Virus/malware through public open wifi?

Similar Messages

• New Multi-OS/CPU aware virus broke through virtualbox. For a reason.FYI

  FYI (all)
  Dear sir (RMS @ GNU),
  my apologies. That e-mail concerned the embedding (secretly) of personal information during the make process of certain gnu software but there's a new developent and I'm extremely mad : I have been looking for ways to de-obscurify certain (gnu) Make processes. During my search I found a certain GITHUB repo that provided a way to do that. It was not "AO" but another... In reality it was a virus and/or a magic trigger that broke and destroyed All my systems in a manner of 2 hours or so.
  It's a special case, methods used are not mentioned anywhere on internet. This one is multi-os aware and broke through a running virtualbox installation (I suppose via I/O hooks exploits yet unknown ). Both host and guest gets destroyed, independant of OS!
  from what I have seen:
  - the maker has somehow trojaned the Freedesktop.org desktop-daemon- input dbus helper software to gain and maintain root via init. Virtually everydebian based is thereby vulrenable.
  - the maker has found a new way (unknown to every antivirus software) to gain Admin acces to windows system via lowlevel IO and/or abused "signed drivers" - and mmaps itselfs there to propagate..
  - the virus broke through running virtualbox installations (latest installation, new installations, old VDI's) and they got all destroyed, first guest and hours or days later both host and guest installations.... also new.
  - the virus injects itself on every network IF / download / and propagates on installation (triggered) within the virtualbox installation. This happens on the host too, but hours later.
  - it eventually kills every document on every OS by spawning hundreds of processes to kill documents (overwrite, move, symlink)
  The strange thing about this, is that GNU sources / software like the sourcecode for GLIBC and GCC was left alone! Because of that and the mentioning of GNU on that repo I contacted GNU. On my windows system there was even a special message "Thanks to Freedesktop and embedded Ruby".
  The virus was obviously not meant for worldwide propagation but to target a certain audience (I suppose people like me), it's been engineered beyond belief and I triggered it somehow. In order to clean my system I tried a ISO/USB boot from AVG (linux based.) I booted from that USB and it got infected upon scanning... amazing.!!
  Anyhow.. sorry to have bothered you.
  Regards,
  To microsoft: Windows : is trojaned via virtualbox Usb I/O and/or other lowlevel I/O trickery. Obviously new methods are used, hard to reproduce and I can only mention a few details : virtualbox breakage like this is not yet mentioned anywhere and no admin priviledges are needed to reproduce. this "virus" has no signature known to clamav/kaspersky/mssc/avg/macafee. New exploits are obviously used, unknown and/or used in a similar manner. Microsoft should investigate this on their own.
  To FreeDesktop DBUS daemon: has been abused (and this darn thing is used in many debian based INIT scripts etc, in order to gain and maintain root (or worse). There was a note left on my system "thanks to freedesktop and embedded...": every Linux instance, new or old (2.6 to 3.2xxx was infected immediately). FreeDesktop: I *** your** because similar trickery is mentioned since 2009.
  To certain people at Debian: thanks for not taking me seriously or even understand what you are doing. Clueless.
  To Oracle: Every HOST that mounts an infected VDI, gets infected immediately upon boot. Or the other way around: upon scanning the filesystem. The scanning OS itself gets trojaned (reproduced via multiple USB installations/Gpart ISO, AVG iso) and gets destroyed . Even within virtualbox ..... the ISO grows to hunderds of gigs. Virtually. I suppose it's hooked via USB transport to gain accces over keyboard and mouse. In fact it doent matter what OS is used, the killing process is "universal" because it happens within the hooked kernelspace.
  To reproduce : I cannot give much details and its hard to traceback or reconstuct the order of events but I wanted to look for a way to de-obscurify a certain gnu-make process (in particular a piece of GNU software (for ..keys) from which I suspected to embed privacy information about the user and this software is used on virtually every OS and in many software packages as building block. And I certainly found one. I guess some magic 0xUL that passed my system or action I did -triggered this OS independant chainreaction or "OSkiller" process. I should have suspected this.. well. Even github trickery was (AB)used ~/.git / gitprocesses are used for some reason because every new download got the "make" process treatment instantly. Tricks to use parts of sha1 signatures (actually the gitters identification. Some people are aware of these methods and are abusing this system, not to "watermark" but to pull off this kind of work?
