Hi Folks-
So after a night of searching the web and reading just about everything out there I’ve decided no one seems to take this problem I am having seriously, but it is something real and I think I’ve got a start to finding it but need some good help. Please note I’m going to post this same message to 3 or 4 forums around the web. I am hoping by the time I am done getting help to come back to any of these threads and update them all so any legit solution can be found for future folks.
Here’s the problem in a nutshell-
At some point on 1-Sep-14 I got a virus or malware program that has hidden itself well within my Mac Book pro. I’ve used used 2 different virus programs (Sophos [business edition] and ClamXav) to scan my computer 4 times. Nothing was ever found. What this awful code does is write to your hard drive until it fills up. And once you delete anything it does it again. But it is very quick- It can fill 2 GB in under 1 min. One at least useful thing is that if you are NOT connected to the internet it does not work.
What I have figured out was by using an app called GrandPerspective you can visualize your entire hard drive. It lets you see how big and how many files you have- more importantly it also tells you what files each block is and where it is located. I have linked out to this pic…
https://www.dropbox.com/s/b33d77vhm7wfk5y/Affected%20file.jpg?dl=0
So basically in this pic for my hard drive you see the giant file in the middle- that is a video of my kid playing on a playground. The problem is the original version of that file is just 122mb, that giant one is 128GB!! And if you look more at that pic you will also see a bunch of greenish blocks in the bottom left. Those are “online backups/gmail” except I don’t back-up gmail and they range from 2 gb to 17 gb which the latter is larger than my gmail account . [I am also having trouble finding these files as they are hidden, but I can ask for help later on that]
So obviously this code takes potentially legit files and hijacks them.
What I need to figure out is how to find this code, isolate it and get help to potentially protect from getting it again.
As for how I got it, I believe it is from visiting a page to download a font that I have never been to before – as that was my only new thing I did yesterday.
So any help would be great. I won’t be here quickly again today as I am very busy and because I can’t access the internet easily since I have to borrow computers for now. But I promise to check back soon.
Cheers
So after a night of searching the web and reading just about everything out there I’ve decided no one seems to take this problem I am having seriously, but it is something real and I think I’ve got a start to finding it but need some good help. Please note I’m going to post this same message to 3 or 4 forums around the web. I am hoping by the time I am done getting help to come back to any of these threads and update them all so any legit solution can be found for future folks.
Here’s the problem in a nutshell-
At some point on 1-Sep-14 I got a virus or malware program that has hidden itself well within my Mac Book pro. I’ve used used 2 different virus programs (Sophos [business edition] and ClamXav) to scan my computer 4 times. Nothing was ever found. What this awful code does is write to your hard drive until it fills up. And once you delete anything it does it again. But it is very quick- It can fill 2 GB in under 1 min. One at least useful thing is that if you are NOT connected to the internet it does not work.
What I have figured out was by using an app called GrandPerspective you can visualize your entire hard drive. It lets you see how big and how many files you have- more importantly it also tells you what files each block is and where it is located. I have linked out to this pic…
https://www.dropbox.com/s/b33d77vhm7wfk5y/Affected%20file.jpg?dl=0
So basically in this pic for my hard drive you see the giant file in the middle- that is a video of my kid playing on a playground. The problem is the original version of that file is just 122mb, that giant one is 128GB!! And if you look more at that pic you will also see a bunch of greenish blocks in the bottom left. Those are “online backups/gmail” except I don’t back-up gmail and they range from 2 gb to 17 gb which the latter is larger than my gmail account . [I am also having trouble finding these files as they are hidden, but I can ask for help later on that]
So obviously this code takes potentially legit files and hijacks them.
What I need to figure out is how to find this code, isolate it and get help to potentially protect from getting it again.
As for how I got it, I believe it is from visiting a page to download a font that I have never been to before – as that was my only new thing I did yesterday.
So any help would be great. I won’t be here quickly again today as I am very busy and because I can’t access the internet easily since I have to borrow computers for now. But I promise to check back soon.
Cheers
