TROJAN WORRY

Similar Messages

• What are the ways you can get a trojan or virus.  Should I worry?

  So if one was looking at an adult website and a new window pops up after you click something and when you try to close said window a tiny box pops up and then another on top of it asking you to hit okay if you want to leave the site, can you click ok and not have to worry about anything and also hit okay on the small box underneath it and still not have anything to worry about? I tried to quit safari instead of closing the boxes but it wouldn't let me do anything except click okay in bue to exit or hit cancel to keep looking at the new window. I have had that happen twice. Never put in or was asked for a password.
  Should I be worried?

  'Worry' is a problem more easily fixed than vulnerability to malware. Apple has no control over what you install on its computer, or what vulnerabilities Adobe or another company has built into its latest release. I like to backup regularly, and keep sensitive materials off your computer (on DVD, for example) until needed, when you can mount them.
  Should you want to wander in such dangerous streets as 'adult' websites or security websites, 'worry' can be eliminated by switching your browser to Firefox, then add the 'Finjan' security extension. Now, when you use an internet search engine, Finjan will examine the links listed for attempts to install malware or engage in other suspicious activity. That should reduce your worry.
  The latest Mac TV add says Mac laptops are very popular on university campuses. It's never too early to develop good security habits. Bad security habits are hard to break; and there will be a time when you need to.
  The worst habit is not being careful: mistyping a popular website into the Google engine (I use the Wikipedia for a link to the real one), panicking when you get alarming e-mail, clicking a hyperlink on e-mail (without waiting for the real url to pop-up) rather that going there from a reliable bookmark or web-location icon (which is faster), paying with credit card rather than on-line bank, not clicking the little commercial icons to verify the legitimacy of a website. You get the idea: 'not bothering'.
  When you click and button that says 'Click here to Close Window', it will often attempt to install malware. You can always 'Force Quit' from the poison apple drop-down menu instead, if you're trapped.
  Bruce

• Worried that 'malware' or 'trojan' had damaged my permissions...

  Today, my husband called me at work panicking that Safari (on my iMac G5) had been taken over by something throwing up warning panes all over the screen. He had been on 'Olga's Gallery' looking up Constable, the painter (honest!) and clicked on 'About the artist' and a 'fake'(?) Safari pane popped up with alerts about viruses etc. Now, not being too computer literate, he unfortunately clicked 'Cancel' instead of just quitting and a whole host of panes appeared in the background of the screen. I've checked the History and their addresses were: www.adserver.eosads.com and www.media.fastclick.net - ring any bells with anyone??
  He couldn't force quit or shut down - Safari wouldn't respond - and a box popped up saying that Safari would not let him quit.
  Now, as I was at work and he can't remember the exact details of what was on these panes, it's hard for me to try and diagnose this (I'm NO expert anyway), but I told him to shut down at the back and hold the button down to reset the PRAM.
  When I got home, I ran Disk Utilities and checked the permissions. Mac ran fine, but permissions have warnings on them, most notably:
  'Warning: SUID file "System/Library/Filesystems/AppleShare/afpLoad" has been modified and will not be repaired'
  There are 4 of these warnings but I won't list them here yet. I'm typing this on my iBook right now, as I'm running MacScan on the iMac G5 and it's only halfway through (no spyware has come up yet). I'm aware this could be the result of some malicious pop-up ad for some fake anti-virus and although I'm expecting that although nothing has infected my iMac (running latest version of Leopard and updated the Security on Sunday), as nothing appears to have been 'installed', I am concern it's damaged my HD?
  Please can someone out there shed some light on this if at all possible and suggest what I can do to clean up my system and prevent this from happening again.
  Many thanks.

  Did he try force quit from Finder's menu?
  See if there is a popup blocker on your browser.
  I use Firefox with Adblock plus plugin which can ignore specific sites.
  [Mac OS X 10.5: Disk Utility's Repair Disk Permissions reports issues with SUID files|http://support.apple.com/kb/TS1448] - don't need to worry.
  If anything caused damage it was probably the abrupt shutdown. I'd run Disk Utility to verify the drive, repair permissions.
  [Using Disk Utility in Mac OS X 10.4.3 or later|http://docs.info.apple.com/article.html?artnum=302672]
  [Disk Utility's Repair Disk Permissions|http://docs.info.apple.com/article.html?artnum=25751]
  Some people have had virus-like behavior appear on web pages due to a service (DNS) supplied by their ISP having a security vulnerability. This isn't your computer but your ISP. Nonetheless, it is a security risk. If you experience strange page behavior (e.g., ads for things on sites where you wouldn't expect those kind of ads) try putting these numbers in Network>TCP/IP>DNS Servers:
  208.67.222.222
  208.67.220.220

• Do I have a virus or Trojan malware on my MacBook Pro?