  The result: all my virtual Linux / Freebsd VDI/VMDK installations were completely destroyed within a manner of minutes and later the host (windows7, regular update cycle, well maintained and secured) too. It was hard to traceback and/or/try forensics because the host got infected too -- obviously no way to sandbox. (maybe I'm not clever enough). Mounting from another OS is killing that OS too. Amazing. The reason I wanted to traceback or mount a certain partition was because it contained my work on my research. I had backups (even incremental) of some instances and they all got destroyed too (unaware of the systemhooks that were luring for the magic).
  Reproducable? Yes. But hard to pull off and therefore I suppose this "virus" is not meant to propagate worldwide but targetted at a certain audience. The maker(s) has/have deep profound knowledge of windows internals, virtualbox exploits,, linux exploits, methods not seen by any anti-vir software I got running. It means there's a whole bunch of multi-os exploits, application exploits, not used or mentioned anywhere, bundled in a well prepared trap for anyone who gets the magic. I still have the infected VDI's. cannot tell if they are completely destroyed because I dare not mount it in ANY way. (I tried virtually every way possible!!!!!). Forensics could do some work on the raw material.
  Here's a brief list of software that must have already been trojaned / to kill the running OS's (on host/guest) of a target:
  - "nonfree" linux-firmware. Certain IO/dev (dbus?) userspace layers (linux)
  - linux or windows virtualbox guest addition(s): CERTAIN debian updates (* triggers the killing process). Especially the RE-make of IO kernelmods process caused a chainreaction in one case. The maker(s) did some magic there because one should assume that KERNEL code is well maintained (like Theo.d.r. does :-) )
  - (gnu) remake processes of kernel mods (RT/Pre-emt) -> guest additions. I could only reproduce this a few times because my host got killed.
  - github trickery....
  - techniques: callbacks via IO hooks on both HID and available network devices and injects itself via sockets (because every download was infected)
  - I suppose no known shellcode was used or not recognised. Every virusscanner that I got running got killed and infected upon scan, both windows and linux based, clamav and AVG mssc, macafee, kaspersky etc etc. Even a simple mount gets a host killed. Amazing.
  and all of this must have been "packaged" for a special occasion? Its profoundly layered, multi-disciplined and networked (I guess there are more related triggers to this network) and this OS killer must have been ready or "waiting" for months, none of the exploits I've witnessed are mentioned on internet or have been used on seperate occasions (except for the dbus trickery: there have been rumors but no real actions by ubuntu or debian etc etc). All these multi-cpu/os/software exploits (means transports) events that happened on my systems, both metal and virtual, are not mentioned anywhere or seperately used on other occasions or else someone would have mentioned it? Even the slightest kernel breakage or trojaned kernel in this respect should gained prestige for certain w/b hat hackers. This is beyond belief. The guest/host breakage is amazing, multi-os and the killer does its work profoundly.
  - so oracle can deal with this virtualbox breakage from host to guest and vice versa
  - linus gets his multi-OS io / kernelspace breakage, kills of every mount or gets triggered by even mmapping.
  - microsoft no idea.... no blame this should have been recognised within the security framework, but there's obviously not yet a signature known.
  I don't know if I should call this a virus. It uses virus-like techniques but on so many levels happening at once. I dont think oracle or microsoft or linux / freebsd /solaris is targetted. It looks like a well contained (only propagating on the host/guest, even socks are targetted only at localhost) - trap, the killing process is very persistant and for a reason. If this was used in a network-propagating carrier virus it should raise a Major worldwide alert. I think this unknown network of suddenly revealed exploits are means to immediatly shutdown/completely kill the running system(s) of a certain audience (like me). It's like a network and eventually a killswitch, a "destroyer" which I happened to trigger while I was investigating some things concerning privacy issues (in fact building blocks for signing of public keys). This message should raise some questions.
  And about that github repo. It's not AO.
  Thats all folks.
  0X

