1 2 Previous Next 29 Replies Latest reply: Apr 12, 2012 7:13 AM by benzdoc Go to original post Branched to a new discussion.
  • 15. Re: Trojan in Java
    benzdoc Level 1 Level 1 (0 points)

    Look to the pros like Sophos and Fsecure  for up to date information and patches to remove this evolving malware. NOT fixes posted on a forum. Thanks for pointing this out. Of course, to other posters,  its your data do as you like...

  • 16. Re: Trojan in Java
    X423424X Level 6 Level 6 (14,190 points)

    Huh? 

     

    Didn't I just refer to F-Secure as a source for instructions?  Their Flashback-K instructions are the most recent they have posted as far as I know.

     

    For the instructions I post for top level detection I base on what is there and these forums.  It is forums like this where reports of new strains generally appear.  I think that was the case for this ~/.filename form of infection.  So it was this forum that showed how to remove those obvious insertions first.  Not Sophos.  Not even f-secure.

  • 17. Re: Trojan in Java
    benzdoc Level 1 Level 1 (0 points)

    Did you miss "Thanks for pointing that out" I guess "its your data do as you like" applies to you also.

  • 18. Re: Trojan in Java
    arlene220 Level 1 Level 1 (0 points)

    Erase the hard drive and start from scratch??? Come on! Take your computer to the Apple Store for repair. I called Apple and THAT is their recommendation. My iMac is still under Apple Care...spend the bucks folks it is worth it. I auto renew and my computer is only 1 and 1/2 years old but full of very expensive software for photography editing and clients and Getty Images. Of course I recommend keeping ALL your files on an external drive,

     

    I also recommend downloading Lion to an external and that way you can go back to Snow Leopard. I wish I had done that but it is too late for me and most of these folks.

     

    Get thyself to an Apple Store and don't mess with this thing.  

  • 19. Re: Trojan in Java
    thomas_r. Level 7 Level 7 (27,985 points)

    Erase the hard drive and start from scratch??? Come on! Take your computer to the Apple Store for repair.

     

    What do you suppose the Apple Store's repair will consist of?  Most likely, erasing the hard drive and reinstalling the system.  Apple techs are specifically told not to get into things like trying to remove malware manually.  If you don't know how to do this yourself, you could certainly get Apple to do it, though you'd have to pay them to do it if you didn't have AppleCare.

     

    Of course I recommend keeping ALL your files on an external drive,

     

    Why?  There's nothing wrong with doing that, but it's certainly not something that all users should be told they need to do.  There's no reason for it unless you're running out of space, and it has nothing whatsoever to do with protecting yourself from malware.

     

    I also recommend downloading Lion to an external and that way you can go back to Snow Leopard.

     

    Again, that has nothing to do with the topic at hand, and is not possible for people with recent machines.  In fact, Lion is actually safer than Snow Leopard, due to not including Java by default.

  • 20. Re: Trojan in Java
    jsd2 Level 5 Level 5 (6,200 points)

    F-Secure just released a free Flashback detection and removal tool:

    http://www.f-secure.com/weblog/archives/00002346.html

     

    and Apple announced they are developing one:

    http://support.apple.com/kb/HT5244

  • 21. Re: Trojan in Java
    benzdoc Level 1 Level 1 (0 points)

    I think we can agree that this situation is a cosmic shift for Apple and owner's trust (misguided or not) in the system. So you don't know what the genius at the store will do to remove this malware. How about we verify before jumping to conclusions.

  • 22. Re: Trojan in Java
    thomas_r. Level 7 Level 7 (27,985 points)

    Not really.  We had the same "cosmic shift" less than a year ago with MacDefender, which was probably as big an outbreak as this one.  Back then, it was commonly reported that Apple techs were told not to try removing malware.  Apple can't be in the business of having techs try to manually remove malware...  the risk of not succeeding is too great, and Apple techs are not and cannot all be security experts.

  • 23. Re: Trojan in Java
    nerowolfe Level 6 Level 6 (13,070 points)

    I like the CYA response, "your system seems to be free ....."

     

    It's like running Apple's DU and checking your HD. The drive "seems" or is it "appears" to be OK.

    Don't get me wrong, I totally understand the reason, both legally and technically.

    But "seems" is not as reassuring as saying "your system is free of the evil malware"

  • 24. Re: Trojan in Java
    benzdoc Level 1 Level 1 (0 points)

    Speculation and "history" make facts not... 14K posts and you seem to have forgot that

  • 25. Re: Trojan in Java
    WZZZ Level 6 Level 6 (12,225 points)

    Thomas A Reed wrote:

     

    Not really.  We had the same "cosmic shift" less than a year ago with MacDefender, which was probably as big an outbreak as this one.

    As metaphors go, don't know about a "cosmic shift," but I think user interaction/social engineering not necessarily required for infection makes this a brand new ballgame. MacDefender heralded a new era of attacks, but staying with "shifts," I think this one shows a paradigm shift.

  • 26. Re: Trojan in Java
    thomas_r. Level 7 Level 7 (27,985 points)

    There's nothing whatsoever speculative about what I said.

  • 27. Re: Trojan in Java
    petermac87 Level 5 Level 5 (4,205 points)

    benzdoc wrote:

     

    Speculation and "history" make facts not... 14K posts and you seem to have forgot that

    So what a pity that speculation here is against the TOU when you joined the forum.

     

    Pete

  • 28. Re: Trojan in Java
    arlene220 Level 1 Level 1 (0 points)

    I just ran my disk utility, it said the hard drive is corrupted. Restart holding command R and let the utility repair the disk. But hey still have Apple care and I am taking this into the store to let them do it. There was a HUGE list of corrupted files...no surprise there.

     

    So, run your disk utility and click "Verify Disk" you will find out if you have a corrupted disk and how to fix it.

     

    This is a simple way to do things for non IT experts. Running scripts in your terminal is fine for someone who is experienced with commands, but for the rest of us....use your disk utility....or leave it to the experts at the Apple store

     

    Buying Apple Care is the best thing that you can do. For the grief it spares you it is cheap!

     

    AND when I talked to the Apple Store they admitted there is a Trojan and that they WILL NOT erase my HD so you are wrong on that point. They are totally honest and upfront about the malware.

  • 29. Re: Trojan in Java
    benzdoc Level 1 Level 1 (0 points)

    I used "cosmic" because I like the word. I don't recall any previous threats to Apple software discussed much on main stream media as this was. Also putting the blame on Apple for being behind Adobe in patching the problem. Apple excels at PR,  so their response is going to be different than in the past.

     

    Pete, I have been a member since 2007, you? :)

1 2 Previous Next