  I downloaded a faulty mp3 file from the internet which I think infected my computer with either a virus or Trojan malware. It took over my computer and disallowed me from accessing any applications. I clicked on Finder, for example, and a window would pop up saying, "Application not found," with a number after it. I rebooted by computer and was able to log back in using Safe Mode. Here, I deleted the  file I had downloaded, or so I thought, by dragging it to the trash and emptying it. However, my computer is acting bizarre and barely functions. I am unable to use DVD Player, it says, "There was an initialization error" with code -70017. My volume is unaccessible, there is a circle with a slash through it when I try to use it. Itunes will not work, Iphoto keeps crashing and will not open, and my internet browser is extremely slow and will not play video.
  I have downloaded and installed Sophoes Anti-Virus and MacScan in an attempt to rid my computer of the virus but it did not seem to do anything.
  Suggestions as to how to fix this problem would be greatly appreciated.

  This is not the work of a virus, or any other kind of malware. What it sounds like is a very badly corrupt hard drive causing all manner of corruption in your various system components and applications. You probably need to erase your hard drive and reinstall the system from scratch, as ds store has said.
  If you actually had malware, Sophos would find it. If Sophos found nothing, there was almost certainly nothing to find. If something like Sophos ever should find malware, unless the malware has "OSX" or "MacOS" in the name, it probably isn't Mac malware and thus isn't something you need to worry about (other than not passing it on to other people).
  MacScan is junk. It serves no useful purpose. See:
  MacScan disappoints

• I have received an email from a friend with a link which I clicked. It directed me to the google home page and I am now suspicious that it is a virus  or a Trojan horse. I would know what to do on my PC but am new to Ipad. How can I check?

  I have received an email from a friend with a link which I clicked. It took me to the google home page. I am now suspicious that my friend's email account has been hijacked and the link contained a virus or a Trojan horse. I would know what to do on my PC but am new to the IPad. Can any form of Trojan horse be planted on IOS 6 or am I worrying unnecessarily? Reassurance would be most welcome as I do use the IPad for checking bank details and web purchases. Thanks for any help.

  PC virus won't run on iPad.

• I have a trojan on my iMac, how can I remove it?

  I have what I believe is a trojan. Basically what it does is redirect me to http://flvdirect.iamwired.net/ when I'm under Safari.
  I've researched this issue and couldn't really find people who had this issue on Mac, even on PC it seems to be rare.
  But I think I know what caused it. Earlier today I looked for a way to download Youtube videos. There's several sites where you enter the link, and they ask you to accept something (my Mac warned me that I'm at my own risk). Obviously I declined, but I kept looking around for another solution. Finally I found a Safari extension on a site like Softpedia (don't remember the name however), and I even still have the DMG file: youtube_downloader_pro_mac-1.0.0.0-sf-macosx10.6.dmg
  Strangely enough, the "extension" doesn't appear in the Safari extensions menu, and I can't find it anywhere else on my computer either. I tried looking for all possible names or for all possible "culprits" in various folders (Preferences, Logs, Cache, etc.) and also with CCleaner. How can I get rid of it?
  I've noticed that it's only on Safari. I renewed the DHCP-Lease, don't ask me why, thought it might help. It reset some stuff. I removed proxies (I think I was using these before, but the trojan might have hacked them in somehow, at least I've read about that), and weirdly enough in the WLAN section of the Network preferences, there was another Wlan hotspot, that I had never seen. I had never seen any WLAN around here actually because there isn't really anyone using it. But maybe I'm wrong. What's weird is that it says "Preferred networks", when clearly, I never connected with that.
  I searched for WLAN networks again now, and I can't find this network anymore. Too bad that I removed it from the list already, I should have written down the name first. It started with "ml".
  I also noticed that my Safari home page was set to Iamwired.net, that's probably the reason why it redirected me there. What can I do people?
  I'm thankfull for all answers! That's the first time something like this happened to me!
  Cheers!

  @ etresoft: Well, I downloaded it from the official Java site, so I supposed it should be safe! And by the way, how do I know you're software doesn't contain malware now?
  @ Thomas: I read your article and removed those internet plugins. I also removed anything Java related, or at least I believe I did. I didn't notice anything suspicious in the internet plugins however. I'm still bothered where this "Youtube downloader" plugin has gone. I mean I've installed it, it MUST be somewhere...
  If you want I can send you that DMG file, in case you think you could analyse it somehow? I still have the site I downloaded it from somewhere in my history, it shouldn't be hard to find it. But I don't want you to get infected as well, so I wouldn't open it! Perhaps you can analyze it in a way without opening it however?
  For now however, Safari seems to work. No more redirecting. Java is allowed, so are plugins and also extensions. I'm still worried that the thing is hiding somewhere in my computer and that it may get hold of private data.
  I've run an app called VirusBarrier express earlier (downloaded from the App store, should be safe!), it scanned by whole computer and didn't find anything. But then... it may not have found anything because this isn't a virus, right? Do you believe it can found trojans or other malware?
  @ etre: I've still run your program and don't think I've noticed anything suspicious! I don't want to post everything on here since it also may contain private data (I saw an email address) so maybe you can tell me what to look out for? There's a few things where it says "failed" but I've had these for ages.

• I might have a virus or trojan on my MacBook Pro. Unwanted pages open when I'm using my yahoo account. What do I do?

  Whenever I use my yahoo account, a page with some fishy offers opens and I need to click a few of "Yes, I really want to leave this page" before I can exit it! If I don't click on all those "Yes"'s I'm not able to quit Safari (only when I do Force Quit). Reading about recent trojans and such I'm worried, this might be the case. I should say, it's always the same page that opens. Thanks for your help!

