HT5244 What does Flashback malware do once it is installed on my machine?

Hi, Just read HT5244 About Flashback malware, and I still don't know what it does once it installs on my machine.  Anone know?
Thanks.
You can call me Ray

Hi Ray,
Since it allows potentially malicious Java code to run on your computer, the possibilities are many. The most serious concern is a suspicion (though unverified) that Flashback and its variants could mine confidential information from your computer and upload it to whomever is collecting the data for whatever purpose it intends. A somewhat lesser but still significant concern is that it could simply cause random crashes, slowdowns, data loss and other annoyances.
To alleviate the first concern there is a tool called Little Snitch that alerts you to any outgoing network requests. It requires some knowledge of what requests are legitimate and what are suspicious, but allows you to block requests that you believe are malicious attempts to steal your information, or simple invasions of your computing privacy. It has been established that - in an attempt to conceal its existence - the malware you reference will not install itself on a computer running Little Snitch as well as a number of other third party utilities.
Little Snitch is not for everyone. If you were to use it to block all outgoing network requests, for instance, many normal and required functions would fail.

Similar Messages

  • HT5244 How does Flashback Malware get into a Mac?

    How does Flashback Malware get into a Mac?

    The ‘Flashback Trojan’:
    A version of an existing Trojan Horse posing as a legitimate Flash Player installer (named “Flashback.A” by a security firm) is designed to disable updates to the default Mac OS X anti-malware protection system, potentially leaving the system open to the manual installation of other malware without any system warnings. The most recent versions bypass any user action and automatically installs itself after an affected website is visited.
    http://www.appleinsider.com/articles/11/10/19/fake_adobe_flash_malware_seeks_to_ disable_mac_os_x_anti_malware_protection.html
    (Adobe is aware of malware posing as its Flash Player and warns users to ignore any updates that didn't originate on its own servers. "Do not download Flash Player from a site other than adobe.com," said David Lenoe, Adobe's product security program manager, in an entry on Adobe Product Security Incident Response Team's PSIRT blog. "This goes for any piece of software (Reader, Windows Media Player, QuickTime, etc). If you get a notice to update, it's not a bad idea to go directly to the site of the software vendor and download the update directly from the source. If the download is from an unfamiliar URL or an IP address, you should be suspicious.")
    Flashback Trojan - Prevention of infection:
    In order to prevent a potential infection with “Flashback” Trojans, Mac users should always obtain their copy of Adobe Flash Player directly from Adobe’s official website and to disable the "Open 'safe' files after downloading" option in Safari Preferences/General to avoid automatically running files downloaded from the Internet. Also, do not turn on Java in Safari Preferences/Security. Few websites use Java. Javascript is something entirely different and should be left active.
    The Flashback Trojan does not affect PPC (non-Intel) Macs, nor has it been noted to affect users running Tiger OS 10.4.11 or Leopard OS 10.5.8.
    Last, but by no means least, using Open DNS is the simplest way of preventing infection in the first place. Open DNS also protects against phishing attacks, re-directs, speeds up your internet connection, and works for all users of OS X from Tiger upwards:
    http://blog.opendns.com/2012/04/09/worried-about-mac-malware-just-set-up-opendns /
    How to get it:
    https://store.opendns.com/get/home-free
    Flashback Trojan - Detection and Removal
    Users with Intel Macs running Snow Leopard OS 10.6 or Lion OS 10.7 should ensure that they have downloaded all the recent Java updates from Apple, which are designed to prevent infection and also remove any infection already present.
    New Macs running Lion do not have either Flash Player nor Java installed. If you running Lion and have not already downloaded and installed Java, you should download the ‘Flashback malware removal tool’ from Apple:  http://support.apple.com/kb/HT5246  (356KB) which includes the same code as the Java update that plugged a security hole which allowed the malware to automatically install itself without admin authorization.
    You can also use this to check whether you have been infected (for Intel Macs only) and remove it if required:
    http://www.macupdate.com/app/mac/42571/anti-flashback-trojan
    Flashback Trojan - Detection, and how to remove (with caution) if you are running other browsers than Safari:
    http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml

  • What does mind:' Start up diskMac OS X Install ESD'? when before was Macintosh HD

    What does mind:' Start up diskMac OS X Install ESD'? when before was Macintosh HD

