Suspicious metadata suggests possible malware...

Similar Messages

• File Sharing Enabling Itself/ Possible Malware Infection?

  Greetings to all,
  I'm posting this out of sheer desperation because no one else seems to have reported such an issue (or so Google would have me believe).
  A bit of background info:
  I'm running 10.8.5 and Firefox 24.0, no frills, no extra customisations apart from one add-on; pretty much everything left to the default settings (homepage, theme, etc.).
  I noticed two weeks ago that my first tab in Firefox kept shivering every time a new tab was opened or an existing one was closed.  The only thing that had been installed was AdBlock Plus and that was running flawlessly for a month.
  I researched the problem on my own and found that previous versions of Firefox had similar shaking issues but none were related to AdBlock.
  I reset my browser and the shaking stopped.  I re-installed AdBlock and the issue returned in ten minutes.  I reported this to AdBlock Plus but have yet to hear back from them.
  Now moving onto the crux of the issue:
  I noticed in the last week that File Sharing has been turning itself on.  I have another Mac on the network but I have only used this feature a handful of times and always make sure to disable it as soon as I'm done.  This is combination with e-mails that I did not send that appear to be sent from my account despite having changed my password several times in the last year.  None of my contacts have reported that they received spam from me.
  I had been mildly suspicious of some such malware due to Netflix/ Hulu magically playing videos on their own well after they had already timed out.
  I checked Activity Monitor and there were no suspicious processes but I figured if a keylogger, for instance, were sophisticated enough, I still might not be able to see it.
  Enter MacScan 2.9.4.  I downloaded it directly from their website and ran a full-system scan which ultimately yielded nothing.
  I re-open Firefox and what do I see?  Yahoo! has been made my new homepage and a bunch of Spigot searchbars have been added, namely that for Amazon and eBay.
  When I Googled the company name, almost all the of articles referred to it as malware.
  I have since reset my browser and I'm starting to freak out more than just a little.
  A well-known and recommended AV hijacks my browser, spam is being sent to me by 'me', File Sharing is enabling itself, and of course, the phantom video playing.
  Has anyone seen this conglomeration of symptoms before and if so, what can I do about it?
  If not, am I going to have to wipe both Macs?
  Please some kind soul out there, help!

  I'm not following your description well enough to know exactly what happened. What site were you viewing when this happened, and did it happen immediately on clicking a link or did it just happen spontaneously? What is a "corrupted install window"? And what is "the corrupt file" you found in your download folder? Without more information, it's difficult to say, but it doesn't sound like malware to me. Of course, if you wish to set your mind at ease, get a copy of [ClamXav|http://www.clamxav.com> and scan your hard drive. Also, I would point you to my [Mac Virus guide|http://www.reedcorner.net/thomas/guides/macvirus>, but as I've received private communications from you already, I see you've found it!
  Note that files ending in .part are temp files... they are the beginnings of files that your browser started downloading. When you cancel a download, whatever had been downloaded to that point is left in a .part file, I believe to allow for resumption of the download later (if the server in question supports that). Whatever's in there is not complete and could not possibly be opened, so it is not a threat.

• I opened an email that I later identified on hoaxbusters as depositing malware.  I have malwarebytes on my laptop, but nothing similar on my iphone4  what app should I buy?  If I run it, will it find or fix the possible malware?

  I opened an email on my phone that I later identified on hoaxbusters as depositing malware.  I have malwarebytes on my laptop, but nothing similar on my iphone4.  What app should I buy?  If I run it, will it find or fix the possible malware?

  The creeps that generate this code figured that the iPhone since is is selling so well would be a great market for them even if iOS makes it impossible for their code to do anything practical unless it is jail broken first.
  For additional information on jailbreaking, read http://en.wikipedia.org/wiki/IOS_jailbreaking

• I need to retrieve my serial number, I have tried every suggestion possible

  Could someone please help me find the serial number. I just purchased the lightroom5 tonight, everything went great. Then it asked for serial number i have tried every suggestion possible... please help

  How do you know you've " tried every suggestion possible"?
  What have you tried?

• Possible malware on my macbook.