  Sounds like a problem with Yahoo itself, then.
  One thing that could help would be to clear your browser's cache. Open Safari and look for an Empty Caches item in the Safari menu. If you have a newer version of Safari, it won't be there. In that case, you will need to go to the Advanced pane in Safari's preferences and check the box to show the Develop menu. Then, from the Develop menu, choose Empty Caches. See if that helps.

• Trojan, possibly mackeeper, on macbook air and can't get rid of it

  So I accidentally downloaded a file that would allow me to watch a video because "mine was out of date" or something, not Adobe, and wasn't really paying attention and realized that I download it and when I thought i was deleting it I realized I installed it instead. I wasn't that worried about it at first because I was always under the impressions that macs couldn't get any type of virus at all. I had thought that just deleting the files off the computer would solve my problems but they didn't and can't seem to find any other suspicious files so they appear to be gone. I continuously get adds for "mackeeper", anti-virus products and then just some random stuff every time i open a new tab. I have spent hours trying to figure out how to get rid of this and I have been unsuccessful. I download an anti-virus product, Sophos Anti-virus, and did a full scan but it said there were no threats, maybe due to me deleting files. I then checked my extensions in my Safari preferences and there is not a single extension there. I have tried looking/ using the terminal and activity monitor to help this, due to others suggesting this with instructions, and haven't been able to understand the directions at all to get it to work. Also I get these pop-ups in both safari and chrome. I don't know what to do next and can't find anything that seems to work. Would a complete reboot of the computer fix this? Do I need to try a new anti-virus system? or is there some other way to fix it that I'm missing? or am i screwed because I actually installed this program and then deleted the files that I found which I also deleted from the trash? Please help

  There is no need to download anything to solve this problem. You may have installed a variant of the "VSearch" ad-injection malware. Follow Apple Support's instructions to remove it.
  If you have trouble following those instructions, see below.
  Malware is always changing to get around the defenses against it. This procedure works as of now, as far as I know. It may not work in the future. Anyone finding this comment a few days or more after it was posted should look for a more recent discussion, or start a new one.
  The VSearch malware tries to hide itself by varying the names of the files it installs. To remove it, you must first identify the naming pattern.
  Triple-click the line below on this page to select it, then copy the text to the Clipboard by pressing the key combination  command-C:
  /Library/LaunchDaemons
  In the Finder, select
            Go ▹ Go to Folder...
  from the menu bar and paste into the box that opens by pressing command-V. You won't see what you pasted because a line break is included. Press return.
  A folder named "LaunchDaemons" may open. Look inside it for two files with names of the form
            com.something.daemon.plist
  and
             com.something.helper.plist
  Here something is a variable string of characters, which can be different in each case. So far it has always been a string of letters without punctuation, such as "cloud," "dot," "highway," "submarine," or "trusteddownloads." Sometimes it's a meaningless string such as "e8dec5ae7fc75c28" rather than a word. Sometimes the string is "apple," and then you must be especially careful not to delete the wrong files, because many built-in OS X files have similar names.
  If you find these files, leave the LaunchDaemons folder open, and open the following folder in the same way:
  /Library/LaunchAgents
  In this folder, there may be a file named
            com.something.agent.plist
  where the string something is the same as before.
  If you feel confident that you've identified the above files, back up all data, then drag just those three files—nothing else—to the Trash. You may be prompted for your administrator login password. Close the Finder windows and restart the computer.
  Don't delete the "LaunchAgents" or "LaunchDaemons" folder or anything else inside either one.
  The malware is now permanently inactivated, as long as you never reinstall it. You can stop here if you like, or you can remove two remaining components for the sake of completeness.
  Open this folder:
  /Library/Application Support
  If it has a subfolder named just
             something
  where something is the same string you saw before, drag that subfolder to the Trash and close the window.
  Don't delete the "Application Support" folder or anything else inside it.
  Finally, in this folder:
  /System/Library/Frameworks
  there may an item named exactly
              v.framework
  It's actually a folder, though it has a different icon than usual. This item always has the above name; it doesn't vary. Drag it to the Trash and close the window.
  Don't delete the "Frameworks" folder or anything else inside it.
  If you didn't find the files or you're not sure about the identification, post what you found.
  If in doubt, or if you have no backups, change nothing at all.
  The trouble may have started when you downloaded and ran an application called "MPlayerX." That's the name of a legitimate free movie player, but the name is also used fraudulently to distribute VSearch. If there is an item with that name in the Applications folder, delete it, and if you wish, replace it with the genuine article from mplayerx.org.
  This trojan is often found on illegal websites that traffic in pirated content such as movies. If you, or anyone else who uses the computer, visit such sites and follow prompts to install software, you can expect more of the same, and worse, to follow. Never install any software that you downloaded from a bittorrent, or that was downloaded by someone else from an unknown source.
  In the Security & Privacy pane of System Preferences, select the General tab. The radio button marked Anywhere  should not be selected. If it is, click the lock icon to unlock the settings, then select one of the other buttons. After that, don't ignore a warning that you are about to run or install an application from an unknown developer.
  Then, still in System Preferences, open the App Store or Software Update pane and check the box marked
            Install system data files and security updates (OS X 10.10 or later)
  or
            Download updates automatically (OS X 10.9 or earlier)
  if it's not already checked.

