01-20-2011, 02:39 PM

I had some suspicious goings on with a credit card so I purchased Norton Antivirus for my MacBook. I ran it and it came up with a "virus" that was listed as:

crtdcghcn.jar-5649a13-2eccb316.zip

and there was also an indication that it was a downloader that was infected.

I used the Norton program to "quarrantine" the file. Do I need to do anything else to protect my comptuer? I've had this laptop for over 4 years and nothing ever bad has happened before. I'm not very techy so any help would be appreciated. Thanks!

01-20-2011, 02:49 PM

Norton usually takes care of the issue so you don't have to worry about it. Quarantine is like a " virus vault". The files can't do any additional harm once in that area. If you really just want it off your system you can follow the file path and just delete that file.

01-20-2011, 03:02 PM

There are no actual "viruses" for Macs. Norton can only scan for Windows viruses, so if it did indeed find one, it is a Window one and can do your Mac absolutely no harm.
Norton isn't going to do you a lick of good if you are concerned about security for your Mac.
Suspicious credit card activity is almost always an issue with your credit card account and not your computer (Mac, Windows, Linux, Ubuntu, whatever). I'd be more worried about replacing my credit card and creating a more secure online user name and password (if that applies to that card).

If you are curious about what trojan or malware may be infecting your Mac, look into ClamXAV. It will tell you if there is any true threat to your Mac.

01-20-2011, 03:34 PM

Also, let's not forget that a "virus" is not a "trojan". It is entirely possible for an OS X user to not practice safe browsing or computing habits, and allow themselves to download a trojan, which in turn can enable access to some private information should it get that far. The difference between an virus, worm and trojan is in how they propagate (or don't in the case of a trojan).

So let's not dismiss the validity that the OP could have in fact downloaded and run a trojan. It's not out of the realm of possibilities.

Here's some very basic but good info on each of these things:

Quote:

The Trojan Horse, at first glance will appear to be useful software, but will actually do damage once installed or run on your computer. Those on the receiving end of a Trojan Horse are usually tricked into opening them because they appear to be receiving legitimate software or files from a legitimate source. When a Trojan is activated on your computer, the results can vary. Some Trojans are designed to be more annoying than malicious (like changing your desktop adding silly active desktop icons) or they can cause serious damage by deleting files and destroying information on your system. Trojans are also known to create a backdoor on your computer that gives malicious users access to your system, possibly allowing confidential or personal information to be compromised. Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate.

Virus:

Quote:

A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels. Like a human virus, a computer virus can range in severity: some may cause only mildly annoying effects while others can damage your hardware, software or files.

Almost all viruses are attached to an executable file, which means the virus may exist on your computer but it actually cannot infect your computer unless you run or open the malicious program. It is important to note that a virus cannot be spread without a human action, (such as running an infected program) to keep it going.
People continue the spread of a computer virus, mostly unknowingly, by sharing infecting files or sending emails with viruses as attachments in the e-mail.

Then there are worms and blended attacks. Above quoted from this source:


The Difference Between a Virus, Worm and Trojan Horse - Webopedia.com

Doug

01-20-2011, 03:46 PM

Get rid of Nortons pronto as there are no Mac OS X viruses. It will bloat and slow your Mac.

You are paying for software that will slow and bloat your Mac and consider this. You go on paying annually to download virus definitions and all you get are Windows virus definitions as there are no Mac OS X viruses hence no definitions. Whilst this is now five years old nothing has changed as there are still no mac OS X biruses:-

http://reviews.cnet.com/8301-13727_7...l?tag=mfiredir

Safe browsing practices are the best defense.

01-20-2011, 03:50 PM

In looking up the java file above, it appears to have been a piece of a trojan called the DNS changer trojan. I had a customer a few years ago with this trojan. It routes all your DNS queries through a remote server rather than through your ISP - in the case I worked with, it was routing through a box in Kiev, Ukraine. There's a removal tool several places on the net - one is here.

01-20-2011, 04:14 PM

Quote:

Originally Posted by Doug b

So let's not dismiss the validity that the OP could have in fact downloaded and run a trojan. It's not out of the realm of possibilities.

Right, that's what I was getting at by my last paragraph.

Quote:

Originally Posted by MYmacROX

If you are curious about what trojan or malware may be infecting your Mac, look into ClamXAV. It will tell you if there is any true threat to your Mac.

Sorry if I wasn't clear enough about that point. I'm not debating something bad that might have been picked up by the OP.

01-20-2011, 05:07 PM

Oh, I knew that. All I said was in order to make sure that the OP knew that as well.

Doug

01-20-2011, 05:14 PM

Quote:

Originally Posted by Doug b

Oh, I knew that. All I said was in order to make sure that the OP knew that as well.

Doug

Yup, I know what ya meant.
I was clarifying for the sake of everyone else.

P.S. are you following me around on here today? j/k

01-20-2011, 06:54 PM

Coincidentally after reading this post my buddy sent me a pic of a scan that had something about a trojan downloader which is a windows virus that was on his mac. But what freaked me out was the next 4 lines that read "heuristics.phishing.email.spoofeddomain". This may be your classic phishing case if this OP is seeing interesting things going on with his/her account. Granted its probably 90% due to the credit card account. But if any sensitive information was sent through any correspondence in his email during his type of infection the third party would absolutely able to see any information during that time.