    Well, I was all ready to use SuperDuper to copy all files back to Macintosh HD but then I thought I should check once more because I *think* I remember reading somewhere that not all the system files are copied when doing a SuperDuper backup.  As I had already erased and reformatted Macintosh HD there are no system files on it at all. 
    Perhaps I'm now doing this the wrong way but I read that I should 'Restore' using Disk Utility.  Of course, you can't restore from the boot (i.e. SuperDuper) drive so you have to boot to the Recovery HD.  So, I restarted the computer holding down the command + R keys and, instead of seeing the OS X Recovery Utility menu that I expected to find,  I finally (after 15 minutes) was delivered to Internet Recovery which offered to either restore from a Time Machine backup or I could install a brand new version of LION (which is what the iMac shipped with in mid-2011, just before Mountain Lion was released :-(  I'm assuming that when I erased Macintosh HD the Recovery HD was erased too, otherwise I wouldn't have been taken to Internet Recovery?
    As I live in the countryside in Italy and rely on wireless internet access which isn't exactly speedy, I opted to restore from yesterday's Time Machine backup.  At the moment it's restored 14.7% of the Time Machine backup and says it will take another hour and six minutes to complete.
    I have my fingers crossed that I will have Macintosh HD in the same state as it was 24 hours ago.  There was no work done on the iMac yesterday so it will be up to date.
    In the meantime, I agree that the internal drive sounds like its days are numbered.  The iMac has had very little use over the past 3 ½ years but I guess that the life expectancy of hard drives is getting shorter all the time ....
    Cheers
    Tricia

  • HT5676 my macpro (10.6.8) refused to install wireless printer (canon pixma MG4260). Whenever i tried to install, it keeps saying 'internal error number 12'. Please help!! and what does internal error got to do with installing a printer?

    my macbook pro (10.6.8) refused to install wireless printer (canon pixma MG4260). Whenever i tried to install, it keeps saying 'internal error number 12'. Please help me!! and what does internal error got to do with installing a printer?

    my macbook pro (10.6.8) refused to install wireless printer (canon pixma MG4260). Whenever i tried to install, it keeps saying 'internal error number 12'. Please help me!! and what does internal error got to do with installing a printer?

  • What does Error 1321 mean when trying to install Reader?

    What does Error 1321 mean when trying to install Reader?

    Hi ReadyToGo3 and welcome to the Adobe Reader Forums.
    Please note you're not providing us with minimun info as to be able to assist you properly:
    - What OS and version / What Browser and version,
    - What Adobe Reader version / Is it a new install or an update you're being prompted to install
    - A brief description of your problem (How & When), the exact error message you are receiving and steps already taken to try to resolve the issue.
    Having said that, please note that error 1321 can occur for several reasons but mainly due to the installer not able to write a file due to a permissions issue or system error(s). To resolve the issue you may try to update the privileges on the parent folder of the file or source listed in the error message.
    You may try helping yourself from here:
    http://helpx.adobe.com/acrobat/kb/update-errors-acrobat-reader-windows.html#main_Update_er rors
    Or alternatively:
    http://helpx.adobe.com/acrobat/kb/quick-fix-install-download-reader.html#main__More_soluti ons
    Lets us know how it goes. Good Luck!

  • HT5246 what is flashback malware and what does it do?

    Seeing allot of things about how to get rid of it but nothing about what it is.

    Helpful Links Regarding Flashback Trojan
    A link to a great User Tip about the trojan: Flashback Trojan User Tip
    A related link in the tip to a checker: Malware Checker Dowload Link
    Another excellent reference on malware: Mac Malware Guide
    A Google search can reveal a variety of alternatives on how the remove the trojan should your computer get infected. This can get you started.
    Checking for and removing the "Flashback" trojan
    Kaspersky Flashback Trojan Site:Flashback Trojan Detection and Removal
    F-Secure Tool: Flashback Removal Tool
    Also see Apple's article About Flashback malware.

