It sounds like Zugo /StartNow is malware which surreptitiously connects to various shady URLs.
I would sign up at the techguy.org forum (the first link in this post) and post what you posted here and then let them guide you. They’ll have you run various types of scans and post the results. They are good at this kind of thing and seem to understand the Zugo / Startnow thing.
Or, more realistically, try Ubuntu Linux instead. That’s what current Mac software is based on anyway, and you’re better off using the real thing for free. Also allows you to look down on hapless Windows users and smug Mac users.
I want to thank everyone who is helping with both the keylogger and the financial hack. I went to the bank today and got everything straightened out. I got a brand new shiny bank account that I’m going to guard with my life! Also, paypal closes in the morning when the transfer is 100% done. They reversed the overdrafts too!
So far I got two more clean malware byte scans so I’m hoping the last time it found malware that “fix” fixed the problem. I will be signing up with that forum either way though in case it picks up Zugo get in the next couple of hours/days/weeks.
Not really. Mac OS is based on BSD unix. Ubuntu is based on linux. You could say that both are based on earlier versions of unix or unix-like operating systems, but one is not based on the other.
I am really sorry that such a horrible story happened to you, and I hope that you managed to get all your money back. Similar thing happened to a friend of mine, but he lost less money. Got everything back, still it was enough for him to stop downloading stuff randomly from the Internet.
About the keylogger - I hope you managed to find which one that was. If you did - please let us know, so we can spread the word.
I can say for sure that it was not StartNow, as I accidentally downloaded it a month ago or so, and I did research about it before closing that chapter. As scary as it looks, it is a simple search toolbar that changes the home page and the search engine.Recently it’s not being identified as a threat at all - in the worst case it’s called “unwanted program”.
If you still haven’t done that - you definitely wipe clean and re-install your computer, then reset ALL your passwords AND make sure that the email address in each accounts’ settings is yours.