  Hi guys,
  Firstly let me start off by apologising as i know this topic has been somewhat covered in the past, but i thought their might be new information available that could help me out.
  I play world of warcraft on my macbook, just last night i tried to log in only to find my account had been hacked and my password changed, I used secret question etc to reset and choose anew password a few hours later the password had changed again. On contacting blizzard they said it was most likely that i had a keylogger on my system either as a downloaded addon for the game or from visiting some wow related site. So my question that i really hope you may be able to answer is;
  1. Assuming there is a keylogger on my system (i think thats the safest stance to take) how do i remove it ? I have ran clamxav, ianti virus and macscan all clean except for some Tracking cookies that look innocent enough.
  I can do a system restore as a lst resort but im hoping to avoid it if possible.
  thanks for your time and help
  Conor

  Yes, an erase and fresh install is the safest way to go.
  While there are no known viruses that attack Mac OS X at the present time it is possible for other malware to get onto your Mac, like your keylogger.
  So I go to lengths to protect my user. A hosed system can be replaced but a compromised user folder is compromised forever. Along with all your important data like bank records, credit cards, ... I.e. your "identity" stolen.
  The best way to avoid that is by being a frustrating target. Use your built-in firewall which is industrial strength and/or a hard wired router, downloading only from "trusted" sites, installing all security updates and being careful about what you give administrative power to.
  Don't use Limewire or any other P2P service to download your software, get it from reputable sources. In addition, always keep at least your users backed up, preferably a clone of your entire system on a separate disk. And put your sensitive passwords, bank accounts, credit card numbers in a "secure note" in a new keychain or in an encrypted folder.
  If and when a Mac virus does appear it will be headline news and you can download the AV software then. If you feel you have to run an AV program I'd suggest ClamXav a mac friendly freeware app that is very stable with OS X. It will check for known virus signatures at any rate.
  Hope this helps.
  -mj

• Is Metadata Backup possible to be automated through taskflows?

  Hi,
  I wanted to know if metadata backup is possible through taskflows. I am aware that there is an Extract Data in the Actions when you create a taskflow but where do the files go after being extracted? Can I specify a specific server or path for its location? If yes, where can i define it?
  I hope you could help me out :)
  thank you!

  Which product do you want to back up the metadata, which version are you on
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Possible Malware or Virus on IMac?

  Today one of my family members visited the site Neopets, as she does almost everyday. What is strange is that every link she clicks on the site, be it for playing a game, checking contact information at the bottom of the site, starting a game etc,would cause a pop up to appear saying that we do not have the updated player. By pressing ok, it redirects us to a site called updateplayer.us. It is almost identical to the adobe/flash site which makes me believe that its some type of phishing scam. Furthermore, it will again redirect us to other sites, all similar but with different names (i.e. bamplay.net, and fatplay.net). These sites were identical to one another (bamplay and fatplay). So my question is, do we have a virus or malware on or mac? We have the lion OS. Everything is up to date, (flash player is 13.0.0.214) and our system updates are all up to date. We only download updates through system preferences/ software update. Other than pictures that we have recieved from friends and family, and the occasional pdf we download for school/taxes, the only downloading/installing we have done is from the system/flash updates. We don't visit any malicious websites and are fairly cautious internet users. This just started happening today for the first time ever, and it only appears to be happening on Neopets. Do we have a virus or malicious software installed? Everything else seems to be running fine. Safari still seems to be fast. Or is this something on Neopets end? I'm not very skilled with computers so any help would be appreciated!
  Thanks!
  P.S.
  Has anyone else who visits the site been experiencing this?

  If Neopets requires Adobe Flash Player, always navigate on your own to Adobe's website and download the installer from them, and never from within someone else's website including this one. Fortunately, thousands of Apple Support Communities participants are here to rapidly respond to anyone's malicious intent.
  Adobe's website is as follows, which you will be able to see for yourself exactly as it appears, in your browser's URL field:
  https://get.adobe.com/flashplayer/
  Ignore unexpected popups or solicitations to update Flash Player; they can direct you to fraudulent sites that will attempt to convince you to install malicious software, or to reveal personal information such as your Apple ID credentials.
  Or is this something on Neopets end?
  That is another possibility, as are other potential causes, but the malicious router hacking I described is a serious concern and must be ruled out at your earliest opportunity.

• Possible Malware infection?

