Malicious code?

Similar Messages

• IMac either or has been remotely accessed, has malicious code, is hacked and/or all of the aforementioned or something that I have not yet researched. With my health issues, my Mac keeps me from thinking about the pain and disability I have. Thank you.

  Hello,
  I'm giving it one more chance and then Mac goes into trash. My iMac is either remotely accessed, perhaps malicious code, hacked and/or all of the aforementioned. I am not savvy in these areas. Please read some of the many symptoms and if you can assist me -- I am beyond grateful.  If you want to say it is my fault because I allowed somebody to use my computer or other nonsense please do not waste my time or yours. This is serious and has been going on for a period of time that is longer then I can remember!
  I have a neighbor, lives in my apartment building, 'had' physical access to my iMac.  Shortly after this I started to have problems that beyond any nightmare I have ever heard of - whether it be Windows or Apple!  Please feel free to ask me any question(s) that might help me rid my iMac of this malicious act as the police have been useless -- say they do not have equipment to check my Mac. FBI can't b bothered.
  It is more then clear that a person(s) has access and has messed up the OS, among other terrible things.  He took over my Facebook account months ago, posted as though he was me. He also prevented me from getting back into FB and Yahoo to close those connected accounts.  Went to an Apple store, under protection of their router and removed FB/Yahoo accounts.  The pages that were showing at home turned out to be fake pages controlled by him. (Think they are called "defaced").
  Anytime I did a 7X or zero out clean install -- he was there before I even hooked up the router!!!
  It came to a point that I can no longer even get to the erase/Utility/install from my apartment so I took it to Apple more then once. Besides erase/install, I turned off ALL Sys Preferences that could alert him to Mac. The last time I received a gray Install CD and was told to take it out of the building and do another erase/install.  There is no sense of going through this until I know if/how to get rid of him.
  Also when I first sign on I ALWAYS get a 192.168.100.11.  I do NOT have a router. I then go to System Preferences to Network and click "renew DHCP" several times before I get an IP addy!  I am not savvy in this area but do feel that this is a major clue.
  Passwords have been changed, master password is not something I can access which prevents me updating, etc., etc.
  I will not bombard you with every detail as that would take several pages. I am beyond desperate. Will be happy to provide further details to serious responders only.
  Thank you.
  'REQUIRE ASSISTANCE'
  Heartfelt sympathy to the many family members, friends, people who loved Steve Jobs even though they never met him -- RIP Steve. You are missed.

  If you really believe that your system has been compromised, here's what you do:
  Disconnect your Mac from your cable modem;
  Back up any documents on your system that are important to you;
  Boot your Mac from the system installation disks that came with it (insert the disk, restart your Mac, and hold down the "c" key until you get the "spinning gear" icon);
  Choose a language and click the arrow button to continue;
  From the Utilities menu, choose Disk Utility;
  In Disk Utility, select your computer's hard drive;
  Click the "Erase" tab;
  Click the "Security Options" button and select to have it overwrite all the data on the hard drive;
  Click the "Erase" button and allow it to process;
  Once the "erase process has completed (it will take a while), reinstall Mac OS X.
  Or, if this is too much for you to accomplish on your own, take your system to an Apple Store and have them help you perform these steps. If your system was indeed compromised, this will remove any such hack. You can then set up a new user account for the computer, reinstall your applications (reinstall only from original disks or downloads from the company making the software) and documents, and reconnect to the Internet.
  Note that when you reconnect to the cable modem, you may still get an IP address starting with 198. This is normal with some cable modems and probably not a cause for concern. It will not be an indication that your system is still compromised; that will not be possible if you perform all the above steps.
  Regards.

• Starting can't automatically,i can't updates 3.6.4 and get message may contain viruses or other malicious code that could haram my computer.why?can you help me to install by techno updates?what match for all my condition,exe yahoo toolbar2,ie8,windows 201

  i can'use firefox automatically,in my computer i have got write arima in my start autimatically.what's the meaning?since 22june i got message mozilla firefox 3.6.4:executable files may contain viruses or other malicious code that could harm your computer.use caution when opening this file.are you sure you want to launch firefox setup 3.6.4.exe?after i click yes,i got answer:file is corrupt?What is the meaning?what happened with mozilla add ons ie8,windows,yahoo toolbar?can you help me to choose match for my programm 2010 and install automatically with flashget the lastest?i got permission from licensi yahoo to use it for ie8 and google,for ie8 i never try it.thanks
  == This happened ==
  Not sure how often
  == when i got programm 2010,install 3.6.4 from yahoo.tollbar2(YM9),i tried it last week.