• Trojan virus how do you know you have it?

  I was asked to update my adobe acrobat reader. I replied no. Is there an issue with Adobe?
  also disable the java plug in? what will that do?

  Disable Java in your Browser settings, not JavaScript.
  http://support.apple.com/kb/HT5241?viewlocale=en_US
  http://support.google.com/chrome/bin/answer.py?hl=en-GB&answer=142064
  http://support.mozilla.org/en-US/kb/How%20to%20turn%20off%20Java%20applets
  Little Snitch, stops/alerts outgoing stuff...
  http://www.obdev.at/products/littlesnitch/index.html
  Flashback - Detect and remove the uprising Mac OS X Trojan...
  http://www.mac-and-i.net/2012/04/flashback-detect-and-remove-uprising.html
  In order to avoid detection, the installer will first look for the presence of some antivirus tools and other utilities that might be present on a power user's system, which according to F-Secure include the following:
  /Library/Little Snitch
  /Developer/Applications/Xcode.app/Contents/MacOS/Xcode
  /Applications/VirusBarrier X6.app
  /Applications/iAntiVirus/iAntiVirus.app
  /Applications/avast!.app
  /Applications/ClamXav.app
  /Applications/HTTPScoop.app
  /Applications/Packet Peeper.app
  If these tools are found, then the malware deletes itself in an attempt to prevent detection by those who have the means and capability to do so. Many malware programs use this behavior, as was seen in others such as the Tsunami malware bot.
  MadMacs0 says...
  This script from F-Secure is the only one I'm currently recommending http://www.f-secure.com/weblog/archives/00002346.html
  http://reviews.cnet.com/8301-13727_7-57410096-263/how-to-remove-the-flashback-ma lware-from-os-x/
  http://x704.net/bbs/viewtopic.php?f=8&t=5844&p=70660#p70660
  Open DNS also blocks the FlashBack thing...
  http://blog.opendns.com/2012/04/09/worried-about-mac-malware-just-set-up-opendns /

• Viruses, malware, trojans, etc.

  I have an MPB, OSX 10.5.8 and a 16.5 year old son. I was able to resolve the kernel panic problem, but only because I had access to an external drive version of an install disc with which I could fire up Disk Utility, which then made repairs. I had been able to reboot from neither an onboard install disc nor an internal TechTool eDrive.
  Suspicious, I installed and ran ClamXav anti-virus tool and found two items:
  hottiestar_installer.exe decsribed as Trojan.Inject-3034, and
  useGoingBook.class-73a68686-5131a64d.class described as Trojan.Downloader.Java.ClassLoader-1 .
  ClamXav placed the two in a folder and then I trashed them both. Am I done? Is it safe? I know so little about how these things operate and what they do. It seems like I've killed the messengers, but have I destroyed the messages?
  Is it more likely that these were picked up from friends with infected Windows machines than from direct downloading to the MPB?
  Thank you.

  Raven Icefire wrote:
  I am looking at buying a MBP. My brother goes to ITT and he said that they are talking about the rise of mac viruses. Is this something I should consider when buying, like should I pay for the anti-virus or are the types of viruses that they were talking about not something to worry about?
  Welcome to Apple's discussion groups.
  There really are no Mac viruses in the traditional sense. There are Mac trojans, which can be avoided by actions such as declining offers to install "codecs" that claim to allow viewing of questionable content.
  Safari and OS X have a certain amount of malware protection already built in. If you really want to install anti-virus software on a Mac, consider ClamXav: http://www.clamxav.com/
  One more piece of advice: If you're looking for advice, start your own thread instead of attaching your question to a thread already marked as "answered", as those threads receive a lot less attention than unanswered threads.

• Is there a trojan in the Adobe Reader 9 install?

  After downloading Adobe Reader 9 to my desktop and then clicking on it to install, my AVG popped up a warning saying it contained a trojan, Air install, or something like that. I cancelled the installation, and Adobe said nothing was changed on my computer, but now I'm worried . . .
  I understand that sometimes an installation looks like a virus or some kind of malware when it isn't. I just want to know whether to turn off AVG and complete the install, or whether Adobe, or some employee, has added a trojan--not necessarily malicious, but one that adds extra load to my computer for whatever purposes are beneficial to them.

  Aandi, I read your post and the article to which you linked, but the article had to do with version 7. The article also stated that "GRISoft acknowledged the problem and said that it planned it [not "it", to] issue a new update that fixed the problem . . . ."
  Perhaps it is the same problem with version 9--a faulty anti-virus signature update, and if it is, I'll wait until they correct it before installing version 9. I think Adobe should get with the trojan detector companies (AVG and Avast)and figure out a solution or issue a statement, notice, or something official to put our minds at ease.

• Trojan Programme Detected?

