You installed the "iWorm" trojan. The following procedure may leave a few small files behind, but it will permanently deactivate the trojan, as long as you never reinstall it.
"iWorm" is known to be distributed via BitTorrent in the form of a pirated Adobe product. If you've ever downloaded any software from a torrent, delete it. I suggest you delete the torrent client as well, to avoid making the same mistake again. If you know of any other way in which you might have been infected, please give details. That information may help others.
While "iWorm" was present, your computer may have been under the remote control of criminals. Change all Internet passwords and check all financial accounts for unauthorized transactions. Do this after the system has been secured, not before.
Others may tell you that you should erase the startup volume, reinstall OS X, and restore only user data from a backup in order to be sure that you're rid of the malware. All other software would then have to be reinstalled from fresh downloads or original media. You can do that if you wish, but I've seen no evidence that it's necessary. If you choose that option, you can skip the rest of this comment. Ask for guidance if you need it.
Malware is always changing to get around the defenses against it. These instructions are valid as of now, as far as I know. They won't necessarily be valid in the future. Anyone finding this comment a few days or more after it was posted should look for more recent discussions or start a new one.
Back up all data before proceeding. If you have more than one user account, you must be logged in as an administrator.
Step 1
Triple-click anywhere in the line below on this page to select it:
/Library/LaunchDaemons/com.JavaW.plist
Right-click or control-click the line and select
Services ▹ Reveal in Finder (or just Reveal)
from the contextual menu.* A folder should open with an item named "com.JavaW.plist" selected. Drag the selected item to the Trash. You may be prompted for your administrator login password.
Restart the computer and empty the Trash. Then delete the following item in the same way:
/Library/Application Support/JavaW
*If you don't see the contextual menu item, copy the selected text to the Clipboard by pressing the key combination command-C. In the Finder, select
Go ▹ Go to Folder...
from the menu bar and paste into the box that opens by pressing command-V. You won't see what you pasted because a line break is included. Press return.
Step 2
The trojan hacks the system to block software updates from Apple. The file modified is /etc/hosts.
The easiest way to fix the hosts file is to restore it from a backup that predates the modification, or to copy the unmodified file from another Mac. If you can't do that, then do as below.
Triple-click anywhere in the line below on this page to select it:
open -e /etc/hosts
Copy the selected text to the Clipboard by pressing the key combination command-C.
Paste into a Terminal window by pressing command-V. A TextEdit window should open. At the top of the window, you should see this:
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
fe80::1%lo0 localhost
Below that, you may see some other lines. The first 10 lines should be exactly as above, apart from differences in the blank space within lines. Otherwise you can't use this procedure—STOP and ask for guidance.
If the contents of the TextEdit window are as described, close it, then enter the following command in the Terminal window in the same way as before (by copy and paste):
sudo sed -i~ '11,$d' /etc/hosts
You may be prompted for your login password, which won't be displayed when you type it. Type carefully and then press return. If you don’t have a login password, you’ll need to set one before you can run the command. You may get a one-time warning to be careful. Confirm. Quit Terminal.
If you see a message that your username "is not in the sudoers file," then you're not logged in as an administrator. Log in as one and start over.
That will fix the hosts file. There is now a copy of the old hosts file with the name "hosts~" in the same folder as "hosts". You can delete the copy if you wish. Don't delete the file named "hosts".