  I was surfing a website with firefox, and my download window popped open with the list cleared. I never clear my list. Then a corrupted install window opened asking me to install a dmg that was like a clean file i had downloaded earlier. i didn't install and i shut down the computer. On reopening i found in my download folder the corrupt file and a file with random letters ending in a ".part" file name.
  Any clarification would be helpful?
  Thanks

  I'm not following your description well enough to know exactly what happened. What site were you viewing when this happened, and did it happen immediately on clicking a link or did it just happen spontaneously? What is a "corrupted install window"? And what is "the corrupt file" you found in your download folder? Without more information, it's difficult to say, but it doesn't sound like malware to me. Of course, if you wish to set your mind at ease, get a copy of [ClamXav|http://www.clamxav.com> and scan your hard drive. Also, I would point you to my [Mac Virus guide|http://www.reedcorner.net/thomas/guides/macvirus>, but as I've received private communications from you already, I see you've found it!
  Note that files ending in .part are temp files... they are the beginnings of files that your browser started downloading. When you cancel a download, whatever had been downloaded to that point is left in a .part file, I believe to allow for resumption of the download later (if the server in question supports that). Whatever's in there is not complete and could not possibly be opened, so it is not a threat.

• Comics & Graphic Novels - editing metadata suggestions?

  Hi everyone,
  I just bought a batch of ePUB formatted graphic novels from a third party store, and when I put them into iBooks for Mac the cover is replaced by that generic, faux leather design. Now, I absolutely acknowledge that this is entirely an OCD, anally-retentive, non-issue, but I would quite like to see the actual book covers in my library.
  Now, some people had suggested using Calibre, which I have had a go with, but there seems to be some formatting problems that appears to be unique only to comics and graphic novels. Basically, when I open the edited ePUB book and try to get the pages to fill the screen, either the window expands but the page image stays the same size, or the pages have been sliced in two (right down the middle) and spread out over twice as many slides.
  I was just wondering if any other digital comic collectors out there have worked out a solution to this? Is there some check-box in Calibre I forgot to click on, or is there some other metadata-editing software out there that's better suited for graphic novels?
  If anybody's got any suggestions, I'd be happy to hear them
  Cheers,
  Kieran

  Hi everyone,
  I just bought a batch of ePUB formatted graphic novels from a third party store, and when I put them into iBooks for Mac the cover is replaced by that generic, faux leather design. Now, I absolutely acknowledge that this is entirely an OCD, anally-retentive, non-issue, but I would quite like to see the actual book covers in my library.
  Now, some people had suggested using Calibre, which I have had a go with, but there seems to be some formatting problems that appears to be unique only to comics and graphic novels. Basically, when I open the edited ePUB book and try to get the pages to fill the screen, either the window expands but the page image stays the same size, or the pages have been sliced in two (right down the middle) and spread out over twice as many slides.
  I was just wondering if any other digital comic collectors out there have worked out a solution to this? Is there some check-box in Calibre I forgot to click on, or is there some other metadata-editing software out there that's better suited for graphic novels?
  If anybody's got any suggestions, I'd be happy to hear them
  Cheers,
  Kieran

• Possible malware or infection??

  so my iphone was recently booted from my schools wifi network because they say they detected a malware infection on my" computer" . Now my iphone seems to be working fine, no signs of a problem. But they said i cant get access back till i've identified the problem and cleaned it up. is there any way to identify such a problem on my iphone if one existed????

  evilclaw2321,
  Without some verification that the packages you install only do the things they say they will, there is no way to tell what is happening.
  Without some verification and certification of the applications, whether or not a give application does more than what it says, is entirely up to how trustworthy the author and source for getting it is.
  Yes, it is possible you could have malware installed. However, troubleshooting specific applications installed by breaking your iPhone's license agreement is not something that can be done within Apple Discussions.
  Hope this helps,
  Nathan C.

• Isis Mobile wallet possible malware

  I upgraded my sim to the nfc secure and installed Isis mobile wallet
  Vipre is the best antivirus around found ... I have informed Verizon and Vipre ... Vipre techs are researching to see if it has malware or just a false positive i will post as soon as they let me know .... this posted just to make you aware of a possible security issue
  Antivirus Scan 1 threat was detected:  Trojan.AndroidOS.Generic.A
  Type: Malware
  Level: High
  about 23 hours ago  
  App Uninstalled   Application com.isis.mclient.verizon.activity was uninstalled from your device  about 23 hours ago  

  It is a false positive so no malware at all

• App Suggestion/Possibility?