  Hello, Macbook users!
  I use Macbook Pro and I recently received a warning from Kaspersky that my mac is infected with Trojan virus.
  My school re-imaged my MacBook on Thursday 22 August 2013 and Kaspersky detected "Trojan.Win32.Hosts2.Gen" in File / Private / etc / hosts on Friday 23 August 2013. (It's so weired! I NEVER torrent!)
  However, I saw a post on Kaspersky discussion forum and some of the users aruge that they might have received false warning. So, I'm just wondering if this was just a false warning or real one. But I guess my Mac is really infected with Trojan virus since I am running few anti virus programmes at the same time and all of them give me warnings about virus / infected files. I disinfected the detected files but I'm still concerend.
  I did some research about Trojan virus and I am so worried now.
  So what I know is:
  1. Trojan programme is a very dangerous virus programme.
  2. Hackers can hack through my computer if my computer is infected with Trojan virus.
  3. Recent Trojan programmes are so smart they hide themselves and even Terminal cannot detect them.
  I'm so concerned right now I can't do anything
  So my questions are:
  1. How do I completely get rid of Trojan virus? I'm scanning my Mac with Kaspersky, Magician, Sophos and Dr. Web Light now and they give me different results so I am kind of skeptical about using Anti-virus programme.
  2. Is there any possibility that I got Trojan because of re-imaging? Would it be better if I ask the school to re-image my computer again?
  3. Can re-imaging get rid of Trojan virus?
  4. If the answer to question 2 is no, how did I get Trojan virus?
  5. What do the Trojan remains do? Is there any possibility that remains do any harm to my computer?
  6. How do I view hidden Trojan files?
  7. Could it be a false warning?
  I'm so confused and frustrated right now. I never had virus before and I thought Mac don't get virus. I'm really concerned that I might lose all my files and documents. I asked around a bit but I still don't know what to do. Please, please, please help me!
  Thanks in advance!
  *P.S: The photos might help!