  I did some googling and found alot of topics from you on this issue, to me it simply seems like on of the connectors is broken or loose.

• BCM 2007 error: "To help prevent malicious code from running, one or more objects"

  Recently we changed our e-mail accounts around to a new domain name. After this switch, BCM no longer allows adding, editing or any other manipulation of contact records. I get an error message saying "To help prevent malicious code from running, one
  or more objects in this form were not loaded."
  I have tried clearing the forms cache, uninstalling and reinstalling BCM and even adding the old e-mail address back into the Outlook profile and nothing works.
  Is there something I have missed somewhere or am I looking at a complete reinstall of Outlook and BCM?
  Jon

  Hi Jon
  Thank you for the update.  It could be another Active X Component - BCM 2007 calls several of them
  On thing you could do is run a Process Monitor Log to see if perhaps another component is Blocked. To do that try the following:
  1. Close Outlook and as many other programs as possible
  2. Download and Extract Process Monitor from here -
  http://technet.microsoft.com/en-us/sysinternals/bb896645
  3. Start Process Monitor
  4. Start Outlook
  5. Reproduce the error in BCM
  6. Stop Process Monitor by going to the File menu and unchecking "Capture Events"
  At this point you can try filtering by clicking the Filter Icon (the Funnel) on the menu bar.  Click on the Left Drop down at the top of the Dialog and Select "Path"
  For the second dropdown select "Contacts" and then filter on "ActiveX Compatibility" (without the quotes)
  in my lab, every GUID under HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility came up with a result of "Name Not Found"
  On your system, are there any are present (the Result Column will show "Success")?
  If so, then I would check the Compatibility Flag for that one (Hint - if you right-click on an Entry you can select "Jump To" to open Regedit to that location)
  - or -
  If you would like for me to take a look at it, in Process Monitor Go to the File > Save Menu and save it as a .PML file. Then send it to me at cts-larrymei at live.com
  Note - Please ZIP the file prior to sending it
  Thanks!
  Larry - MSFT
  Larry Meinstein

• Deployment of JAVA-Patches with SUM failed, MOPZ has downloaded malicious code

  some time ago, we did an upgrade of our doublestack PI-System from NW-PI-700-SPS18 to NW-PI-731-SPS05.
  Now, i wanted to upgrade this PI-system from NW-PI-731-SPS05 to NW-PI-731-SPS07.
  with SUM 1.0 SP10 PL4 we are now failing in the Execution-phase (Downtime):
  Error in phase 5.6. execution (downtime) of the JAVA-Part
  F  ********************************************************************************
  F  *** ERROR => Node 'deployment' failed with exit code 67.
  F  ***
  F  *** Please see section 'Failures in the 'deploying offline components' phase'
  F  *** in SAP Note 1316652 for additional information and trouble shooting advice.
  F  ********************************************************************************
  and the instance could not start up anymore !?
  in sap-note 1316652 there is mentioned a separate sap-note 1550641 for this error
  http://service.sap.com/sap/support/notes/1316652
  in sap-note 1550641 - Update fails-Node 'deployment' failed with exit code 67.           
  http://service.sap.com/sap/support/notes/1550641
  Solution:
  A fix cannot be deployed as a patch, because the deployer itself is broken.
  The solution is to reset a back up state of the system, to download the new version of the stack from SAP Marketplace, and to rerun the update/upgrade procedure.
  i downloaded the patch-stack (with Solman MOPZ) some days ago,
  so MOPZ did download the malicious code of deployment components..... ?!
  so what to do?