  Alright, so forgive me if this is not the right place to post this, but I just found this forum and my "question" seemed most relevant to this board.
  So I know many always talk about how much of a pain it is to turn ON the bluetooth on the iPhone (especially while driving...thank you stupid California law that actually makes it MORE dangerous because of situations like this.) Well, I was just thinking, and keep in mind I don't know anything about how development of applications work, but I was wondering if it would be possible to create an application that would simply turn on and off the bluetooth when the icon is clicked from the home screen?
  Yeah, maybe it seems a little stupid and petty (and who know, maybe there is already something like this out, or it has been suggested many times...), but I think it would make my life a whole lot easier and I would use my bluetooth headset instead of the speakerphone more often. If it is possible to control something like this through applications, it couldn't be THAT hard to throw together...
  Message was edited by: GeeDuhb

  Hello vonclau,
  Welcome to the BlackBerry Support Community.
  Thank you for your question regarding the issue you are experiencing with updating BlackBerry World.
  Please attempt to install the application by going to www.blackberry.com/blackberryworld on your device browser.
  If you are unable to do so, please contact your mobile service provider to verify that you are using a data plan that supports this application.
  Cheers,
  -FB
  Come follow your BlackBerry Technical Team on Twitter! @BlackBerryHelp
  Be sure to click Kudos! for those who have helped you.
  Click "Accept as a Solution" for posts that have solved your issue(s)!

• Suspicious mystery number, possible wiretap

  A recent incoming call from Israel was masked by a different number in bold  (+00000), and this number is behaving suspiciously. This suspicious number cannot be deleted or blocked or added to contacts. It shows up with a yellow mark all the time, whenever skype is on. It may be that someone now has access to my skype account, and perhaps also to my entire computer.
  I have believed for some time that my phone calls to and from my son, who lives in Israel, are being monitored. However, this suspicious activity is quite new. 
  Please advise.

  I also read similar reports regarding possibly suspicious call from that number (you can look for similar threads preferably under Security, Privacy, Trust and Safety section) .  However, receiving such calls doesn't necessarily means that your account has been hacked or compromised.  
  CONTACT SKYPE CUSTOMER SERVICE   |  HOW TO RECORD SKYPE VIDEO CALLS  | HOW TO HANDLE SUPICIOUS CALLS AND MESSAGES   |  WINDOWS PROBLEMS TROUBLESHOOTING   |  SKYPE DOWNLOAD LINKS  
  MORE TIPS, TRICKS AND UPDATES AT
  skypefordummies.blogspot.com

• Friend with Leopard opened a possible malware attachment

  My friend who uses Leopard on a few year old MacMini got an American Airlines phony email with a supposed confirmation inside an attachment. She should have known better but she opened it, it downloaded something which she then deleted but didn't turn off her computer or modem for an hour.  Looking online, there is a new malware thing going around that looks exactly like this one. I can't tell if it will work on a Mac.  She's now in panic mode, thinking that she should buy some type of malware protective software.  Any suggestions? 

  She may find this User Tip on Viruses, Trojan Detection and Removal, as well as general Internet Security and Privacy, useful:
  https://discussions.apple.com/docs/DOC-2435
  (I have ClamXav set to scan incoming emails, but nothing else.)

• Presage Tips Window, possible Malware?

  Hello
  I've notice lately that a supposed to be a Tips Window from Presage: "To optimize and improve user experience, we collate information about your usage and process this on an external server" suddenly appear while using my phone, I've never seen it before... I'm afraid it's some kind of Malware.
  Have any of you seen this?
  Thanks, regards.

  Hi RikMoon
  Discussion Welcome to the community! Since you're new please be sure that you have checked out our Discussion guidelines
  I would have to agree with Alexdon on this one, this will likely be from a third party app or from a website you are currently viewing.
  I can only suggest removing any third party apps that you may have downloaded lately, or any apps that may have been installed around the time it started to happen.
   - Official Sony Xperia Support Staff
  If you're new to our forums make sure that you have read our Discussion guidelines.
  If you want to get in touch with the local support team for your country please visit our contact page.