  We would really like to debug your problem but the provided information is not sufficient and very hard to parse. A few questions:
  - Which version of VirtualBox are you using?
  - What host systems did you use to test, only Windows 7 or also other systems?
  - Did you try to use an infected .vdi disk with a fresh installation of VirtualBox on a fresh host?
  - Which guest is affected (exact version please)?
  - You report that even your host will be infected (breaking through from a VirtualBox guest to a host). Did you do scan your host for viruses before you started your guest so you can be 100% sure that your host was clean before it was infected by the guest?
  - When scanning the infected system with a Linux-based virus scanner: Did the scan report any problems? If so, which? And did you consider to use a virus scanner on a read-only boot medium? In the latter case it is impossible that the virus scanner gets infected.
  I would appreciate if you could answer these questions, there could be more questions once I have the answers to these. But please, try to be precise and short when answering the questions.

• Lost iPod Touch: Will it auto-connect to open wifi?

  My daughter received a brand new iPod Touch for Christmas. Not a week later and she lost it at a friend's house.
  Fortunately, I had set it up to work with my iCloud subscription and enabled the "Track My iPhone" feature. But of course it is not connected to my daughter's friend's WiFi.
  So I was thinking that I could ask that they temporarily open up their wifi network (i.e., not require a password) in hopes that the iPod Touch will automatically scan and connect to the open access point. If it does, then I should be able to both locate it on a map and also trigger it to play a high-volume sound, all through iCloud.
  Question is:
  Assuming the iPod Touch's battery is not already drained....does the iPod Touch automatically/consistently scan for open wifi networks and, if it senses one, does it automatically connect? Or is it like a laptop, where you have to manually connect?
  Thanks in advance for any help with this!

  It depends upon what setting you have on the iPod. The following os from the User Guide (sorry about the formatting):
  Set iPod touch to ask if you want 
  to join a new network
  Go to Settings > Wi-Fi and turn “Ask to Join Networks” on or off.
  If “Ask to Join Networks” is turned off, you must manually join a network to
  connect to the Internet when a previously used network isn’t available.

• I have a redirect virus/malware that I can't get rid of - Stopzilla ID MalPac.D - any suggestions

  I have picked up either a virus or some malware that frequently redirects my browser to intermediate sites. Stopzilla calls it MalPac.D but repeated attempts to remove it with Stopzilla have failed. I tried to update my antivirus (Bitdefender) but every time I try to download it I get a message that the installer files are corrupt and the install fails. I installed a different antivirus product that also found some viruses and removed them but the redirect is still there.
  I can go into tools>options>advanced>settings>advanced and find that there is a manual proxy server selected. If I just click on "No Proxy" the proxy setting will reset itself. If I just click on "No Proxy" and delete the info for the proxy server I can then do searches without redirects.
  Any idea how I can find and get rid of the redirect virus/malware?

  Try clearing Safari's cache : Settings > Safari > Clear Cache (and Clear History). You could also try turning on Block Pop-Ups on the same Settings page.
  Also close Safari completely : from the home screen (i.e. not with Safari 'open' on-screen) double-click the home button to bring up the taskbar, then press and hold any of the apps on the taskbar for a couple of seconds or so until they start shaking, then press the '-' in the top left of the Safari app to close it, and touch any part of the screen above the taskbar so as to stop the shaking and close the taskbar.
  You could also try a reset : press and hold both the sleep and home buttons for about 10 to 15 seconds (ignore the red slider), after which the Apple logo should appear - you won't lose any content, it's the iPad equivalent of a reboot.

• How will i know if a virus,malware or spyware is d...

  i hve scan my comp and it wont finish scanning 1 program files un-scaned and alcohol120 program files. i'm a bit woried about the privacy of our video call.. my wifes brother warned us of some virus that is includen on some sofwres that you might download on your pc. how will i know if a virus,malware or spyware is design to hack my video call on skype? can that proram files  that cant be scned can be a form of virus of software that can hck my videocalls.. pls tell me how cn i know that..

  Only a clean install can give you a clean chit.
  But that is painful if you want to restore your applications and settings.
  So called hacks are very rare and unlikely to be on your comp. Check Activity Monitor and if you see weird processes then you need to be worried; else you are generallly fine.
  Have a lovely single malt with ice and water and relax...

• Help iMac w/Lion. Virus/malware Safari can't shutdown. Got pop up saying I won a prize. Did not select OK. Have to force shutdown. On restart of Safari get same pop up. Locks up Safari. Any help would be greatly appreciated.