  Hi,
  sorry for my late reply,
  but the whole story needs a lot of time (nearly 2 month) and finally ends successfully.
  first: (summary) the main-title of this thread is wrong,
  it was not MOPZ or Solman download, what caused this issue.
  the problem was caused by a remaining (old) sapxmltoolkit.jar in the java-bootstrap folder
  details are coming ...
  (all dates in yyyy-mm-dd)
  =========================================
  2014-05-16 at 13:04 CET: 
  SUM upgrade hangs with java-server did not start (in phase 5.2. Execution = downtime)
  i opend OSS-ticket with several details + logs attached and opened the connection to our system.
  SAP-Ticket, prio_Medium (because it is "only" a sandbox issue),
  2014-05-30 at 20:21 CET:
  1."sign-of-live" from sap-support,
  Asking for additional logfiles from the work-directory of the sap-system
  2014-06-02 at 11:14 CET:
  my Answer to the questions and adding the demanded logfiles.
  2014-06-02 at 21:57 CET:
  2.answer from SAP-support, asking to repeat the last SUM-step, to see, if the issue is still there
  2014-06-03 at 10:22 CET:
  my answer after repeating SUM-step and attaching new logfiles.
  2014-06-03 at 21:18 CET:
  3.answer from SAP-support, i should check if system is up and running, if hostname, port-no is correct.
  2014-06-03 at 10:22 CET:
  my answer: hostname + portnr are o.k. - but system still did not startup (java-server)
  2014-06-04 at 19:30 CET:
  4.answer from SAP-support, delivering an upload-URL, could not read attached splitted .zip-files of log-files
  2014-06-05 at 07:28 CET:
  i did collect all logfiles again and uploaded them to the 1.upload-URL
  2014-06-05 at 16:48 CET:
  5.answer from SAP-support, give hint to sap-note: 1550641 - Update fails-Node 'deployment' failed with exit code 67
  2014-06-06 at 10:17 CET:
  i answered that (in my opinion) the mentioned sap-note did not match the issue (only to NW-7.00) ,
  because i did not have to change anything, only i should do a restore from tape and start SUM from the beginning,
  i insisted in more and deeper investigations by SAP-support.
  2014-06-06 at 19:00 CET:
  6.answer of SAP-support: moving the ticket to the next support-level (developm.support)
  2014-06-09 at 10:11 CET:
  7.answer from SAP-support: asking for new submittion of logfiles of work-dir.
  2014-06-10 at 08:39 CET:
  asking for a new upload-URL because of large logfiles
  2014-06-10 at 17:31 CET:
  8.answer from SAP-support: providing an new upload-URL
  2014-06-10 at 17:53 CET:
  i did collect all logfiles again and uploaded them to the 2.upload-URL
  2014-06-12 at 09:07 CET:
  9.answer from SAP-support: asking for more details, listings of directory-content of ..../j2ee/cluster/...
  2014-06-12 at 10:23 CET:
  i did collect all dir-infos and attached a doc to the ticket
  2014-06-19 at 10:11 CET:
  10.answer from SAP-support: asking for WTS-connection to start investigate and debung on our systems
  2014-06-23 at 10:44 CET:
  i answered, and provided WTS-connection info
  2014-06-26 at 13:12 CET:
  11.answer from SAP-support: could not see a running SID-engine, no SAP-MC, no directory, no folder, where is the engine?
  2014-06-27 at 08:01 CET:
  i answered, and provided detailed server-info and WTS-connection info,
  remembering that SID is in SUM-downtime and java-server is not running, because could not be startet,
  2014-06-30 at 14:01 CET:
  12.answer from SAP-support: asking for an installed java6-sdk(jdk), the java6-jre is not enough to debug.
  2014-07-02 at 11:40 CET:
  my answer after installing java6-sdk on the WTS-server,
  2014-07-07 at 15:11 CET:
  13.answer from SAP-support: after debugging found an very old sapxmltoolkit.jar in the java-bootstrap folder
  moving the ticket to SUM-support - java-developm-support.
  2014-07-09 at 08:36 CET:
  14.answer from SAP-support: (SUM-support - java-developm-support) asking for attaching the SUM stack-xml file to the ticket.
  2014-07-09 at 14:32 CET:
  16.answer from SAP-support: asking to remove the sapxmltoolkit.jar from the java-bootstrap folder and restart SUM (repeat last step)
  2014-07-09 at 15:00 CET:
  i am happy to get the solution to this issue, 
  after removing the .jar file from java-bootstrap folder, SUM restart last step,
  the SUM-phase execution continues to run, java-server could start, ....
  .... finally SUM ended successfully.
  ==================================
  remarks:
  formerly, we did a copy of that mentioned sapxmltoolkit.jar to the java-bootstrap folder (in March 2013) because of investigation PI-processes
  after upgrading from NW-7.00 to NW-7.31, to get PI-system running after upgrade to NW-7.31
  but maybe that formerly issues were caused by other things, cache or so ...
  and since then (March 2013) we could start/stop that PI-system several times without any problem, only SUM-upgrade could not ......
  i really understand that investigating problems in SAP-software (e.g. SUM-process, java-startup ...) is not easy and could have many causes.
  but in summary this SUM-downtime was really large (55 days of downtime) , because of sandbox-system we want to investigate this time,
  to get the solution to this issue.
  if some SAP people want to look for speed-up options in the whole support-process, the OSS_ticket-no is:  ( 459757 / 2014 )
  Thanks to SAP-support (for the helpful solution)
  Christoph

• "security" application package to CLEAN the widely "known" Malicious code?

