Previous 1 2 Next 22 Replies Latest reply: Jun 4, 2014 8:04 AM by NikeAdidasGuy Branched to a new discussion.
Guru J Level 1 Level 1 (0 points)

I have  mac running osx 105 with kaspersky internet security. All  up to date. I have not downloaded anything not approved by apple and do not visit sites not approved or certificate. · days my computer was acting strange, files stops uploading on hightail. Then problems really started. I could not do a full scan, after about 3% it said scan complete, that was after 5 minutes, a full scan normally takes 1.7 hours. I opened in safe mode but kaspersky would not open message always said opening. I could not scan. I could however download  files in safe so I re installed kaspersky. I then opened mac in normal mode and was able to install new virus. THEN I RAN A SCAN AND IT FOUND  2x trojen-downloader active threats. It removed them but all is not OK. I cannot access apple sites, my emails freaking out , all web `pages untrusted, BANK log in- fake web site, asks for personel details, I now cannot do full scan-, cannot go to apple updates message cannot connect, I am wrting this from a PC as I don’t dare play with my Mac until the right help arrives……

 

what do i do....


iMac, OS X Mountain Lion (10.8.5), kaspersky protection
  • Guru J Level 1 Level 1 (0 points)

    the trojen is -downloader.js.ifr- 

  • babowa Level 7 Level 7 (27,385 points)

    Uninstall Kaspersky.

  • Guru J Level 1 Level 1 (0 points)

    I did- thats when it detected the trojens...but now it wont scan, fails to open apple pages, cant download, it is compltely freaking out

  • babowa Level 7 Level 7 (27,385 points)

    Take a look here:

     

    http://www.thesafemac.com/

     

    (both the malware and adware sections).

     

    You most likely got an email attachment with something that will affect Windows.

     

    If you can't do anything with your Mac, use recovery (Command + R during bootup) to wipe your drive and reinstall the OS. Make a backup of your files first.

     

    http://support.apple.com/kb/HT4718

     

    And do not reinstall Kaspersky which is possibly the reason for this entire problem.

  • Guru J Level 1 Level 1 (0 points)

    If the trojen is still active surely when you back up files the trojen- downloader .jsifr will simply attach itself to the transfer.

     

    How can esure the trojen is filtered out in the transfer to back up.

     

    The worst thing i could do is spend a couple of days wiping my mac reinstalling all programs and files only to find my Mac crashes and cannot operate again.

     

    I will do whatever it takes but i need to be sure.

  • thomas_r. Level 7 Level 7 (30,385 points)

    Those items are not Mac malware. They are malicious JavaScripts, probably embedded in another site through some kind of website hack. Their intent would be to download trojans onto your computer, but they are not trojans themselves. Further, they probably would not download a payload that would work on a Mac, and even if they did, you would still have to open whatever was downloaded in order to be infected. And it would have to be malware not already blocked by Mac OS X.

     

    So, long story short, those items weren't hurting you. However, from the sounds of it, Kaspersky has hurt you. Unfortunately, anti-virus software makers won't tell you this, but you should never allow anti-virus software to delete things from your computer! Doing so can cause problems, because some items shouldn't be deleted that way, and because anti-virus software isn't always correct about a file being malicious.

     

    To figure out how to properly delete items that anti-virus software has found, see:

     

    How to remove infected files

     

    As for the problem with your system not working properly, Kaspersky tools have caused similar problems before. Sounds like Kaspersky may have damaged your system. My advice would be to:

     

    1) Get rid of Kaspersky immediately. Be sure to use the uninstaller provided by the developer.

     

    2) Restart the machine and test again. If it's still not working right, proceed to step 3. If everything works fine at that point, you're done.

     

    3) Back up your computer, as a probably unnecessary precaution before step 4

     

    4) Start up in recovery mode (hold down command-R at startup) and reinstall the system. This will simply install on top of your current system, replacing any missing or damaged files with fresh copies. Your other apps and documents won't be touched, unless something goes seriously wrong.

  • Guru J Level 1 Level 1 (0 points)

    These are the facts. kaspersky quaranteened the trojens. I can send you snmap shots of the trojens found and all the damage the trojen was doing in real time. I have over 100 snap shots.  I did not delete any files until the next day.  Right now the kaspeksy is off and the computer is really freaking out, in safe mode when i go to apple site the trojjen is blocking every attepmt, the trojen will only me access to unregistered unlicenced sites. When i go to upload updates it frezzez the interenet. When i go to my bank account it directs me to a fake website and tries to access my persoenl data.

     

    When i get to an offical site the trojen is interefering with the screen and the bview is all blurred. i have all sbapshots.

     

    With respect if i did not delete files what you are saying abut kaspersky being the problem is simply not true. What if millions of people with macs get this trojen and they find out the only advice i got was kaspersky caused my computer to crash, fail to upload, direct to false websites, stop my internet from working and much more. The next day i deleted 2 files kaspersky suggested. these files were image files. To say image files caused my computer to crash is silly. If it was associated to program files maybe you have a point.

     

    No you are wrong about this . i have had kaspersky for 4 years and never had 1 problem. I can send you PROOF THAT KASPERSKY IS NOT TO BLAME and these trojens exist and causing huge damage to my mac.

     

    I look forward to soemone that knows wahts gpoing on . I think more people should take this trojen- downloader file a bit more serious before its too late to do anything abou it. remeber where you heard it first.