  PiCked up a virus/malware please help me get rid of it. While browsing with Safari got pop up saying I won a prize. Click OK to find out what I won. Did not click Ok, but cannot close Safari without using forced shutdown. Powering down computer and restarting then selecting Safari brings up same prize window. Just installed Trend Microsoftware for Mac. It's scanning now. Don't think it will work.
  If I open another on same iMac everything seems ok.
  Any help would be greatly appreciated.
  Thanks

  I am also running Lion and had the same problem: a persistent popup on top of a half-opened Safari window saying that I had won a prize and should click OK to claim it.  If I forced Safari to quit, the same pages and popup menu would appear when I then reopened Safari.  From what I can tell, the problem results simply from the fact that Safari in Lion defaults to auto-reopening web pages that were open when Safari last quit, including those suspicious pages that may have prompted the user to force-quit Safari in the first place.  I solved the problem this way:
  (1)  After force-quitting Safari, I went to my user Library folder and found the Saved Application State folder within.  I then found the folder for Safari (com.apple.Safari.savedState), opened it and deleted its contents.  Now the next time I open Safari, there will be no pages to auto-reopen.
  (2)  Since this problem could happen again, I decided to disable the auto-reopen feature in Safari.  I did this by highlighting the "com.apple.Safari.savedState" file and choosing the File-->Get Info command, and then in the Get Info box, I turned on the Locked checkbox.  This prevents Safari from adding any files to this folder.
  This solution has worked well for me, and it has the advantage of not requiring the user to reset Safari.  It also preserves Lion's auto-reopen feature for all other applications.
  I need to give credit to David Pogue for the information I used to solve this problem.  He describes this procedure on page 169 of his book, Mac OSX Lion, the missing manual.
  Steve

• Browser Virus Malware Adware etc.  HELP!

  I have been trying for 3 days to kick this absurd problem off of my Macbook Pro.  It feels like I have a virus/malware/adware situation that is making me feel like I'm back on a PC (UGHHHHH).
  BEFORE THE PROBLEM:
  I kept getting "scratchdisk" or "startup disk" is full notices so I could not download the new OS
  I started searching the web for solutions
  I started removing all unneeded files
  I used Clean My Mac to remove unwanted/unneeded files
  I downloaded OS X 10.9.5
  THE PROBLEM:
  The following things occur when I attempt to use any of the 3 browsers: Google Chrome, Safari, Firefox:
  pop up windows appear ALL over the place
  Pop up windows block my ability to use the intended web page
  tabs automatically open for Wix, Mackeeper, Credit Check websites etc.  (It's infuriating!)
  Sites I am attempting to use fail to respond
  ACTIONS TAKEN:
  run Clean My Mac (nada)
  delete all cookies (nada)
  trash or uninstall any/all unknown apps/programs
  uninstall Google Chrome
  uninstall Firefox
  reset Safari
  some terminal exercise from an Apple forum (did...nada)
  RESOLVE:
  NOTHING seems to be working...I'm about to launch my computer out the window... HELP!?

