I downloaded a Viruses from FTP!

MacLover2011 · Jan 13, 2018

I was downloading my client's WordPress from the FTP CyberDuck tool. As I was downloading it the app Bitdefender which subscription is about to run out in a few days detected TWO viruses!!! See the screenshots below. I deleted all the FTP files. Then I somehow found the quarantined folder and clicked delete.

Why before I clicked delete in the quarantined folder did Bitdefender's quick scan not detect a virus?

In addition, why do I have something called desktop-rasor on my computer? Is this from the virus or is it from when Adobe came on my computer to fix a problem?

Excuse my ignorance on this subject. I have some studying to do on the subject.

MacLover2011 · Jan 13, 2018

Like I said, I don't know what this is from.

chscag · Jan 13, 2018

Both viruses are of the Windows variety. But it's good that BitDefender warned you so that you won't pass any infections on to your Windows clients. Neither of those viruses can harm your Mac.

pm-r · Jan 13, 2018

As for your "virus" you received, do a web search on their names, i.e. for "backdoor":

https://www.google.ca/search?client...-8&gfe_rd=cr&dcr=0&ei=zKpaWsLaNsbe8Aenw5DIBg:

Do the same for "cryxos" etc and lean about them

Then head off and download MALWAREBYTES FOR MAC.app and run it.
https://www.malwarebytes.com/mac/

The "shares" desktop name is no doubt the share you got your "free virus gifts" from with your recent FTP file sharing episode. And maybe even still connected as well!!

You really do need to do some reading if you're going to do such stuff with your Mac. Seriously!!

- Patrick
======

MacLover2011 · Jan 13, 2018

pm-r said:
As for your "virus" you received, do a web search on their names, i.e. for "backdoor":

https://www.google.ca/search?client...-8&gfe_rd=cr&dcr=0&ei=zKpaWsLaNsbe8Aenw5DIBg:

Do the same for "cryxos" etc and lean about them

Then head off and download MALWAREBYTES FOR MAC.app and run it.
https://www.malwarebytes.com/mac/

The "shares" desktop name is no doubt the share you got your "free virus gifts" from with your recent FTP file sharing episode. And maybe even still connected as well!!

You really do need to do some reading if you're going to do such stuff with your Mac. Seriously!!

- Patrick
======

Oh gosh thanks! I did run my malware and bitfinder again and it found nothing.

How can I get rid of the shared desktop thing? What should I do?

MacLover2011 · Jan 13, 2018

It says it's connected as.... I do my banking from this computer... what should I do to get rid of it?!

When I went to System's Preference and to sharing this popped up.

pm-r · Jan 13, 2018

what should I do to get rid of it?!

Do the firsr standard computer fix — SHUTDOWN.

Then boot up.

- Patrick
======

MacLover2011 · Jan 13, 2018

pm-r said:
Do the firsr standard computer fix — SHUTDOWN.

Then boot up.

- Patrick
======

Okay... and then..

MacLover2011 · Jan 13, 2018

pm-r said:
Do the firsr standard computer fix — SHUTDOWN.

Then boot up.

- Patrick
======

Awesome! I shut down my computer just like you said. After I did a boot up that Desktop file was gone!

What happened?
This forum IS THE BEST!!!

MacLover2011 · Jan 13, 2018

pm-r said:
Do the firsr standard computer fix — SHUTDOWN.

Then boot up.

- Patrick
======

Oh no it's back! That desktop thing is back!

pm-r · Jan 13, 2018

Oh no it's back! That desktop thing is back!

What software or app are you using for your FTP stuff??

Try quitting it and also make sure it not part of you startup login apps. System Prefs > Users > username > login items.

Restart if needed.

- Patrick
======

MacLover2011 · Jan 14, 2018

pm-r said:
What software or app are you using for your FTP stuff??

Try quitting it and also make sure it not part of you startup login apps. System Prefs > Users > username > login items.

Restart if needed.

- Patrick
======

It's gone again.... hmmm I wonder why.

I am using a paid for version of CyberDuck. I will never use FileZilla again because I don't trust the company not to contaminate my computer with malware. Cyberduck seemed like the safer option.

I did as you said and went to System Prefs > Users > username > login items, but did not see any reference to the desktop issue. I did recently purchase several non Apple products made for the Apple via the App store.

toMACsh · Jan 14, 2018

MacLover2011 said:
This forum IS THE BEST!!!

Are you aware that the owners are shutting this forum down?
Look under News and Community Announcements for more info.
Mac Forums is being reorganized at a new location.

pm-r · Jan 14, 2018

It's gone again.... hmmm I wonder why.

Maybe a FTP file sharing guru will add something to answer your questions here as I don't do much, but I would guess that your FTP CyberDuck tool has taken over your file sharing as your OS X Sharing Pref Pane has all sharing disabled so there should be some way to disable any sharing in the FTP CyberDuck tool.

Maybe do a web search like 'mac disable FTP CyberDuck tool', or whatever FTP stuff you're using, i.e.:
https://www.google.ca/search?client...F-8&gfe_rd=cr&dcr=0&ei=2ppbWqu3FI_t8wfh44TgDQ

And that Desktop icon is no doubt your client's PC that your were doing the FTPing with.

I hope this makes sense and hope you survived the super-cold session and horrible weather that hit your area.

BTW: As a courtesy, you might like to let your client know that they are infected and can sure spread it to any Windows users that it really will affect.

Also, take note of what toMACsh said above in case this site suddenly goes dead and we get cutoff!!!

Good luck.

- Patrick
======

MacLover2011 · Jan 14, 2018

Good news! Turns out the file was on my Mac because someone who is staying in my house was accessing my WIFI with his Windows computer. lol

Slydude · Jan 14, 2018

I should have thought of that. Glad you got it sorted.

lclev · Jan 14, 2018

Well now I am confused. How can a Windows computer on your WiFi put viruses on your mac? Unless you were connected to that Windows computer and were sharing files between it and your Mac I don't see how the viruses got on your mac. Was the owner of the Windows doing a remote connect to your mac?

Lisa

pm-r · Jan 14, 2018

MacLover2011 said:
Good news! Turns out the file was on my Mac because someone who is staying in my house was accessing my WIFI with his Windows computer. lol

Hmmm…??? Maybe.

But like Lisa, I'm not 100% sure as to what's actually going on with your Mac and any "shares"
.

- Patrick
======

Slydude · Jan 15, 2018

That looks like the kind of generic icon for a Windows box that has been on your network at some point in time. I have gotten something similar before IIRC.

I bet that if you got in touch with the person in question his computer has a sort of generic name that matches what you are seeing.

lclev · Jan 15, 2018

But if there was a connection between the two computers it would have had to be permitted by a person on the mac. But if the situation is resolved and all malware scans are clear then all is good!

Lisa

I downloaded a Viruses from FTP!

MacLover2011

MacLover2011

chscag

Well-known member

pm-r

MacLover2011

MacLover2011

pm-r

MacLover2011

MacLover2011

MacLover2011

pm-r

MacLover2011

toMACsh

pm-r

MacLover2011

Slydude

Well-known member

lclev

pm-r

Slydude

Well-known member

lclev

Shop Amazon