May 1, 2012 2:22 AM (in response to Jack Q)

    This site is slightly more secure for finding out if you are infected as it uses a secure link to enter your UUID

     

    https://www.drweb.com/flashback/?lng=en

     

    However, you already know you are infected.

     

    The second link that clintonfrombirmingham entered is the only one I recommend for removal at this time.

     

    After the trojan is gone, you need to disable Java in all your browsers to keep from being reinfected. You should also keep a watch on all the financial institutions you have visited since being infected to make certain that privacy information was not compromised and consider changing the passwords to all those sites as well as any others that use the same password.

  • thomas_r. Level 7 Level 7 (26,930 points)
    Currently Being Moderated
    May 1, 2012 4:07 AM (in response to Jack Q)

    See About the Flashback malware.

     

    (Note that my pages contain links to other pages that promote my services, and this should not be taken as an endorsement of my services by Apple.)

  • LexSchellings Level 5 Level 5 (5,485 points)
    Currently Being Moderated
    May 1, 2012 4:25 AM (in response to Jack Q)

    I would use the Apple sites in Thomas' article to remove the Flashback malware. And it gives a very good survey about this malware too.

  • thomas_r. Level 7 Level 7 (26,930 points)
    Currently Being Moderated
    May 1, 2012 4:57 AM (in response to LexSchellings)

    Actually, none of the Apple solutions will work with Mac OS X 10.5.8.  They require 10.6.8 or later.

  • LexSchellings Level 5 Level 5 (5,485 points)
    Currently Being Moderated
    May 1, 2012 5:12 AM (in response to thomas_r.)

    I cannot argue with that. THX Thomas.

  • peter_watt Level 2 Level 2 (385 points)
    Currently Being Moderated
    May 1, 2012 6:23 AM (in response to thomas_r.)

    hope this is not a silly question, I just moved to Mac 100% from Windows and linux, but if there are no known viruses for Mac, what does ClamXAV have in its database, what is it looking for?

  • thomas_r. Level 7 Level 7 (26,930 points)
    Currently Being Moderated
    May 1, 2012 6:36 AM (in response to peter_watt)

    The oft-repeated "fact" that there are no known viruses for the Mac is a half-truth that obscures the full truth.  There is malware for the Mac, though none can be strictly categorized as a virus.  For more on this topic, see my Mac Malware Guide.  (Note that my pages contain links to other pages that promote my services, and this should not be taken as an endorsement of my services by Apple.)

     

    ClamXav includes definitions for most of those, plus most Windows malware as well.

  • LexSchellings Level 5 Level 5 (5,485 points)
    Currently Being Moderated
    May 1, 2012 6:40 AM (in response to peter_watt)

    It is looking for the same things as in windows. Malware may well be there on a mac but cannot not do any harm, unless you send it to a windows computer.

    Use Clamxav or Sophos only to scan manually on a mac, if you want it at all.

    There have been a few "trojans" on a mac, and they can be easily eliminated, but there is no protection for a really new malware by having a antimalware program running, even when they update the malware database very fast.

    The OS security updates and Java updates give protection for known malware so you do not need an antimalware app.

  • thomas_r. Level 7 Level 7 (26,930 points)
    Currently Being Moderated
    May 1, 2012 6:46 AM (in response to LexSchellings)

    The OS security updates and Java updates give protection for known malware

     

    Not all known malware, but yes, keeping your system updated is vital in protecting against malware like Flashback that uses vulnerabilities to sneak in without user interaction.

  • peter_watt Level 2 Level 2 (385 points)
    Currently Being Moderated
    May 1, 2012 7:41 AM (in response to thomas_r.)

    OK I see it. I seem to remember that from my linux days. Thanks.

  • LexSchellings Level 5 Level 5 (5,485 points)
    Currently Being Moderated
    May 1, 2012 8:06 AM (in response to Jack Q)

    I do not know. If you go to the kaspersky site by typing in www.kaspersky.com in the address bar, you cannot find the page you give here. If you type flashback in the home page search field it will not bring you anywhere. Thus it looks as if the page you give is a fraud. I would not know what you have to do now, to be certain.

1 2 Previous Next

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.