  There is no need to download anything to solve this problem.
  A.
  You may have installed the "VSearch" trojan. Remove it as follows.
  Malware is always changing to get around the defenses against it. These instructions are valid as of now, as far as I know. They won't necessarily be valid in the future. Anyone finding this comment a few days or more after it was posted should look for more recent discussions or start a new one.
  Back up all data before proceeding.
  Step 1
  From the Safari menu bar, select
            Safari ▹ Preferences... ▹ Extensions
  Uninstall any extensions you don't know you need, including any that have the word "Spigot," "Trovi," or "Conduit" in the description. If in doubt, uninstall all extensions. Do the equivalent for the Firefox and Chrome browsers, if you use either of those.
  Reset the home page and default search engine in all the browsers, if it was changed.
  Step 2
  Triple-click anywhere in the line below on this page to select it:
  /Library/LaunchAgents/com.vsearch.agent.plist
  Right-click or control-click the line and select
            Services ▹ Reveal in Finder (or just Reveal)
  from the contextual menu.* A folder should open with an item named "com.vsearch.agent.plist" selected. Drag the selected item to the Trash. You may be prompted for your administrator login password.
  Repeat with each of these lines:
  /Library/LaunchDaemons/com.vsearch.daemon.plist
  /Library/LaunchDaemons/com.vsearch.helper.plist
  /Library/LaunchDaemons/Jack.plist
  Restart the computer and empty the Trash. Then delete the following items in the same way:
  /Library/Application Support/VSearch
  /Library/PrivilegedHelperTools/Jack
  /System/Library/Frameworks/VSearch.framework
  ~/Library/Internet Plug-Ins/ConduitNPAPIPlugin.plugin
  Some of these items may be absent, in which case you'll get a message that the file can't be found. Skip that item and go on to the next one.
  The problem may have started when you downloaded and ran an application called "MPlayerX." That's the name of a legitimate free movie player, but the name is also used fraudulently to distribute VSearch. If there is an item with that name in the Applications folder, delete it, and if you wish, replace it with the genuine article from mplayerx.org.
  This trojan is often found on illegal websites that traffic in pirated content such as movies. If you, or anyone else who uses the computer, visit such sites and follow prompts to install software, you can expect more of the same, and worse, to follow.
  You may be wondering why you didn't get a warning from Gatekeeper about installing software from an unknown developer, as you should have. The reason is that the Internet criminal behind VSearch has a codesigning certificate issued by Apple, which causes Gatekeeper to give the installer a pass. Apple could revoke the certificate, but as of this writing has not done so, even though it's aware of the problem. This failure of oversight has compromised both Gatekeeper and the Developer ID program. You can't rely on Gatekeeper alone to protect you from harmful software.
  *If you don't see the contextual menu item, copy the selected text to the Clipboard by pressing the key combination  command-C. In the Finder, select
            Go ▹ Go to Folder...
  from the menu bar and paste into the box that opens by pressing command-V. You won't see what you pasted because a line break is included. Press return.
  B.
  Remove "MacKeeper" as follows. First, back up all data.
  "MacKeeper" is a scam with only one useful feature: it deletes itself.
  Note: These instructions apply to the version of the product that I downloaded and tested in early 2012. I can't be sure that they apply to other versions.
  If you have incompletely removed MacKeeper—for example, by dragging the application to the Trash and immediately emptying—then you'll have to reinstall it and start over.
  IMPORTANT: "MacKeeper" has what the developer calls an “encryption” feature. In my tests, I didn't try to verify what this feature really does. If you used it to “encrypt” any of your files, “decrypt” them before you uninstall, or (preferably) restore the files from backups made before they were “encrypted.” As the developer is not trustworthy, you should assume that the "decrypted" files are corrupt unless proven otherwise.
  In the Finder, select
            Go ▹ Applications
  from the menu bar, or press the key combination shift-command-A. The "MacKeeper" application is in the folder that opens. Quit it if it's running, then drag it to the Trash. You'll be prompted for your login password. Click the Uninstall MacKeeper button in the dialog that appears. All the other functional components of the software will be deleted. Restart the computer and empty the Trash.
  ☞ Quit MacKeeper before dragging it to the Trash.
  ☞ Let MacKeeper delete its other components before you empty the Trash.
  ☞ Don't try to drag the MacKeeper Dock icon to the Trash.

• Possible new virus/malware? slui.exe in %Userprofile%\AppData\Roaming

  Hi,
  I would like to start a discussion for one strange problem that I encountered in my company. Four Notebooks with Windows 7 x64 Enterprise SP1 versions all of a sudden after 1-2-3hours period cannot open any webpage trough any browser (IE,FF, Chrome) but
  everything is pingable via command prompt. We made sure that it is not a DNS problem, whole network is functioning properly.
  After one college called me because of the problem described above I started to dig trough the active processes that were running in that moment and slui.exe caught my attention because it was unusual for me to see that process even running. The process
  itself is very small, only 54k. And starting folder is located in userprofile\AppData\Roaming\DNCache folder, in there are a couple of files (see picture bellow). That is not a location for slui.exe in my humble opionion, slui.exe resides in System32 folder.
  You cannot delete the folder because it is being used, even with file unlocker it won't let you delete it. I went to SAFE mode and deleted it. Also in safe mode run msconfig and clear out any files that have "Unknown" manufacturer and start with
  d..something, sorry cannot remember the correct name, but are the same as in DNCache folder. Our company uses Microsoft Forefront for protection. I am now waiting to see if I have solved the issue.
  Could that be somekind of a virus/malware?
  Thanks,