  Professionally & Personally - I use, make, and Read many PDF files daily [reports, documents, & books]; I have many "many" thousands of PDF documents in my Archives.
  A. Background:
  1.    I have heard, since Acrobat 5, many security specialist have deemed JAVA as a THREAT; and PDF as a security concern! Recently Reported Home Land Security has deemed JAVA as an on-going "continuing high threat", in spite of se7u11; reported that DHLS expressed that 28% of reported ATTACKS were from Adobe Acrobat PDF files embedded user malicious software code [ever growing numbers of attacks]. <PDF security is a major growing DOD concern!>
  2.    To my great surprise from "IT" professional who disabled JAVA in his Department's systems, the current Security Software and specific program updates offer no real solution or resolutions to this ongoing security problem. I understood that Virus and Trojan Checkers do not check malicious software code hidden inside PDF files, and software updates do not remove or make safe the malicious software code in the actual PDF – thus it remains a potentially very DISTRUCTIVE-DATA-BOMB just setting in your databases awaiting to be activated at some future date.
  3.    "This is very tedious and time consuming!" I have since disabled JAVA in my Adobe Acrobat and run each PDF through "PDF OPTIMIZER" - Discarding all User Data, User Objects, and especially User JAVA Codes – and disable my LAN internet connection -- before utilizing it. I don’t know if this is of any good or not – but I feel safer.
  B. PROBLEMS & QUESTIONS (I’ve given each question its own string to assist with preventing confusion)!
  4.    CLEAN OLD FILES! Has Abode Acrobat issued stand alone "security" application package to CLEAN the widely "known" Malicious code or attack internet sites from PDF files? I was informed that Security Software doesn't perform this specific function inside PDF files. Does Adobe have a similar Microsoft Windows Malicious Software Removal Tool? What is Adobe's solution?

  Hello George Johnson
  I do so appreciate your assistance…
  Although I have used in business and own computers since the 1970’s [built one myself from a kit in 79], I’ve not had to concern myself with programming since, DOS, Lotus/IBM/Apple Basic and COBAL --- especially after XP release I gave up even trying to figure what each does. I did not mean to offend as to which specific JAVA version and/or product is the problem, since I personally have no CLUE – and today totally depend upon goodwill of smart guys like you.
  Specifically why recently DHLS [IT security folks and DOD for many years] is saying that Malicious Software code in PDF files is such a big threat and responsible for 28% of the systems attacks I do not know the technicalities or reasoning of these assertions – except it had something to do with JAVA CODE/JavaScript[?] contained inside the actual PDF which virus software doesn’t detect or destroy?  I do not know if it is the Additional CODE placed inside the PDF by the bad actor and/or the changing of actual Adobe Program Code is the problem? I may be chasing may tail!
  My biggest concern for many years into the future -- is protecting my very large PDA database/Archive, multiple Systems, my personal information, and to try to the best of my ability to not pass PDF having within it Malicious Software CODE [JAVA CODE/JavaScript?] put into it by a bad actor.
  Since my PDF database Archives [and back-ups] is many terabytes – it is impossible to “import” each PDF into Acrobat and run PDF Optimizer (removing Adobe known user placed codes and data) – as I am doing now – much less trying to figure out what else I should check for within the PDF file or the ever increasing updates, changes, versions of plugging the hole in the dikes…..
  So George, back to my question,  Has Abode Acrobat issued stand alone "security" application package to CLEAN the widely "known" Malicious code or attack internet sites from PDF files? [You know 28% DHLS & DOD is talking about.] I was informed that Security Software doesn't perform this specific function inside PDF files. Does Adobe have a similar Microsoft Windows Malicious Software Removal Tool? What is Adobe's solution?
  Thank you so very much for your knowledge, help, and interest.

• Installed some  potentially malicious code ... what should I do?

  Hi
  I thought I was installing a cardbus driver for a Ethernet card (found online) but when it didn't appear in the appropriate library, I checked the install log and also looked in the install package. Definitely not a driver and could well be some malicious code (calls itself "MacAccess : 5.0.0.0.1").
  How do I get rid of it .... I'm really worried ..... help!

