User profile for user: StarDeb55
StarDeb55 Author
User level: Level 6
19,695 points

Yikes, it looks like I may have a Trojan

In the middle of reading a story on my local newspaper's website last night, all of a sudden I get what appears to be a virus scan running under the name of Immunizator. I couldn't get it stopped. The only thing I could do was an "emergency" shutdown, restart & shut down were blocked by the darn thing. It was so late I really didn't want to deal with it, so I thought I would try this afternoon.

After doing a "google" for "immunizator", it does look like it's some type of Mac OsX Trojan. I have gone through, sending the app to the trash, & all of the .dmg junk. When I tried to empty the "trash", this stuff has the "empty" option blocked, so I did a "force empty" with Leopard Cache Cleaner which appeared to work. "Appeared" is the key word. When I use "finder" to look up the key word, "immunizator", the **** thing still opens up on my system. I'm now totally confused, lost, whatever as to what I need to do to get rid of this, ONCE & FOR ALL! Help is greatly appreciated.

iMac G5 2.0, Mac OS X (10.5.4), 160GB iPod Classic, 2G iPod shuffle, iTunes 7.7

Posted on Jul 11, 2008 8:13 PM

Reply
37 replies
User profile for user: StarDeb55
StarDeb55 Author
User level: Level 6
19,695 points

Jul 13, 2008 3:32 PM in response to orangekay

So sorry, I was in the wrong place. Anyway, I have to give you a little background before I explain what I've seen in the right place.

I had to have my hard drive replaced in 2/08. In the process of moving my home folder back onto the system after a new install, (SuperDuper backup), I apparently misunderstood the directions, ending up with administrator folders that I had no privileges to access. I had to find the actual thread I posted on, to remember what I did to fix this, & here that is:

"I guess if I had been a little more patient, I could have figured this out. I was absolutely not happy about facing another erase/install in 3 days especially after the HD crash & burn on Saturday night. Out of desperation, I simply went in & deleted all admin accounts but the one that MA migrated over to the new drive on Saturday & SUCCESS! I have made a couple of trial downloads of several things with no errors, bought one album from Amazon which is download right now, so it looks like I'm good to go, no erase/install required."

I still periodically find these files/folders that have the red "-" through them that I can't access. Once I was in the right place, the location you were giving me was such a folder. In fact, it was the whole library folder. I sent that folder to trash, did a restart, & I'm not sure what I'm looking for, now, but the font book still opened on the restart. It's always opened on a restart, etc.

I do appreciate you trying to sort this out for me.
Reply
User profile for user: The hatter
The hatter
User level: Level 9
61,031 points

Jul 14, 2008 7:51 AM in response to StarDeb55

Take a look at Batchmod to clean up ownership of your home folder. Also Leopard Cache Cleaner. TriBackup 5 also shows and alerts me to files and folders that have wrong ownership flags.

I noticed that 10.5.4 seemed to have changed the ownership flags on most all of my FW SuperDuper clones. Not sure what happened or when, but been dealing with cleaning them up over the weekend.

Batchmod http://www.macchampion.com/arbysoft/
http://www.versiontracker.com/dyn/moreinfo/macosx/12057

LCC http://www.northernsoftworks.com/leopardcachecleaner.html
http://www.versiontracker.com/dyn/moreinfo/macosx/16494
Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Yikes, it looks like I may have a Trojan

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up