  Hi,
  Based on m research, “suli.exe” has not been recorded into MS data. It may be not a virus.
  Best Regards
  Quan Gu

• Do I have a virus/malware problem? Idiot needs help

  Hello, Received an email from 'Royal Mail Global' saying that they had failed in delivering a package and to open the attached '.zip' file. Without thinking, I opened the file- it didn't launch anything. I realise this is incredibly stupid and I am mortified. However, I am now concerned that I have a virus, malware, etc. As I am a computer idiot: how do I check if a virus is on the system or a malware programme is stealing all my details? People say "you'll be ok, Mac's don't get virsus" but how do you know? I have encountered no issues, as yet.... I run OS X and have a mac mini. Please help- will be eternally grateful. Thank you in advance

  MacHagan wrote:
  Hello, Received an email from 'Royal Mail Global' saying that they had failed in delivering a package and to open the attached '.zip' file. Without thinking, I opened the file- it didn't launch anything.
  First of all, your Lion OS would have notified you if that was anything currently known to be dangerous. If it was malware it was almost certainly designed for Windows and of no consequence to OS X. If you are certain that the email is spam/junk/hoax then use the delete button in your e-mail client to get rid of it. Check the trash folder and delete it from there, if necessary. If this is a Gmail account, let me know as there may be one more step.
  When you say you opended the file, I assume you used an open button or double-clicked the attachment symbol? And then it didn't launch anything, but it should have launch the Archive Utility to unzip the attachment. Did that not happen? Did you see anything after you "opened it"?
  Even if it was unzipped, sitting in an attachment folder somewhere and is malware, it won't do anything at all until you attempt to open it. And as I said previously, it's almost certainly for Windows users, anyway.
  If you followed the suggestion to use ClamXav (or any other A-V software), there are some special considerations regarding e-mail. Here are my standard cautions:
  Never use ClamXav (or any other A-V software) to move (quarantine) or delete e-mail. It will corrupt the mailbox index which could cause loss of other e-mail and other issues with functions such as searching. It may also leave the original e-mail on your ISP's e-mail server and will be re-downloaded to your hard drive the next time you check for new mail.
  So, if you choose to "Scan e-mail content for malware and phishing" in the General Preferences, make sure you do not elect to either Quarantine or Delete infected files.
  When possibly infected e-mail files are found:
  Right-click/Control-click on either the infection or file name in the ClamXav window.
  Select "Reveal In Finder" from the pop-up menu.
  When the window opens, double-click on the file to open the message in your e-mail client application.
  Read the message and if you agree that it is junk/spam/phishing then use the e-mail client's delete button to delete it (this is especially important when the word "Heuristics" appears in the infection name).
  If you disagree and choose to retain the message, return to ClamXav and choose "Exclude From Future Scans" from the pop-up menu.
  If this is a g-mail account and those messages continue to show up after you have deleted them in the above manner, you may need to log in to webmail using your browser, go to the "All Mail" folder, find the message(s) and use the delete button there to permanently delete them from the server.
  For instructions on how to handle any infections that do not involved e-mail, use the Help menu or go directly to this link Dealing with Infected Files.

• Viewing email on iPhone and preview of attachments with regards to virus/malware

  I recently opened an email on my iPhone.  Many times when you open an email on an Macbook, iPad or iPhone it will show you a preview or a snapshot of what is in the attachment.  For instance, if a photo is attached to the email, it will show you the photo without you opening the attachment, or what is in a Word Document.
  I did not click open the attachment, but when I opened the email itself, it had in the body of the email about 3 pages worth of random letters and numbers, starting with "DQo8IUPRQ1...".  It looked to be a .txt file (but I understand other types of files can be made to look like a .txt file)
  Again, I did not open the attachment, but the fact that the "information" from the attachment showed in the body of the email, it makes me very nervous about a virus or malware being on my iPhone or iPad.
  Can you explain if you need to specifically open the attachment of an email for a virus/malware to take place?  Is there any harm from just opening an email that has a virus attached to it and seeing the contents of the file in the body of the email?
  Little panicked, so thanks in advance for your help!