  Here are the contents of the file of etc/hosts requested above.
  216.239.32.20 www.google.ac # __CE_WATERMARK__
  216.239.32.20 www.google.ad # __CE_WATERMARK__
  216.239.32.20 www.google.ae # __CE_WATERMARK__
  216.239.32.20 www.google.al # __CE_WATERMARK__
  216.239.32.20 www.google.am # __CE_WATERMARK__
  216.239.32.20 www.google.as # __CE_WATERMARK__
  216.239.32.20 www.google.at # __CE_WATERMARK__
  216.239.32.20 www.google.az # __CE_WATERMARK__
  216.239.32.20 www.google.ba # __CE_WATERMARK__
  216.239.32.20 www.google.be # __CE_WATERMARK__
  216.239.32.20 www.google.bf # __CE_WATERMARK__
  216.239.32.20 www.google.bg # __CE_WATERMARK__
  216.239.32.20 www.google.bi # __CE_WATERMARK__
  216.239.32.20 www.google.bj # __CE_WATERMARK__
  216.239.32.20 www.google.bs # __CE_WATERMARK__
  216.239.32.20 www.google.bt # __CE_WATERMARK__
  216.239.32.20 www.google.by # __CE_WATERMARK__
  216.239.32.20 www.google.ca # __CE_WATERMARK__
  216.239.32.20 www.google.cat # __CE_WATERMARK__
  216.239.32.20 www.google.cc # __CE_WATERMARK__
  216.239.32.20 www.google.cd # __CE_WATERMARK__
  216.239.32.20 www.google.cf # __CE_WATERMARK__
  216.239.32.20 www.google.cg # __CE_WATERMARK__
  216.239.32.20 www.google.ch # __CE_WATERMARK__
  216.239.32.20 www.google.ci # __CE_WATERMARK__
  216.239.32.20 www.google.cl # __CE_WATERMARK__
  216.239.32.20 www.google.cm # __CE_WATERMARK__
  216.239.32.20 www.google.cn # __CE_WATERMARK__
  216.239.32.20 www.google.co.ao # __CE_WATERMARK__
  216.239.32.20 www.google.co.bw # __CE_WATERMARK__
  216.239.32.20 www.google.co.ck # __CE_WATERMARK__
  216.239.32.20 www.google.co.cr # __CE_WATERMARK__
  216.239.32.20 www.google.co.id # __CE_WATERMARK__
  216.239.32.20 www.google.co.il # __CE_WATERMARK__
  216.239.32.20 www.google.co.in # __CE_WATERMARK__
  216.239.32.20 www.google.co.jp # __CE_WATERMARK__
  216.239.32.20 www.google.co.ke # __CE_WATERMARK__
  216.239.32.20 www.google.co.kr # __CE_WATERMARK__
  216.239.32.20 www.google.co.ls # __CE_WATERMARK__
  216.239.32.20 www.google.co.ma # __CE_WATERMARK__
  216.239.32.20 www.google.co.mz # __CE_WATERMARK__
  216.239.32.20 www.google.co.nz # __CE_WATERMARK__
  216.239.32.20 www.google.co.th # __CE_WATERMARK__
  216.239.32.20 www.google.co.tz # __CE_WATERMARK__
  216.239.32.20 www.google.co.ug # __CE_WATERMARK__
  216.239.32.20 www.google.co.uk # __CE_WATERMARK__
  216.239.32.20 www.google.co.uz # __CE_WATERMARK__
  216.239.32.20 www.google.co.ve # __CE_WATERMARK__
  216.239.32.20 www.google.co.vi # __CE_WATERMARK__
  216.239.32.20 www.google.co.za # __CE_WATERMARK__
  216.239.32.20 www.google.co.zm # __CE_WATERMARK__
  216.239.32.20 www.google.co.zw # __CE_WATERMARK__
  216.239.32.20 www.google.com # __CE_WATERMARK__
  216.239.32.20 www.google.com.af # __CE_WATERMARK__
  216.239.32.20 www.google.com.ag # __CE_WATERMARK__
  216.239.32.20 www.google.com.ai # __CE_WATERMARK__
  216.239.32.20 www.google.com.ar # __CE_WATERMARK__
  216.239.32.20 www.google.com.au # __CE_WATERMARK__
  216.239.32.20 www.google.com.bd # __CE_WATERMARK__
  216.239.32.20 www.google.com.bh # __CE_WATERMARK__
  216.239.32.20 www.google.com.bn # __CE_WATERMARK__
  216.239.32.20 www.google.com.bo # __CE_WATERMARK__
  216.239.32.20 www.google.com.br # __CE_WATERMARK__
  216.239.32.20 www.google.com.bz # __CE_WATERMARK__
  216.239.32.20 www.google.com.co # __CE_WATERMARK__
  216.239.32.20 www.google.com.cu # __CE_WATERMARK__
  216.239.32.20 www.google.com.cy # __CE_WATERMARK__
  216.239.32.20 www.google.com.do # __CE_WATERMARK__
  216.239.32.20 www.google.com.ec # __CE_WATERMARK__
  216.239.32.20 www.google.com.eg # __CE_WATERMARK__
  216.239.32.20 www.google.com.et # __CE_WATERMARK__
  216.239.32.20 www.google.com.fj # __CE_WATERMARK__
  216.239.32.20 www.google.com.gh # __CE_WATERMARK__
  216.239.32.20 www.google.com.gi # __CE_WATERMARK__
  216.239.32.20 www.google.com.gt # __CE_WATERMARK__
  216.239.32.20 www.google.com.hk # __CE_WATERMARK__
  216.239.32.20 www.google.com.jm # __CE_WATERMARK__
  216.239.32.20 www.google.com.kh # __CE_WATERMARK__
  216.239.32.20 www.google.com.kw # __CE_WATERMARK__
  216.239.32.20 www.google.com.lb # __CE_WATERMARK__
  216.239.32.20 www.google.com.lc # __CE_WATERMARK__
  216.239.32.20 www.google.com.ly # __CE_WATERMARK__
  216.239.32.20 www.google.com.mm # __CE_WATERMARK__
  216.239.32.20 www.google.com.mt # __CE_WATERMARK__
  216.239.32.20 www.google.com.mx # __CE_WATERMARK__
  216.239.32.20 www.google.com.my # __CE_WATERMARK__
  216.239.32.20 www.google.com.na # __CE_WATERMARK__
  216.239.32.20 www.google.com.nf # __CE_WATERMARK__
  216.239.32.20 www.google.com.ng # __CE_WATERMARK__
  216.239.32.20 www.google.com.ni # __CE_WATERMARK__
  216.239.32.20 www.google.com.np # __CE_WATERMARK__
  216.239.32.20 www.google.com.om # __CE_WATERMARK__
  216.239.32.20 www.google.com.pa # __CE_WATERMARK__
  216.239.32.20 www.google.com.pe # __CE_WATERMARK__
  216.239.32.20 www.google.com.pg # __CE_WATERMARK__
  216.239.32.20 www.google.com.ph # __CE_WATERMARK__
  216.239.32.20 www.google.com.pk # __CE_WATERMARK__
  216.239.32.20 www.google.com.pr # __CE_WATERMARK__
  216.239.32.20 www.google.com.py # __CE_WATERMARK__