  • What does this log mean? Fresh os install still can only safe boot

    *My head is about to explode.*
    *Last night, I pulled my old hard drive. put in new one and did fresh install.*
    *Ever confident that this would magically fix my computer.*
    *I can still only boot in safe mode.*
    *I ran AHT. everything passed. I have reseted every thing and reset logic board. yes only one push of the magic button*
    *below is a system log from before I put in new drive.*
    *however, after new drive and fresh install and still can't boot I check sytem log and still get same message:*
    *Cannot use ATS Persistent Store - switching to old FODB cache code*
    *Is this my underlying problem?*
    *What does it mean?*
    *When I try to boot up normally, I get to grey screen , spinning wheel, then wheel turns pixelly and fuzzy with random colors juist where the wheel is and the grey screen with apple logo fuzzy then black.*
    *Any words of wisdom will save my sanity.*
    Feb 11 16:10:32 sherrydesktop shutdown: reboot by louislevy:
    Feb 11 16:10:32 sherrydesktop SystemStarter748: authentication service (757) did not complete successfully
    Feb 11 16:10:33 sherrydesktop SystemStarter748: The following StartupItems failed to properly start:
    Feb 11 16:10:33 sherrydesktop SystemStarter748: /System/Library/StartupItems/AuthServer
    Feb 11 16:10:33 sherrydesktop SystemStarter748: - execution of Startup script failed
    Feb 11 16:14:42 localhost kernel[0]: standard timeslicing quantum is 10000 us
    Feb 11 16:14:41 localhost memberd72: memberd starting up
    Feb 11 16:14:43 localhost kernel[0]: vmpagebootstrap: 1141505 free pages
    Feb 11 16:14:41 localhost mDNSResponder-108.6 (Jul 19 2007 11: 33:32)65: starting
    Feb 11 16:14:43 localhost kernel[0]: migtable_maxdispl = 70
    Feb 11 16:14:42 localhost lookupd76: lookupd (version 369.5) starting - Mon Feb 11 16:14:42 2008
    Feb 11 16:14:43 localhost kernel[0]: Copyright (c) 1982, 1986, 1989, 1991, 1993
    Feb 11 16:14:43 localhost kernel[0]: The Regents of the University of California. All rights reserved.
    Feb 11 16:14:43 localhost kernel[0]: using 8192 buffer headers and 4096 cluster IO buffer headers
    Feb 11 16:14:43 localhost kernel[0]: DART enabled
    Feb 11 16:14:43 localhost kernel[0]: FireWire (OHCI) Apple ID 42 built-in now active, GUID 001124ff fe382290; max speed s800.
    Feb 11 16:14:43 localhost kernel[0]: Security auditing service present
    Feb 11 16:14:43 localhost kernel[0]: BSM auditing present
    Feb 11 16:14:43 localhost kernel[0]: disabled
    Feb 11 16:14:43 localhost kernel[0]: rooting via boot-uuid from /chosen: 334016DB-E0CA-3E86-8A4D-47576141AB26
    Feb 11 16:14:43 localhost kernel[0]: Waiting on <dict ID="0"><key>IOProviderClass</key><string ID="1">IOResources</string><key>IOResourceMatch</key><string ID="2">boot-uuid-media</string></dict>
    Feb 11 16:14:43 localhost kernel[0]: Got boot device = IOService:/MacRISC4PE/ht@0,f2000000/AppleMacRiscHT/pci@7/IOPCI2PCIBridge/k2-sat a-root@C/AppleK2SATARoot/k2-sata@0/AppleK2SATA/ATADeviceNub@0/IOATABlockStorageD river/IOATABlockStorageDevice/IOBlockStorageDriver/WDC WD2500JD-41HBC0 Media/IOApplePartitionScheme/Untitled@3
    Feb 11 16:14:43 localhost kernel[0]: BSD root: disk0s3, major 14, minor 2
    Feb 11 16:14:43 localhost kernel[0]: Jettisoning kernel linker.
    Feb 11 16:14:43 localhost kernel[0]: Resetting IOCatalogue.