  No viruses that can attack OS X have so far been detected 'in the wild', i.e. in anything other than laboratory conditions.
  It is possible, however, to pass on a Windows virus to another Windows user, for example through an email attachment. To prevent this all you need is the free anti-virus utility ClamXav, which you can download from:
  http://www.clamxav.com/
  However, the appearance of Trojans and other malware that can possibly infect a Mac seems to be growing, but is a completely different issue to viruses.
  If you allow a Trojan to be installed, the user's DNS records can be modified, redirecting incoming internet traffic through the attacker's servers, where it can be hijacked and injected with malicious websites and pornographic advertisements. The trojan also installs a watchdog process that ensures the victim's (that's you!) DNS records stay modified on a minute-by-minute basis.
  SecureMac has introduced a free Trojan Detection Tool for Mac OS X. It's available here:
  http://macscan.securemac.com/
  The DNSChanger Removal Tool detects and removes spyware targeting Mac OS X and allows users to check to see if the trojan has been installed on their computer; if it has, the software helps to identify and remove the offending file. After a system reboot, the users' DNS records will be repaired.
  (Note that a 30 day trial version of MacScan can be downloaded free of charge from:
  http://macscan.securemac.com/buy/
  and this can perform a complete scan of your entire hard disk. After 30 days the cost is $29.99. The full version permits you to scan selected files and folders only, as well as the entire hard disk.)
  A white paper has recently been published on the subject of Trojans by SubRosaSoft, available here:
  http://www.macforensicslab.com/ProductsAndServices/index.php?mainpage=document_general_info&cPath=11&productsid=174
  Also, beware of MacSweeper:
  MacSweeper is malware that misleads users by exaggerating reports about spyware, adware or viruses on their computer. It is the first known "rogue" application for the Mac OS X operating system. The software was discovered by F-Secure, a Finland based computer security software company on January 17, 2008
  http://en.wikipedia.org/wiki/MacSweeper
  On June 23, 2008 this news reached Mac users:
  http://www.theregister.co.uk/2008/06/23/mac_trojan/
  More information on Mac security can be found here:
  http://macscan.securemac.com/
  The MacScan application can be downloaded from here:
  http://macscan.securemac.com/buy/
  You can download a 30 day trail copy which enables you to do a full scan of your hard disk. After that it costs $29.95.
  More on Trojans on the Mac here:
  http://www.technewsworld.com/story/63574.html?welcome=1214487119
  The latest news on the subject, from July 25, 2008, is:
  Attack code that exploits flaws in the net's addressing system are starting to circulate online, say security experts.
  The code could be a boon to phishing gangs who redirect web users to fake bank sites and steal login details.
  In light of the news net firms are being urged to apply a fix for the loop-hole before attacks by hi-tech criminals become widespread.
  Net security groups say there is anecdotal evidence that small scale attacks are already happening.
  Further details here: http://news.bbc.co.uk/2/hi/technology/7525206.stm
  A further recent development is the Koobface malware that can be picked up from Facebook (already a notorious site for malware), as reported here on December 9, 2008:
  http://news.bbc.co.uk/newsbeat/hi/technology/newsid_7773000/7773340.stm
  There may be other ways of guarding against Trojans, viruses and general malware affecting the Mac, and alternatives will probably appear in the future. In the meantime the advice is: be careful where you go on the web and what you download!

• I think someone has placed a malicious code Quick Time audio file on my Mac

  I think someone has placed a malicious code audio file in a message and now I constantly hear a audio track of “hands clapping” constantly on my Mac – how do I get rid of this file or locate it so I can delete it please? It just plays on its own …. Totally unpredictable when it plays not at even or predictable times … I have searched in spotlight and it is the QuickTime ‘applause’ audio file that plays … can someone help? This is playing over everything while I’m trying to work...

  Hi Tim,
  "This is playing over everything while I’m trying to work..."
  It's just your computers way of telling you you are doing a great job!
  Joking aside, have you tried searching for the file? Have you used iMovie lately as I believe there is an applause file as one of the sound effects. This may be stuck playing in a loop.
  Also, have you checked through your emails, to see if the attachment might exist in one of your emails?
  I did also want to let you know that this is the Feedback About Discussions forum and your question would be more appropriately posted in either the QuickTime or Using Mac OS 10.5 Leopard forum. If you are having difficulty finding these forums read the top header to this forum for info about how to find correct forums.
  post back with further comments or questions,
  littleshoulders
  edit: I see, after rereading your topic that you say you already searched for the file.
  Message was edited by: littleshoulders

• Is the software in the mac app store checked for malicious code/ malware?

  I was wondering how rigorously software in the mac app store is screened? Is it checked for malware and viruses?