  216.239.32.20 www.google.com.qa # __CE_WATERMARK__
  216.239.32.20 www.google.com.sa # __CE_WATERMARK__
  216.239.32.20 www.google.com.sb # __CE_WATERMARK__
  216.239.32.20 www.google.com.sg # __CE_WATERMARK__
  216.239.32.20 www.google.com.sl # __CE_WATERMARK__
  216.239.32.20 www.google.com.sv # __CE_WATERMARK__
  216.239.32.20 www.google.com.tj # __CE_WATERMARK__
  216.239.32.20 www.google.com.tn # __CE_WATERMARK__
  216.239.32.20 www.google.com.tr # __CE_WATERMARK__
  216.239.32.20 www.google.com.tw # __CE_WATERMARK__
  216.239.32.20 www.google.com.ua # __CE_WATERMARK__
  216.239.32.20 www.google.com.uy # __CE_WATERMARK__
  216.239.32.20 www.google.com.vc # __CE_WATERMARK__
  216.239.32.20 www.google.com.vn # __CE_WATERMARK__
  216.239.32.20 www.google.cv # __CE_WATERMARK__
  216.239.32.20 www.google.cz # __CE_WATERMARK__
  216.239.32.20 www.google.de # __CE_WATERMARK__
  216.239.32.20 www.google.dj # __CE_WATERMARK__
  216.239.32.20 www.google.dk # __CE_WATERMARK__
  216.239.32.20 www.google.dm # __CE_WATERMARK__
  216.239.32.20 www.google.dz # __CE_WATERMARK__
  216.239.32.20 www.google.ee # __CE_WATERMARK__
  216.239.32.20 www.google.es # __CE_WATERMARK__
  216.239.32.20 www.google.fi # __CE_WATERMARK__
  216.239.32.20 www.google.fm # __CE_WATERMARK__
  216.239.32.20 www.google.fr # __CE_WATERMARK__
  216.239.32.20 www.google.ga # __CE_WATERMARK__
  216.239.32.20 www.google.ge # __CE_WATERMARK__
  216.239.32.20 www.google.gf # __CE_WATERMARK__
  216.239.32.20 www.google.gg # __CE_WATERMARK__
  216.239.32.20 www.google.gl # __CE_WATERMARK__
  216.239.32.20 www.google.gm # __CE_WATERMARK__
  216.239.32.20 www.google.gp # __CE_WATERMARK__
  216.239.32.20 www.google.gr # __CE_WATERMARK__
  216.239.32.20 www.google.gy # __CE_WATERMARK__
  216.239.32.20 www.google.hn # __CE_WATERMARK__
  216.239.32.20 www.google.hr # __CE_WATERMARK__
  216.239.32.20 www.google.ht # __CE_WATERMARK__
  216.239.32.20 www.google.hu # __CE_WATERMARK__
  216.239.32.20 www.google.ie # __CE_WATERMARK__
  216.239.32.20 www.google.im # __CE_WATERMARK__
  216.239.32.20 www.google.io # __CE_WATERMARK__
  216.239.32.20 www.google.iq # __CE_WATERMARK__
  216.239.32.20 www.google.ir # __CE_WATERMARK__
  216.239.32.20 www.google.is # __CE_WATERMARK__
  216.239.32.20 www.google.it # __CE_WATERMARK__
  216.239.32.20 www.google.je # __CE_WATERMARK__
  216.239.32.20 www.google.jo # __CE_WATERMARK__
  216.239.32.20 www.google.kg # __CE_WATERMARK__
  216.239.32.20 www.google.ki # __CE_WATERMARK__
  216.239.32.20 www.google.kz # __CE_WATERMARK__
  216.239.32.20 www.google.la # __CE_WATERMARK__
  216.239.32.20 www.google.li # __CE_WATERMARK__
  216.239.32.20 www.google.lk # __CE_WATERMARK__
  216.239.32.20 www.google.lt # __CE_WATERMARK__
  216.239.32.20 www.google.lu # __CE_WATERMARK__
  216.239.32.20 www.google.lv # __CE_WATERMARK__
  216.239.32.20 www.google.md # __CE_WATERMARK__
  216.239.32.20 www.google.me # __CE_WATERMARK__
  216.239.32.20 www.google.mg # __CE_WATERMARK__
  216.239.32.20 www.google.mk # __CE_WATERMARK__
  216.239.32.20 www.google.ml # __CE_WATERMARK__
  216.239.32.20 www.google.mn # __CE_WATERMARK__
  216.239.32.20 www.google.ms # __CE_WATERMARK__
  216.239.32.20 www.google.mu # __CE_WATERMARK__
  216.239.32.20 www.google.mv # __CE_WATERMARK__
  216.239.32.20 www.google.mw # __CE_WATERMARK__
  216.239.32.20 www.google.ne # __CE_WATERMARK__
  216.239.32.20 www.google.nl # __CE_WATERMARK__
  216.239.32.20 www.google.no # __CE_WATERMARK__
  216.239.32.20 www.google.nr # __CE_WATERMARK__
  216.239.32.20 www.google.nu # __CE_WATERMARK__
  216.239.32.20 www.google.pl # __CE_WATERMARK__
  216.239.32.20 www.google.pn # __CE_WATERMARK__
  216.239.32.20 www.google.ps # __CE_WATERMARK__
  216.239.32.20 www.google.pt # __CE_WATERMARK__
  216.239.32.20 www.google.ro # __CE_WATERMARK__
  216.239.32.20 www.google.rs # __CE_WATERMARK__
  216.239.32.20 www.google.ru # __CE_WATERMARK__
  216.239.32.20 www.google.rw # __CE_WATERMARK__
  216.239.32.20 www.google.sc # __CE_WATERMARK__
  216.239.32.20 www.google.se # __CE_WATERMARK__
  216.239.32.20 www.google.sh # __CE_WATERMARK__
  216.239.32.20 www.google.si # __CE_WATERMARK__
  216.239.32.20 www.google.sk # __CE_WATERMARK__
  216.239.32.20 www.google.sm # __CE_WATERMARK__
  216.239.32.20 www.google.sn # __CE_WATERMARK__
  216.239.32.20 www.google.so # __CE_WATERMARK__
  216.239.32.20 www.google.st # __CE_WATERMARK__
  216.239.32.20 www.google.td # __CE_WATERMARK__
  216.239.32.20 www.google.tg # __CE_WATERMARK__
  216.239.32.20 www.google.tk # __CE_WATERMARK__
  216.239.32.20 www.google.tl # __CE_WATERMARK__
  216.239.32.20 www.google.tm # __CE_WATERMARK__
  216.239.32.20 www.google.tn # __CE_WATERMARK__
  216.239.32.20 www.google.to # __CE_WATERMARK__
  216.239.32.20 www.google.tt # __CE_WATERMARK__
  216.239.32.20 www.google.us # __CE_WATERMARK__
  216.239.32.20 www.google.vg # __CE_WATERMARK__
  216.239.32.20 www.google.vu # __CE_WATERMARK__
  216.239.32.20 www.google.ws # __CE_WATERMARK__
  #This file has been replaced with its default version by Kaspersky Lab because of possible infection
  127.0.0.1 localhost
  ::1 localhost