    Feb 11 16:14:43 localhost kernel[0]: Matching service count = 0
    Feb 11 16:14:43 localhost kernel[0]: Matching service count = 6
    Feb 11 16:14:43 localhost kernel[0]: Matching service count = 6
    Feb 11 16:14:43 localhost kernel[0]: Matching service count = 6
    Feb 11 16:14:43 localhost kernel[0]: Matching service count = 6
    Feb 11 16:14:43 localhost kernel[0]: Matching service count = 6
    Feb 11 16:14:43 localhost kernel[0]: IOPlatformControl::registerDriver Control Driver AppleSlewClock did not supply target-value, using default
    Feb 11 16:14:43 localhost kernel[0]: IPv6 packet filtering initialized, default to accept, logging disabled
    Feb 11 16:14:44 localhost diskarbitrationd71: disk0s3 hfs 334016DB-E0CA-3E86-8A4D-47576141AB26 Macintosh HD desktop /
    Feb 11 16:14:44 localhost DirectoryService81: Launched version 2.1 (v353.6)
    Feb 11 16:14:45 localhost kernel[0]: UniNEnet: Ethernet address 00:11:24:38:22:90
    Feb 11 16:14:45 localhost launchd: Server 0 in bootstrap 1103 uid 0: "/usr/sbin/lookupd"76: exited abnormally: Hangup
    Feb 11 16:14:45 localhost lookupd90: lookupd (version 369.5) starting - Mon Feb 11 16:14:45 2008
    Feb 11 16:14:48 localhost mDNSResponder: Adding browse domain local.
    Feb 11 16:14:48 localhost kernel[0]: UniNEnet::monitorLinkStatus - Link is up at 1000 Mbps - Full Duplex
    Feb 11 16:14:48 localhost configd69: AppleTalk startup
    Feb 11 16:14:48 sherrydesktop configd69: setting hostname to "sherrydesktop.local"
    Feb 11 16:14:51 sherrydesktop kernel[0]: ATY,ChockStone_A: vram a0000000:10000000
    Feb 11 16:14:51 sherrydesktop kernel[0]: ATY,ChockStone_B: vram a0000000:10000000
    Feb 11 16:14:51 sherrydesktop configd69: executing /System/Library/SystemConfiguration/Kicker.bundle/Contents/Resources/enable-net work
    Feb 11 16:14:51 sherrydesktop configd69: posting notification com.apple.system.config.network_change
    Feb 11 16:14:51 sherrydesktop lookupd95: lookupd (version 369.5) starting - Mon Feb 11 16:14:51 2008
    Feb 11 16:14:53 sherrydesktop configd69: target=enable-network: disabled
    Feb 11 16:14:54 sherrydesktop configd69: AppleTalk startup complete
    Feb 11 16:20:47 localhost kernel[0]: standard timeslicing quantum is 10000 us
    Feb 11 16:20:44 localhost memberd57: memberd starting up
    Feb 11 16:20:47 localhost kernel[0]: vmpagebootstrap: 1138664 free pages
    Feb 11 16:20:44 localhost mDNSResponder-108.6 (Jul 19 2007 11: 33:32)50: starting
    Feb 11 16:20:47 localhost kernel[0]: migtable_maxdispl = 70
    Feb 11 16:20:46 localhost lookupd64: lookupd (version 369.5) starting - Mon Feb 11 16:20:46 2008
    Feb 11 16:20:47 localhost kernel[0]: Copyright (c) 1982, 1986, 1989, 1991, 1993
    Feb 11 16:20:47 localhost kernel[0]: The Regents of the University of California. All rights reserved.
    Feb 11 16:20:47 localhost kernel[0]: using 8192 buffer headers and 4096 cluster IO buffer headers
    Feb 11 16:20:47 localhost kernel[0]: DART enabled
    Feb 11 16:20:47 localhost kernel[0]: FireWire (OHCI) Apple ID 42 built-in now active, GUID 001124ff fe382290; max speed s800.
    Feb 11 16:20:47 localhost kernel[0]: Security auditing service present
    Feb 11 16:20:47 localhost kernel[0]: BSM auditing present
    Feb 11 16:20:47 localhost kernel[0]: disabled
    Feb 11 16:20:47 localhost kernel[0]: rooting via boot-uuid from /chosen: 334016DB-E0CA-3E86-8A4D-47576141AB26
