-
All replies
-
Helpful answers
-
May 27, 2013 12:04 PM in response to Topher Kesslerby MadMacs0,Topher Kessler wrote:
Ah! That is your hard drive, which for some reason got renamed in the Finder sidebar.
I think there must be something else going on, though, as the icon shown does not look anything like the one I see for my boot drive and the contents don't look right. Perhaps it's because the mini is using OS X Server?
-
May 27, 2013 12:21 PM in response to MadMacs0by Royal Cascadian,No, I'm not using this as a server and don't know how. I most definately didn't accidentally rename my HD. As you can see it's an entirely different device/drive other than my HD. So, it's a seperate partition that was installed when I accidentally clicked on some kind of link a few weeks ago. I know it's flash related because while using Chrome yesterday I was told to update my flash player (most likely to get me to download even more malicious programs), but Chrome does that automatically.
Now you can see there is a remote disc that I don't have permission to eject. So, something is going on because my permissions have been changed and I have a hidden HD.
-
May 27, 2013 12:22 PM in response to Royal Cascadianby Csound1,Royal Cascadian wrote:
I should also mention the flashback removal update went to the k device.
Just an FYI, OSX does not use drive letters. No c drive, or k.
-
May 27, 2013 12:25 PM in response to Royal Cascadianby MadMacs0,Royal Cascadian wrote:
No, I'm not using this as a server and don't know how.
I don't think you have a choice. Don't all mini's come with OS X Server installed?
-
May 27, 2013 12:26 PM in response to Csound1by MadMacs0,Csound1 wrote:
Just an FYI, OSX does not use drive letters. No c drive, or k.
And it looks to me as if it is "I K" not just K.
-
May 27, 2013 12:26 PM in response to Royal Cascadianby Topher Kessler,Apologies, its tough to see the screenshots. The device is not your hard drive, but the name of your computer. For some reason that got renamed. Go to the Sharing system preferences and change the "Computer Name" field, and see if that changes the name of this device.
-
May 27, 2013 12:27 PM in response to Royal Cascadianby Topher Kessler,BTW, you can take a screenshot of your system by pressing Shift-Command-3. The resulting screenshot will be a direct representation of your screen, and will be placed on your Desktop for you to access (ie, to upload here).
-
May 27, 2013 12:28 PM in response to MadMacs0by Barney-15E,MadMacs0 wrote:
Royal Cascadian wrote:
No, I'm not using this as a server and don't know how.
I don't think you have a choice. Don't all mini's come with OS X Server installed?
No.
-
May 27, 2013 12:30 PM in response to Royal Cascadianby thomas_r.,Aha, that throws some new light on matters. That "l k" item is your computer's name. Go to System Preferences -> Sharing and change it there. You have checked the first box under Devices in the General pane of the Finder's preferences to show that item in the sidebar. When you select that item, it shows you all possible devices you have. It looks like you have a disk image mounted, two shared folders, your hard drive (named Macintosh HD), the Network item (which allows you to browse for other devices to connect to on the network, and a Remote Disc item which, I believe, allows you to share the optical drive of another Mac that is on your local network.
None of this is related to malware.
-
May 27, 2013 12:31 PM in response to Barney-15Eby MadMacs0,You are correct. I just checked MacTracker and see there is a choice.
-
May 27, 2013 1:23 PM in response to MadMacs0by Royal Cascadian,Well, I don't think it's just my computer got renamed arbitrarily by me and coincidentally the same day my HD is modified. Why is it just May 14th?. The day most likely I downloaded a malicous program, which I did. In fact I noticed something a few days later was downloading another file automatically to my download folder. So i looked at what it was. When I had the windor opened I was going to throw it in the trash from the download folder, it disappeared. Not until the yesterday when a l k showed up did I care to find out what happened.
So I did download something that in turn downloaded something that then became hidden on my computer.
I didn't do anything because I figured it was dealt with when it disappeared. But after my computer was renamed and now file shareing was turned back on (which I just turned off deliberatly) it makes much more sense that the strange file that was downloaded and disappeared was what renamed my computer and allowed for files to be shared.What are the odds?
-
May 27, 2013 1:24 PM in response to Royal Cascadianby Royal Cascadian,I know how to screen capture, my iphoto is updating. I've been using mac before G3's.
-
May 27, 2013 1:56 PM in response to Royal Cascadianby MadMacs0,If you have Java installed, reinstall Java for OS X 2013-002 otherwise reinstall OS X Mountain Lion v10.8.3 which will run the Malware Removal Tool. It will either tell you that it found and removed something or be silent, in which case it didn't find anything.
If you are still uncomfortable download and run one of the anti-malware applications reviewed by Thomas Reed in his Mac Malware Guide.
I'm sure I speak for the rest of us here when I say that there is no currently known OS X malware that would do what you have described. You say you downloaded a malicious program and earlier you indicated that it was Flash Player related. Can you give us a better description of exactly what happened. Did you have Java enabled in your browser at the time? Was your OS X fully up-to-date at the time? Do you recall the name of the file that was downloaded and do you still have it? I assume you launched the downloaded file and allowed it to install something at the time. Did you notice anything unusual about the installation.
The latest Flash Update is 11.7.700.203, I believe dated 5/22/2013 and should be in /Library/Internet Plug-Ins/. There was one about a week before that, but I don't have the exact date at the moment.
Full disclosure: I do uncompensated tech support for the ClamXav Forum.
-
May 27, 2013 1:58 PM in response to Royal Cascadianby thomas_r.,If you believe you're infected with something, then just get a copy of Sophos and scan your hard drive.
However, nothing that you're telling us sounds anything like the symptoms of any known Mac malware. I can't say what's going on, as I can't entirely follow your description of what you've seen, but it certainly doesn't sound like malware. Honestely, it sounds like you're simply misinterpreting normal behaviors as malicious somehow.
I'd recommend that you take a look at my Mac Malware Guide to learn more about this topic.
-
May 27, 2013 2:19 PM in response to thomas_r.by Royal Cascadian,Thanks for your time and thoughts, I'm just going to reinstall OS X ML. Although didn't help on my PC.
I know that this is unusual that's why I'm here.
But the fact that my browers are supposed to automatically update flash, yet tell me to update the flash player exernally with the one on my computer, which I didn't install, would seem likely that it is malware. This exact same thing happened to my PC.My PC has been so deeply infected by malware that the BIOS is out of my control. I can't even get virus protection on the machine. I know what malware is and how it behaves.
Just because you personally haven't run into this, doesn't mean it's impossible, just unlikely, yet.
Have you never heard of a malware program automatically downloading more files? What do you think flashback was? And do you not think there are already newer versions of that? This is just the beginning for Macs.

