Hi guys, help much appreciated on this one sorry for long post.
I'm currently helping my friend with a problem he has had on his MacBook. The situation is this; he uses it for ALL of his work/coursework for Uni and had a load of saved files in some folders. He's asked me if I can have a look at it because all of his files have dissappeared, the internet "goes funny" and he thinks he has a virus.
He's in a complete state about this as thinks he is going to fail his course as has no backups - the usual situation when things go bad
Ok, so first thoughts from me were "shame I know nothing about macs but hopefully I'll pick it up" and "I thought the whole point in Macs were that nobody had exploited them yet with viri and/or spyware etc" or atleast that it was rare to pick anything up?
The thing that kicked all of this off about a week ago was that he clicked on one of those "there is spyware/virus on your computer, would you like to clean/disinfect now CLICK HERE". He went and clicked on the message and then folowed the instructions to "clean" his machine. Yep, so he basically infected it with spyware, but he said that when this was happening it was saying it was for Windows XP, so I'm not sure what has happened here. Basically he now has some sort of spyware/virus on the machine.
I had a look at the mac and I cannot see these supposed files anywhere, and it really does look like they are gone for good. I noticed that the built in mac scan said there were some viruses, but have been cleaned. The machine behaves fairly normally in terms of performance and use, apart from when you get to Internet Exporer. Quite often during navigation to a site, you will not end up at the site you wanted to go to and will be redirected to some movie trailer site, an ebay ad about macs, some random IP will flahs up in the url on a redirect. Its basically a typical looking spyware/malware situation but on a mac.
Now.....with windows XP I would be looking in msconfig for things that run at bootup, add/remove programs for removing said program, running spybot search and destroy, virus check etc. What is the best way of looking at this problem on a mac?
Currently as a matter or urgency and priority I have removed the hard disk drive from the Mac and I have hooked it up to my XP machine using MacDrive so I can view the file system on the disk. I am now running "getdataback" utility to scan and try to salvage any recently deleted files. What kind of a virus/spyware would remove a load of files under the users profile? These were just folders on the users desktop that had a load of stuff in. Is it possible all this occured when he was wirelessly connected to an internet and someone hacked because of this spyware that he installed?
Any advice with this would be much appreciated. It's a MacBook white mac...errr.....can't say much else about it. Bougth about a year ago.
Cheers
I'm currently helping my friend with a problem he has had on his MacBook. The situation is this; he uses it for ALL of his work/coursework for Uni and had a load of saved files in some folders. He's asked me if I can have a look at it because all of his files have dissappeared, the internet "goes funny" and he thinks he has a virus.
He's in a complete state about this as thinks he is going to fail his course as has no backups - the usual situation when things go bad
Ok, so first thoughts from me were "shame I know nothing about macs but hopefully I'll pick it up" and "I thought the whole point in Macs were that nobody had exploited them yet with viri and/or spyware etc" or atleast that it was rare to pick anything up?
The thing that kicked all of this off about a week ago was that he clicked on one of those "there is spyware/virus on your computer, would you like to clean/disinfect now CLICK HERE". He went and clicked on the message and then folowed the instructions to "clean" his machine. Yep, so he basically infected it with spyware, but he said that when this was happening it was saying it was for Windows XP, so I'm not sure what has happened here. Basically he now has some sort of spyware/virus on the machine.
I had a look at the mac and I cannot see these supposed files anywhere, and it really does look like they are gone for good. I noticed that the built in mac scan said there were some viruses, but have been cleaned. The machine behaves fairly normally in terms of performance and use, apart from when you get to Internet Exporer. Quite often during navigation to a site, you will not end up at the site you wanted to go to and will be redirected to some movie trailer site, an ebay ad about macs, some random IP will flahs up in the url on a redirect. Its basically a typical looking spyware/malware situation but on a mac.
Now.....with windows XP I would be looking in msconfig for things that run at bootup, add/remove programs for removing said program, running spybot search and destroy, virus check etc. What is the best way of looking at this problem on a mac?
Currently as a matter or urgency and priority I have removed the hard disk drive from the Mac and I have hooked it up to my XP machine using MacDrive so I can view the file system on the disk. I am now running "getdataback" utility to scan and try to salvage any recently deleted files. What kind of a virus/spyware would remove a load of files under the users profile? These were just folders on the users desktop that had a load of stuff in. Is it possible all this occured when he was wirelessly connected to an internet and someone hacked because of this spyware that he installed?
Any advice with this would be much appreciated. It's a MacBook white mac...errr.....can't say much else about it. Bougth about a year ago.
Cheers
and all of those are in a massive long list of which half dont even open. Majority are OS files.