    Feb 11 16:20:47 localhost kernel[0]: Waiting on <dict ID="0"><key>IOProviderClass</key><string ID="1">IOResources</string><key>IOResourceMatch</key><string ID="2">boot-uuid-media</string></dict>
    Feb 11 16:20:47 localhost kernel[0]: Got boot device = IOService:/MacRISC4PE/ht@0,f2000000/AppleMacRiscHT/pci@7/IOPCI2PCIBridge/k2-sat a-root@C/AppleK2SATARoot/k2-sata@0/AppleK2SATA/ATADeviceNub@0/IOATABlockStorageD river/IOATABlockStorageDevice/IOBlockStorageDriver/WDC WD2500JD-41HBC0 Media/IOApplePartitionScheme/Untitled@3
    Feb 11 16:20:47 localhost kernel[0]: BSD root: disk0s3, major 14, minor 2
    Feb 11 16:20:47 localhost kernel[0]: HFS: Removed 3 orphaned unlinked files
    Feb 11 16:20:47 localhost kernel[0]: Jettisoning kernel linker.
    Feb 11 16:20:47 localhost kernel[0]: Resetting IOCatalogue.
    Feb 11 16:20:47 localhost kernel[0]: Matching service count = 0
    Feb 11 16:20:47 localhost kernel[0]: IOPlatformControl::registerDriver Control Driver AppleSlewClock did not supply target-value, using default
    Feb 11 16:20:47 localhost kernel[0]: IPv6 packet filtering initialized, default to accept, logging disabled
    Feb 11 16:20:48 localhost diskarbitrationd56: disk0s3 hfs 334016DB-E0CA-3E86-8A4D-47576141AB26 Macintosh HD desktop /
    Feb 11 16:20:49 localhost DirectoryService65: Launched version 2.1 (v353.6)
    Feb 11 16:20:50 localhost kernel[0]: UniNEnet: Ethernet address 00:11:24:38:22:90
    Feb 11 16:20:52 localhost mDNSResponder: mDNSPlatformSendUDP sendto failed to send packet on InterfaceID 01808800 lo0/4 to 224.0.0.251:5353 skt 9 error -1 errno 65 (No route to host) 306010061
    Feb 11 16:20:52 localhost mDNSResponder: mDNSPlatformSendUDP sendto failed to send packet on InterfaceID 01808800 lo0/4 to 224.0.0.251:5353 skt 9 error -1 errno 65 (No route to host) 306010061
    Feb 11 16:20:53 localhost mDNSResponder: mDNSPlatformSendUDP sendto failed to send packet on InterfaceID 01808800 lo0/4 to 224.0.0.251:5353 skt 9 error -1 errno 65 (No route to host) 306010311
    Feb 11 16:20:53 localhost kernel[0]: UniNEnet::monitorLinkStatus - Link is up at 1000 Mbps - Full Duplex
    Feb 11 16:20:53 localhost configd54: AppleTalk startup
    Feb 11 16:20:53 sherrydesktop configd54: setting hostname to "sherrydesktop.local"
    Feb 11 16:20:55 sherrydesktop kernel[0]: ATY,ChockStone_A: vram a0000000:10000000
    Feb 11 16:20:55 sherrydesktop configd54: executing /System/Library/SystemConfiguration/Kicker.bundle/Contents/Resources/enable-net work
    Feb 11 16:20:55 sherrydesktop kernel[0]: ATY,ChockStone_B: vram a0000000:10000000
    Feb 11 16:20:55 sherrydesktop configd54: posting notification com.apple.system.config.network_change
    Feb 11 16:20:55 sherrydesktop lookupd75: lookupd (version 369.5) starting - Mon Feb 11 16:20:55 2008
    Feb 11 16:20:58 sherrydesktop mDNSResponder: Adding browse domain local.
    Feb 11 16:20:59 sherrydesktop /System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow: Login Window Application Started
    Feb 11 16:21:00 sherrydesktop configd54: AppleTalk startup complete
    Feb 11 16:21:00 sherrydesktop configd54: target=enable-network: disabled
    Feb 11 16:21:04 sherrydesktop loginwindow113: Login Window Started Security Agent
    Feb 11 16:21:17 sherrydesktop /System/Library/Frameworks/ApplicationServices.framework/Frameworks/ATS.framewo rk/Support/ATSServer: (-3230) Cannot use ATS Persistent Store - switching to old FODB cache code