  Yes.

• Malicious Code Downloaded From Ebay Takes Over Volume!

  I thought I was downloading a PDF when my computer was attacked. PowerBook G4 12 inch with 37.3 GB capacity running on Leopard OS 10.5.4.
  Laptop crashed. Able to restart with original restore CD. Volume now reads - 37.3 GB Toshiba MK4025GAS. DVD driver reads - 4.0 GB MATSHITACD-R...
  Using the Disk Utility First Aid verify permissions for the DVD driver stated: Error: No valid packages (-9997).
  Using the disk utility I tried to erase the volume, but it would not.
  The Ebay seller who sent me the corrupt download is user name: jettacomputers and email [email protected]
  How can I get control of my volume back to restore it?
  I appreciate your help.
  Don

  Using the Disk Utility First Aid verify permissions for the DVD driver stated: Error: No valid packages (-9997).
  You can't verify or repair a disk or verify or repair permissions on a disk in a DVD drive. DVDs are read-only and therefore not repairable. You can't erase a DVD either. It's your Toshiba hard drive that you need to repair with Disk Utility, not your optical drive.
  Start up from your latest Mac OS X installer DVD, open Disk Utility from the Utilities menu in the Installer application, slect the hard drive in the left pane of the DU window, click the First Aid tab in the right pane, and check the SMART status of the drive near the bottom of the right pane. If it says "Verified", click the Repair Disc button. If it says "Failing", your hard drive needs to be replaced.
  The chances are zero that your computer has been "attacked".

• Is there a way to identify safe vs. malicious files on computer that was hacked?

  Our MacBook (OS X ver. 10.8.5) was monitored remotely without our knowledge for over a year. Actually, we had found things that were suspicious but we listened to various experts who told us not to worry. We found several pages of commands in the Terminal window including commands for remote access.  Also many files had incorrect creation dates.
  Our email and banking accounts were compromised.  A typical pattern began with our password being reset.  We’d change the password, and the new password would continue to work, but the hacker would know what that new password was.  She continued to know the password even after it was changed several times.  Computer security experts told us she installed a data logger on our computer.  We purchased a new computer and new hard disk for the old computer, and reinstalled all applications.  However, she was able to get into the email accounts on those as well.  We need to access some of our old files, but we do not know which are safe. 
  We have several suspicious files on our computer that may contain malicious code, but nothing shows up when scanned with various anti-malware software applications. However, some files are suspicious because they have inaccurate creation dates that reflect times when our computer was compromised.  Others are suspicious because they were called up in the Mac Terminal application as Unix executable files, and they have Unix icons, but they were originally MS Word  documents. The hacker remotely entered several pages of commands into our Terminal application but many of the commands were of a form: filename; exit;
  If anyone would be interested in examining the files, we would be happy to provide them.  We are seeking someone who can decompile Unix programs that might be associated with the MS Word files.  These files might report data to someone, or may be involved in spying through the iPhone or computer.  Any additional advice would be appreciated.