  Chris,
      It was from an unknown sender.  The email app i was using at the time was the Mailbox App (third party) if that makes a difference/opens me up for any additional threats.  None of my products are jailbroken.
       So it sounds like that even though there thousands of random letters and numbers in the body of the email, I am ok?
       I appreciate your responses.

• Virus/malware in exchange panel download

  I just downloaded the Exchange Panel, but did not install it because my security software alerted me that there was a virus/malware that could damage my computer and not to install it.
  Is there any other way to access the tools available in Adobe Exchange?
  I am not a professional user.  I purchased one creative suite some years ago and worked with it until some of it was no longer relevant.  But in tose times the Exchange (or its predecessor) was located on the adobe website and you could browse through available tools and ideas and download what you want.
  Now I've gotten cs6 and it seems to me that all this interactive stuff is not an improvement if viruses and malware are part of the package.  And because of the security threat, I now have no access to the extensions that would make web development easier.
  Sorry if I seem disgruntled, but this development put a serious crimp in my day, my week.

  The only problem here is that the screen that popped up was not the usual mcafee warning screen.  Things I usually get say something like "This is an untrusted source and may contain . . ."  This was a larger pop-up and said that it actually detected the presence of a virus or malware that could endanger my computer.  In other words, it was a lot more affirmative in its assertion.
  And since I have in the past ignored McAfee's gentler warnings and got stuck with pernicious add-ons that I had to spend a whole day tracing, deleting, restoring the previous state,  I'm really reluctant to press the "install it anyway" button.   Besdies, in addition to warning me, McAfee deleted the download once I agreed not to install it.  Now, that's never happened before.

• Virus Malware Malicious content protection software?

  Is it true that I will not need to have active virus/malware /malicious content protection on my Mac?   Should I, or dont bother?

  1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user, but internally Apple calls it "XProtect." The malware recognition database is automatically updated once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets (see below.)
  It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  3. Starting with OS X 10.7.5, there has been another layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't actually been tested by Apple (unless it comes from the Mac App Store), but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. For most practical purposes, applications recognized by Gatekeeper as signed can be considered safe.
  Gatekeeper has, however, the same limitations as XProtect, and in addition the following:
  It can easily be disabled or overridden by the user.
  A malware attacker could get control of a code-signing certificate under false pretenses, or could find some other way to evade Apple's controls.
  For more information about Gatekeeper, see this Apple Support article.
  4. Beyond XProtect and Gatekeeper, there’s no benefit, in most cases, from any other automated protection against malware. The first and best line of defense is always your own intelligence. All known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
  That means, in practice, that you never use software that comes from an untrustworthy source. How do you know whether a source is trustworthy?
  Any website that prompts you to install a “codec,” “plug-in,” "player," "archive extractor," or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
  A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn users who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  Pirated copies or "cracks" of commercial software, no matter where they come from, are unsafe.
  Software of any kind downloaded from a BitTorrent or from a Usenet binary newsgroup is unsafe.
  Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. If it comes from any other source, it's unsafe.
  5. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was never a good idea, and Java's developers have had a lot of trouble implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style "virus" affecting OS X. Merely loading a page with malicious Java content could be harmful. Fortunately, Java on the Web is mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice.
  Java is not included in OS X 10.7 and later. A separate Java installer is distributed by Apple, and another one by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers. In Safari, this is done by unchecking the box marked Enable Java in the Security tab of the preferences dialog.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a specific task, enable Java only when needed for the task and disable it immediately when done. Close all other browser windows and tabs, and don't visit any other sites while Java is active. Never enable any version of Java on a public web page that carries third-party advertising. Use it, if at all, only on well-known, password-protected, secure business or government websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
  Follow these guidelines, and you’ll be as safe from malware as you can reasonably be.
  6. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, if they do any good at all. If you need to be able to detect Windows malware in your files, use the free software ClamXav — nothing else.
  Why shouldn't you use commercial "anti-virus" products?
  Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
  In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
  7. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
  A Windows malware attachment in email is usually easy to recognize. The file name will often be targeted at people who aren't very bright; for example:
  ♥♥♥♥♥♥♥♥♥♥♥♥♥♥!!!!!!!H0TBABEZ4U!!!!!!!.AVI♥♥♥♥♥♥♥♥♥♥♥♥♥♥.exe
  ClamXav may be able to tell you which particular virus or trojan it is, but do you care? In practice, there's seldom a reason to use ClamXav unless a network administrator requires you to run an anti-virus application.
  8. The greatest harm done by anti-virus software, in my opinion, is in its effect on human behavior. It does little or nothing to protect people from emerging threats, but they get a false sense of security from it, and then they may behave in ways that expose them to higher risk. Nothing can lessen the need for safe computing practices.
  9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.