    thank you thank you for taking an interest. this is so frustrating.
    i only have apple keyboard, mighty mouse, and 20 inch cinema display connected. this morning took out memory and tried to boot up with individual pairs in the first bank. first the (2)256, the (2) 1g, and then the other (2) 1g modules. everytime I get the weird fuzzy wheel under the logo after a while, black screen flashes, then grey apple logo fuzzy screen then black forever.
    I ran tiger updates this morn. still will only boot to safe mode. then tried to run leopard disk to install it
    will not boot from leopard disk.
    tried safe boot, then doulble click install leopard, restart, then the saga repeats with the pixely red square around the wheel.
    these are fresh drives with only what came on instll disk loaded.
    thanks again for taking an interest.
    i love this system(well at least i did). I want to install leopard on my powerbook too but am terrified to do so right now since it is working and I have work to do. Can't afford to have no computer to do my work on...self employment is great?!
    This is making me crazy. I anxiously await your words of wisdom.

  • HT3523 what does the meaning of "you need to install additional software to open this type of file." did i have to upgrade it or compressed the video or i have to upgrade my macbook? please answer this question. thank you :)

    please answer this question because i can't upload my video cause i can't open it. sooo please answer this question. i'm using macbook white the latest version.

    i had the same problem and i fix it installing ccleaner, it is free and an excellent program. You can download it from: https://www.piriform.com/ccleaner/download
    Once installed, in the tab "Herramientas" (sorry but i have it in spanish) you choose "Inicio" and them you pick CS5ServiceManager then you pick in delete option. Basically you are removing of the startup programs...
    Hoping to be helpful, and excuse my bad english!

  • "You don't have enough access priveleges for this operation."  (iTunes) What does this mean?  My computer crashed, installed new hard drive.  Now, when I open iTunes get the error, also cannot purchase or download anything in iTunes or Cloud iOS 10.6.8

    Just got my computer back today, can access all programs.  Only issues are in iTunes, iTunes Store, Cloud and match. 
    Cannot, dowload or purchase anything either.
    All help is appreciated!
    Michelle

    Read the part about changing permissions on the iTunes folder in: https://discussions.apple.com/message/11583914
    iTunes: Missing folder or incorrect permissions may prevent authorization - http://support.apple.com/kb/TS1277 - Shared folder issues with Store authorization.

  • Apple application was not found, apple application support is required to run ituneshelper. please uninstall itunes and install itunes again error 2. What does this mean?

    apple application was not found, apple application support is required to run ituneshelper. please uninstall itunes and install itunes again error 2. What does this mean?

    You can try installing 7-Zip (free), then right-click on the iTunesSetup.exe or iTunesSetup64.exe file to unpack its contents, and install AppleApplicationSupport.msi as a standalone component. It may still not install successfully, but if it doesn't you may get a more useful error message regarding the reason why.
    See also Troubleshooting issues with iTunes for Windows updates.
    tt2

  • Several of my iPhone apps are dark and say "Waiting." What does that mean?

    Several of my iPhone apps are dark and say "Waiting." What does that mean?

    Either it is installing/downloading.
    or waiting its turn to download the update.
    Hard to say without more information on what exactly yoru doing as this is occurring.

  • HT5244 If "flashback malware removal tool" was in your software updates...does that mean you have the flashback virus?

    If "flashback malware removal tool" was in your software updates...does that mean you have the flashback virus?

    carol afromfl wrote:
    If "flashback malware removal tool" was in your software updates...does that mean you have the flashback virus?
    No, it just means that you are running Lion and do not have Java installed. The update will simply check for any previous infection and let you know if it finds anything. If it doesn't find anything it will quit without any notices. In either case, it will then delete itself and you can sleep easy until the next one comes along.

  • Does the Flashback malware have an effect on OS X systems without java installed?

    Does the Flashback malware have an effect on OS X systems without java installed? Just asking since i do not have java installed...

    It's not likely, but better safe than sorry. See
    Helpful Links Regarding Flashback Trojan
    Visit Thomas Reed's site for insight and help: Mac Malware Guide
    A Google search can reveal a variety of alternatives on how the remove the trojan should your computer get infected. This can get you started. However, be careful about what you do as new variants of the malware circumvent the efforts of earlier tools.
    Also see Apple's article About Flashback malware.
    Apple has released Java updates for Snow Leopard and Lion users:
    Java for OS X Lion 2012-003; available only for users of Lion with Java installed.
    Java for Mac OS X 10.6 Update 8; available only for users of Snow Leopard.
    Flashback malware removal tool; available only for users of Lion without Java installed.
    Install whichever shows up in Software Update. It removes the malware (if present), updates Java (if present) and tightens up Java settings for the future.  You may download from Apple's web site instead of using Software Update, but it's important to know which one to get, because the other two won't work for you.
    For the truly paranoid see 10 Simple Tips for Boosting The Security Of Your Mac.