  • Guru J Level 1 Level 1 (0 points)

    not correct.....i use this computer for music production and only have logic 10 installed. I never open attachements and 100% secure, which nmakes this more serious, i think the trojen appeared when i downloaded music files on hightail. something weird happened and froze my compouter during upload.

     

    this might help you in what i said to another meber who got their facts wrong:-

     

    These are the facts. kaspersky quaranteened the trojens. I can send you snmap shots of the trojens found and all the damage the trojen was doing in real time. I have over 100 snap shots.  I did not delete any files until the next day.  Right now the kaspeksy is off and the computer is really freaking out, in safe mode when i go to apple site the trojjen is blocking every attepmt, the trojen will only me access to unregistered unlicenced sites. When i go to upload updates it frezzez the interenet. When i go to my bank account it directs me to a fake website and tries to access my persoenl data.

     

    When i get to an offical site the trojen is interefering with the screen and the bview is all blurred. i have all sbapshots.

     

    With respect if i did not delete files what you are saying abut kaspersky being the problem is simply not true. What if millions of people with macs get this trojen and they find out the only advice i got was kaspersky caused my computer to crash, fail to upload, direct to false websites, stop my internet from working and much more. The next day i deleted 2 files kaspersky suggested. these files were image files. To say image files caused my computer to crash is silly. If it was associated to program files maybe you have a point.

     

    No you are wrong about this . i have had kaspersky for 4 years and never had 1 problem. I can send you PROOF THAT KASPERSKY IS NOT TO BLAME and these trojens exist and causing huge damage to my mac.

     

    I look forward to soemone that knows wahts gpoing on . I think more people should take this trojen- downloader file a bit more serious before its too late to do anything abou it. remeber where you heard it first.

  • Guru J Level 1 Level 1 (0 points)

    this is of no help sorry...

     

    mac users need to take my post more serious , i have snap shots to prove mac users need to take notice this.

     

    I need more than just apple users advice to wipe my mac. WOW...that really doeas not hepl. If i do what happens if anyone wants to know more about the damage this trojen could do to millions of mac users.

     

    Why is evryone not talking about the damage this trojen is doing. and has done to my computer. I have not had one bit of good advice...just direction to apple run pay sites i for malware deletion that all dont work.

     

    This is real. so get real and dont fob me off with non sense.

  • babowa Level 7 Level 7 (27,385 points)

    You do not seem to really want help as you refuse to believe anyone.

     

    And, please read the ToU here available at the bottom of every page; personal attacks are discouraged.

  • Guru J Level 1 Level 1 (0 points)

    do you work for a consumer group, the commercial site you adviced me to go to, makes refernce to this type of trojen that switches off my anti virius. With respect have you read this commerical. it makes no reference to any trojen disabling your prtection and not allowing updates.

     

    This information is not current and not relevant. It is standard malware detection. Please read the bottomn of erevy page, peronell attackes to give incorrect advice are discouraged. please read my posting again and you will see that your advice is not relevant.

     

    All i want is someone to give me good advice . This trojen does not allow me access to logs and has password protected .pnp files so that kaseprsky cannot find the directory.

     

    with respect if you dont have anything that relates to my post please dont waste my time and  if you do i will consider that a perosnel attack on my human rights.

     

    best wishes

  • Guru J Level 1 Level 1 (0 points)

    sorry i meant to say...does not make refernce to this

  • Guru J Level 1 Level 1 (0 points)

    HEUR:Trojan.Script.Iframer. Characteristics ... “JS/Redirector” is a JavaScript Trojanthat redirects the browser to a malicious website. .... CD; Kaspersky - Trojan-Downloader.JS.

    , Trojan.Script.Iframer, 58 279 262, 3.65% ... JS.Iframe.cxk, 1 376 898, 0.09%. 14, Trojan-Downloader.JS.Iframe.cyq, 1 079 163, 0.07%.

     

     

    This trojen is not PC specific. Sorry to give you these facts -´ are you still to advice this is not  a mac issue.

     

    ay 4, 2014 - L Trojan virus is a seriously corruptive virus within any sort of operating system including Mac OS, has ability to make the victimized ... refers to the so-called potentially unwanted programs ( driver-by download). .... to Remove the Adware Completely How to Remove JS:Downloader-ZY [Trj], Latest Manual Removal Guide ».

  • Guru J Level 1 Level 1 (0 points)

    IThis is exactly whats happening

     

    Brief Definition


    Trojan:js/medfos.B is classified as Trojan horse. Such type of Trojan attacks the vulnerability within JavaScript. Combined with uniform resource identifier (URI) method to perform search-redirection payload, Trojan:js/medfos.B manages to steal some confidential information such as accounts and log-in credentials.


    Once being attacked by Trojan:js/medfos.b, one might run into the following troubles:

    1. CPU/ internal resource is consumed considerably most of the time.
    2. BSoD, freezes and browser crash might occur occasionally.
    3. Additional items such as web applications or Trojan horse will be detected before long.
    4. Installed anti-virus programs might be disabled to the extent not to ward off infections effectively.
    5. Some background running processes are affected to wantonly breed.



    How Trojan:js/medfos.B spreads?


    From the most Trojan:js/medfos.B affection cases, it has been learned that people found the Trojan horse was detected after some pop-up ads or browser hijacking/redirecting. As what has been made clear that Trojan:js/medfos.B attacks JavaScript which is commonly used as part of web browsers, it spreads itself online.

Previous 1 2 Next