  Here is the Entresoft output
  EtreCheck version: 1.9.12 (48)
  Report generated June 22, 2014 at 8:54:52 PM EDT
  Hardware Information:
    MacBook Pro (Retina, 15-inch, Late 2013) (Verified)
    MacBook Pro - model: MacBookPro11,3
    1 2.3 GHz Intel Core i7 CPU: 4 cores
    16 GB RAM
  Video Information:
    Intel Iris Pro - VRAM: (null)
    NVIDIA GeForce GT 750M - VRAM: 2048 MB
    Color LCD 2880 x 1800
  System Software:
    OS X 10.9.3 (13D65) - Uptime: 5 days 12:37:21
  Disk Information:
    APPLE SSD SM0512F disk0 : (500.28 GB)
    EFI (disk0s1) <not mounted>: 209.7 MB
    disk0s2 (disk0s2) <not mounted>: 499.42 GB
    Recovery HD (disk0s3) <not mounted>: 650 MB
  USB Information:
    Apple Internal Memory Card Reader
    Apple Inc. BRCM20702 Hub
    Apple Inc. Bluetooth USB Host Controller
    Apple Inc. Apple Internal Keyboard / Trackpad
  Thunderbolt Information:
    Apple Inc. thunderbolt_bus
  Gatekeeper:
    Mac App Store and identified developers
  Kernel Extensions:
    [loaded] at.obdev.nke.LittleSnitch (4052 - SDK 10.8) Support
    [not loaded] com.cisco.kext.acsock (1.1.0 - SDK 10.6) Support
    [loaded] com.sophos.kext.sav (9.0.61 - SDK 10.7) Support
    [loaded] com.sophos.nke.swi (9.0.53 - SDK 10.8) Support
  Startup Items:
    ciscod: Path: /System/Library/StartupItems/ciscod
  Launch Daemons:
    [running] at.obdev.littlesnitchd.plist Support
    [loaded] com.adobe.fpsaud.plist Support
    [loaded] com.bombich.ccc.plist Support
    [failed] com.cisco.anyconnect.vpnagentd.plist Support
    [loaded] com.microsoft.office.licensing.helper.plist Support
    [loaded] com.oracle.java.Helper-Tool.plist Support
    [loaded] com.oracle.java.JavaUpdateHelper.plist Support
    [running] com.sophos.autoupdate.plist Support
    [running] com.sophos.configuration.plist Support
    [running] com.sophos.intercheck.plist Support
    [running] com.sophos.notification.plist Support
    [running] com.sophos.scan.plist Support
    [running] com.sophos.sxld.plist Support
    [running] com.sophos.webd.plist Support
  Launch Agents:
    [running] at.obdev.LittleSnitchUIAgent.plist Support
    [not loaded] com.adobe.AAM.Updater-1.0.plist Support
    [loaded] com.cisco.anyconnect.gui.plist Support
    [loaded] com.oracle.java.Java-Updater.plist Support
    [running] com.sophos.uiserver.plist Support
  User Launch Agents:
    [loaded] com.adobe.ARM.[...].plist Support
  User Login Items:
    None
  Internet Plug-ins:
    AdobeAAMDetect: Version: AdobeAAMDetect 1.0.0.0 - SDK 10.6 Support
    FlashPlayer-10.6: Version: 13.0.0.214 - SDK 10.6 Support
    Default Browser: Version: 537 - SDK 10.9
    AdobePDFViewerNPAPI: Version: 11.0.06 - SDK 10.6 Support
    AdobePDFViewer: Version: 11.0.06 - SDK 10.6 Support
    Flash Player: Version: 13.0.0.214 - SDK 10.6 Outdated! Update
    QuickTime Plugin: Version: 7.7.3
    SharePointBrowserPlugin: Version: 14.4.2 - SDK 10.6 Support
    JavaAppletPlugin: Version: Java 7 Update 60 Check version
  Audio Plug-ins:
    BluetoothAudioPlugIn: Version: 1.0 - SDK 10.9
    AirPlay: Version: 2.0 - SDK 10.9
    AppleAVBAudio: Version: 203.2 - SDK 10.9
    iSightAudio: Version: 7.7.3 - SDK 10.9
  iTunes Plug-ins:
    Quartz Composer Visualizer: Version: 1.4 - SDK 10.9
  3rd Party Preference Panes:
    Flash Player  Support
    Java  Support
  Time Machine:
    Mobile backups: OFF
    Auto backup: NO - Auto backup turned off
    Volumes being backed up:
    Destinations:
    Untitled [Local] (Last used)
    Total size: 464.96 GB
    Total number of backups: 3
    Oldest backup: 2014-04-09 00:38:02 +0000
    Last backup: 2014-06-08 16:09:58 +0000
    Size of backup disk: Excellent
    Backup size 464.96 GB > (Disk size 0 B X 3)
    Time Machine details may not be accurate.
    All volumes being backed up may not be listed.
  Top Processes by CPU:
        64% InterCheck
        7% WindowServer
        3% opendirectoryd
        1% coreservicesd
        1% hidd
  Top Processes by Memory:
    262 MB WindowServer
    180 MB Microsoft Word
    147 MB InterCheck
    147 MB SophosScanD
    98 MB Mail
  Virtual Memory Information:
    10.46 GB Free RAM
    2.65 GB Active RAM
    1.09 GB Inactive RAM
    1.38 GB Wired RAM
    1.63 GB Page-ins
    0 B Page-outs