  • HT5244 how to use Flashback malware removal tool

    how to use Flashback malware removal tool after installing it i cant find it>???

    Kappy wrote:
    How he became a Lion user wouldn't be relevant because if he installed Lion, then any previous version of Java would be removed. Unless the OP purposely installed Java there would not be any Java software on the computer. I am pretty sure this is correct given the number of users who have seen fit to point that out to me.
    Yes of course, but Java is only needed as the initial step (installation of the dropper) in the infection process and is not required by the malware after that. Once infected neither the removal of Java nor the installation of a new OS will do anything to disable Flashback. The majority of the components are installed in the users home folder and if he gives up his password, the rest goes into Safari. I'm not certain whether Safari is replaced during Lion installation or not. So there is a good chance that at least some of the malware components are still in operation after an upgrade or migration. That's the only point I'm trying to make. Do you not agree with that?
    I feel that way because of the recent frequency of your remarks in various topics to which I've contributed.
    I only pick on you because you get around to many more people than I can ever hope to, so I want you to have the latest and best info possible. I wish I could do more, but my two other jobs take up almost more time than I have. Besides, I do the same with Linc and Carolyn and probably a few others who's advise I value and I envy that you have all have time to do what you do. But right now I need to get back to work on my taxes or I'll be in a lot of trouble come Monday.
    I would much prefer to do all this in a sidebar, but my level doesn't allow such things, so I do what I can when I can.
    I have Java installed on my systems and do so purposefully. Others may install it because they are prompted to do so. That's why the tools are available both to detect the malware as well as remove it.
    Which brings up a good point. I wonder if those Lion users who are now discovering they need Java get the MRT in the same way as those who install the current updates?

  • HT5244 how do i know if the flashback malware is on my system?

    how do i know if the flashback malware is on my system?  And how can i get rid of it.?
    I cant upgrade to a higer os.. becouse my powermac does not have intel.. processors.
      Modelnaam:          Power Mac G5 Quad
      Modelaanduiding:          PowerMac11,2
      Processornaam:          PowerPC G5 (1.1)
      Processorsnelheid:          2.5 GHz
      Aantal processors:          4
      L2-cache (per processor):          1 MB
      Geheugen:          8 GB
      Bussnelheid:          1.25 GHz

    X423424X wrote:
    For some, if not complete peace of mind, go to F_Secure's Flashback Removal Tool web page, download their Flashback trojan detection/removal tool, and follow the instructions you find there.
    Turns out their tool won't run on a PPC Mac (unless you extract and modify the AppleScript so it will run the shell script).
    The only one I know of that does is Norton's. I glanced over it and gave it a test run. Looks OK, but I cannot attest to how well it might work.
    And as has already been said, nobody we've run into here using a PPC Mac has been shown to be infected and all the samples I have been able to examine contained Intel only executables.

Maybe you are looking for

  • Camera video preview - Random crashes and green screens

    Hello everyone, I am currently working on a Windows Phone 8.1 app and I need to preview video from the phone's back camera. For quite some time I've been struggling with random crashes and green screens. When these green screens appear, all camera ap

  • How to make one column only in table control automatically filled in ?

    Hi ,all. I meet an issue while doing my screen programming. I have a table control on screen which has a few of column. And I want to display date in my first column each row automatically when user open that table/table control. All other column mus

  • Oracle ADF for weblogic server

    Hi, Can I extend weblogic domain to include Oracle ADF my version of weblogic is 10.3.0.0 Thanks, Charan

  • ADF Web applications give error when parent is set to "orabpel"

    Hi all, i use the application server 10.1.3.1 of the SOA 10.1.3, i try to deploy an ADF web application that uses the BPEL APIs, in the server.xml, i set the application parent to 'orabpel', when i start the application by launching the first jspx pa

  • Need table information about ASN

    hai , As for my knowledge in ASN, it can be created in 2 ways. 1 is through supplier in supplier portal and another one is in ECC (R3).(ASN created via R3 and ASN created via SNC) kindly tell me which tables and fields which  holds both datas and for