• Worried about online gaming and security!

  Currently playing Quake 4 on my iMac. All of a sudden my cd-key doesn't work with a message "your cd-key is in use", waited a few minutes, restarted and it worked fine.
  I'm worried that someone got access to it. Should I be worried about other files, systems, etc... on my iMac. Anyone know of any concerns?
  Sorry, don't know if this the right place.

  Highly, highly unlikely your system was compromised. Gaining remote entry to your filesystem would've required some kind of trojan backdoor or exploit. And considering that there are very few in existence for the mac, and practically none in the wild, the chance that there would be one stealing Quake 4 keys is about zero.
  That message could've been the result of a network error, or a previous login session of yours that hadn't been terminated on their end yet. Also, pirated copies of games often use randomly generated keys, so it is possible that a copy of yours came up. Either way, if it doesn't keep happening, I wouldn't worry about it.

• Could be a Trojan?

  A couple of month ago i had a trojan on my Macbook pro 2008. At the university we received from other employ an e-mail with a pdf attachment that turn out being a trojan. The last extension was not a pdf and it was opened as a graphic file. At that time i had an open source program (don't remember the name) and when it opened i got 3 windows messages telling me that they had substitute/modify a font and gave me only the OK button to click. Few days after my computer resulted infected with a trojan that was successfully removed with the McAfee given by the university itself. Now yesterday i was opening a picture imported from a scanner and I needed to modified it. I opened it in Photoshop and I got again the same window for the font. This time I did not clicked on the OK, i shut off the computer and started again. I run a McAfee and it seams to be clean, but I'm worried that it could be again a trojan.
  Just two more informations: Photoshop is original from the University where i work and it was not the first time that i was using it.
  I there someone that have a clue of what is going on?
  Thanks

  snow-leopard wrote:
  I know, i'm not worried about viruses but i'm under a medical center network and as soon as detects a "attack" the computer get quarantined and it takes ages to get it unlock once removed. I got worried for the message because as i said few days later i got locked out from the net.......
  Well, that is an important point. I think you may be one of the few people who could actually benefit from Mac antivirus software. Even though your Mac is unaffected, it is possible you could forward an infected file to someone else without realizing it. Normally, that wouldn't bother me. The infected file didn't originate on the Mac so it shouldn't be the Mac's responsibility to do PC virus scans for them. But corporate security would never see it that way and that could be what got your Mac quarantined. You are essentially being punished for the Mac's invulnerability.
  I suggest looking at the corporate version of Symantec AntiVirus. This is not the same as Norton that you would buy in the stores. This is a corporate product. I have it on my work machine and it is very unobtrusive.
  Still, a trojan is not the same as a virus. You would have to physically run the trojan and probably give it your administrator password for it to do anything on your Mac. Even then, the handful of Mac trojans that exist probably wouldn't do anything to trigger your corporate quarantining anyway.
  And again, those font substitution dialogs are nothing. There are a number of Adobe-specific attacks that could infect a Mac if you use Adobe products. Whether or not you use Adobe products, you could still pass them on to others.

• PLEASE HELP!!!!! I THINK I GOT A VIRUS/TROJAN/WORM

  Yes this is the first time this has occurred..
  I will tell you what happened... Here i go
  Ok tonight i sent an im over aim to somebody and they said i sent a link which i didnt and i send another im to another person and they also said i sent a link which i didnt. So i dont know what this is, is it a trojan horse, a virus, or just a worm? I would think it would be a trojan horse. But i asked them what did the link say and they sent it back to me but it didnt register. And she told me that she sent it... Andi didnt think about it being a virus/trojan/worm untill she exited out of the window. Well i asked her what the link was and she said she didnt know. So it i told her if she gets the link again just send it back to me with out the .com so it wouldnt be a link. I am worried that i got one b/c this is the first time this has happened to me since i had my expensive imac. I am running a mac os x version 10.3.9. And i ran a virus scan for my apps with ClamXav so far there hasnt been a virus detected. Can someone PLEASE help me becuase when i tell my dad he is going to kill me if i dont fix it....
  Thx alot, Robby

  Hi k0rnyfr33k,
  This is one of the oldest tricks in the virus writer's bag. When one of these infected e-mails hits a Windows computer, the virus/worm/Trojan automatically copies itself to every person in their address book. At the same time, it uses any one of those names to spoof the "from" address to make it look like it came from somewhere else. So it's an almost 100% certainty that the virus they got came from someone else's computer whom you know who has your e-mail address in their address book. I've gotten such stuff with my own address as the sender. Meaning that I know it came from one of my relatives, friends, or someone else who has my e-mail stored in their address book in Windows.