• Malicious version of Firefox in India

  Hi,
  I'm using firefox in India and I suspect the Indian communications and broadcasting ministry is serving up bad pages and not allowing freedom of internet as it is supposed to be.
  Specifically, I have found some code that may be used to overrun the buffer. A video was posted and the following code was included in the home page, making it possible for a buffer overflow attack. The codebox is as below:
  Screenshot is attached:
  https://www.facebook.com/photo.php?fbid=955998114414292&set=pcb.955999311080839&type=1&theater
  Malicious code segment:
  data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAeAAAAEOCAMAAABmRDRVAAADAFBMVEUAAACnmKK6qKnJu8Do0cvizcj/9/D84dPXxMblz8n/8ujUwsX/9OzOvsT//fzcyMj+5NRmicL02s/fy8n/+/fRwMX33tBuj8baxsb13NAgGhzr08vv187/7+T/7eDIucPLu8M1Ki4cFhl9otzeycby2c/t1cwvJSo+Mzz/+fQ7Ljg2KzVBNjEnHyUjGiQ7MTDAtMH539I8Mza7sMA7KzBGOjT/59fDtcEwJzGvpr0XEhQ+KyorHyv//Po6Jyfjvpqyqb5DNEH <and so on till 67695 chars in total including my text above>

  That video is a Firefox Start Page promo from Mozilla that started its "run" this past Monday. Should be gone in a week, to be replaced by another promo.
  As far as '''data:image/png;base64,''' content - that's an inline data "image"
  http://stackoverflow.com/questions/5242319/what-does-this-mean-image-pngbase64.

• My site has been hacked. Any tools available to locate and remove "Code injection"?

  Google has identified a couple of pages on my web site which malicious code installed into them and Google has listed my site as harmful.   "Malware infection type: Code injection."
  I searched for the code through Dreamweaver-  Edit- Find and Replace but came up empty.
  Does dreamweaver have any other tools to help locate the malware?

  No, DW doesn't have any kind of malware finder/virus removal tools.
  The files would be infected at the server level if Google is picking it up and those files will need to be deleted.
  You may or may not have an issue in your local files, chances are good that they're totally clean.
  Talk to your hosting company about getting the server disinfected.

• , keep getting error code 1012 and can't reload, hp pavilion dv-7 1450, windows vista 64 bit

  keep getting error code 1012, replaced hard drive,

  If that didnt work try this below:
  1) Open up the Command Prompt as an Administrator (Go to All Programs > Accessories and Right Click on Command Prompt and then choose Run as administrator)
  2) Type cd C:\Windows\SysWOW64
  3) Type regsvr32 vbscript.dll (This registers VB Script with your computer.)
  4) Now install iTunes as you normally would by double clicking on the install program and wait for iTunes to finish installing.
  5) Type regsvr32 \u vbscript.dll (This unregisters VB Script with your computer.)
  THIS ONE COMES WITH A WARNING
  TRY BOTH OF THESE AT YOUR OWN RISK
  AND some thing below to consider about this second step, not the first post
  To enabled, VB Script a scripting language that has been responsible for more trojan and worms floating around the internet than any other on the face of this earth. All in order to install one of the earths most popular programs to get our daily audio fix. So we have to disable security measures built in to protect the operating system from malicious code and leave our selves wide open.This would be the equivalent to Microsoft telling Mac People to disable buffer overflow protection in order to install Microsoft Office for the Mac.

• Captivate published ms exe seen as malicious on browser downloads

  CPT 5.5
  Win 7 (64)
  eLS 2.5
  Publishing CPT to Windows Executable...
  Two things happen:
  No matter what existing .ico file I point to, CPT says, "The icon file is damaged. Icon might not be correctly generated. Continue?"
  When the executable is available (has been published), the resulting exe file is flagged as "malicious" or "threat" when a download is attempted (in both G-Chrome and IE9)
  It says the published cannot be verified.
  Can the publisher be verified?
  Is it seen as malicious because of the supposedly damaged icon file?
  And IF the icon file is the problem, how do I make Captivate stop trying to use the icon file? How do I clear the field so CPT won't try to use any icon file?
  Thanks.

  Thanks for the updated info. It just seemed strange that you were already coaxing them to a web page to download the EXE, so why not make it just SWF/HTM.
  One approach might involve doing the SWF/HTM for those that want to view immediately, then offer the EXE as a download from either the same page or from within the Captivate. Your call on how that happens. Aside from posting images of what they are likely to encounter, there is no way I'm aware of to prevent the dialog stating that an EXE could contain malicious code.
  Yes, I do agree that if Windows is happy with an ICO, Captivate should be as well. Unfortunately it is what it is and it's very unlikely to change until the development team hears from enough unhappy users. To tell them about it, please submit a Wish Form/Bug Report. (link is in my sig for that)
  Cheers... Rick
  Helpful and Handy Links
  Captivate Wish Form/Bug Reporting Form
  Adobe Certified Captivate Training
  SorcerStone Blog
  Captivate eBooks