• N97 mini cant connect via open wifi

  I cant connect to internet with none of the open wifi, also called wifi zones, those wifi at public places.... sometimes say me than I cant connect to network, or if can connect, applications than request internet no connect or say me than need use other access point
  I have firmware version 12.2.121

  Try this go to settings>connectivity>destinations>then see if there's an option to add New access point. If not then find the place where the open Wifi name is displayed. Then touch it twice then you will see the settings for the access
  point. Now, click on options
  button at the bottom left of the screen and
  select “Advanced Settings” from the list. This
  will take you to the advanced settings. In Advanced Settings, you will now see four
  settings, namely IPv4 settings, IPv6 settings,
  Proxy Server Address and Proxy port
  number. In IPv4 you have to enter the ip and subnet mask and default gateway. Then tap back then enter the proxy and port number. You have to set the WLAN mode as public security as open. Try and reply.
  Nokia C7

• 'Open Wifi' Event Log in HH4

  Can someone confirm for me that I have understood 'Open WiFi correctly please?
  Just looked at the event log in HH4 for 'Open Wi-Fi' - I assume this is the wi-fi that other users can access via my setup?
  One log (for 30th Sept) shows 'Connection is up' at 13:09:03 and down at 13:24:23 so basically someone else was accessing the net through my setup then during this time?
  Just opted out!

  I wasn't quite correct when I said the broadband dropped, what happens is our devices won't connect, the light is blue. I took my ipad right up to the home hub and it still wouldn't connect, my husband's phone wouldn't either. When I googled it, all I could find was that too many devices may be using it, 2? It's happened several times this month always about 11pm, then I discover we've used over 70gb more than usual. There definitely seems to be some mystery heavy usage download occurring, could it be the home hub updating it's software? I noticed it said last updated 25/4 and that was the last time it showed multiple open wifi ups and downs at the same time we couldn't use it. I'm going to monitor it more closely to see if there's some pattern to this.

• Mark Invoices as Paid through Payables Open Interface

  Hi.
  I have looked at the table definitions for importing invoices into Oracle Payables through the Payables Open Interface. It is clear to me how simply writing to these two tables: AP_INVOICES_INTERFACE and AP_INVOICES_LINES_INTERFACE.
  However, the invoices that i want to import into Oracle have already been processed and paid. It seems that there is no way through these two tables to mark an invoice as Paid and pass in the associated the payment data (for example - a check number). I am retrieving data from an external invoice and payment processing web site and importing this into Oracle E-Business Suite through these two tables. So is there:
  - A way to mark these invoices as Paid through the import and include the check number it was paid with?
  - If not what is the best way to accomplish that in Oracle? Is there any other interface that Oracle provides that will allow this. Do I need to create some kind of routine or workflow in Oracle need to be created to do this? I am new to Oracle, so it is not clear at the moment.
  Thanks!
  Scott

  Scott,
  You cannot bring in paid invoices through payables open interface table.
  This is one workaround you can use.
  1. import the invoices through open interface, the interface record will be marked as Processed.
  2. As soon as your invoice is created, your liability account will be hit and will be increased and cash account will be decreased (I m not using the credit/debit terms purposefully).
  3. You then create a payment batch , and pay the invoice, this will balance the liability and cash accounts
  This way you can simulate the payment you did outside the system and still your books will be in sync.
  Things you would need to take care of:
  1. Payment Dates
  2. Stop the payment instrument (check/creditmemo/debitmemo) from going out
  Lastly, this is a OAF forum, you might get better replies in AP or EBiz forums, so please post your query there.
  Thanks
  Tapash