What is the "Ahmbed.gz" archive that suddenly appeared on my mac's HD?

.gz files are zipped files created by gzip users (gzip is a file compression tool). It is unlikely the file is important and was probably downloaded inadvertently. The password request might be because of the file's location. If the .gz file lives on your root drive, a password would be needed to erase it. The same is true of any file living on your root drive.

I think you're in the clear to delete.

-d

Ahmbed.gz contains a cracked (pirated) version of Adobe Illustrator CS3 that is circulating on some of the BitTorrent sites. If you didn't intentionally download this file (or even if you did) you should delete it.

The moral and legal issues aside, pirated software frequently contains malware intended to spy on your computer, so I strongly advise against downloading it. In any case, if you use BitTorrent, make sure you're using a secure, bug-free BitTorrent program to reduce the risk that a miscreant will load something onto your computer without you being aware of it.

You might also want to install ClamXav and scan your hard drive. Using BitTorrent file-swapping sites is a good way to end up with malicious files stored on your computer.

I ended up with this mysterious "Ahmbed.gz" file as well, and it can't be a "cracked version of Adobe Illustrator CS3" because it's only 4kb; way too small.

Look it up yourself.

deusxmac wrote:
I ended up with this mysterious "Ahmbed.gz" file as well, and it can't be a "cracked version of Adobe Illustrator CS3" because it's only 4kb; way too small.

It's not the "cracked" version but the actual "crack" itself to crack the software that was downloaded onto your machine.

The only way a file of this kind (ie., crack for software) to appear is no mystery. Someone who used your machine had to have downloaded it. Not saying you in particular but someone did.

The only way a file of this kind (ie., crack for software) to appear is no mystery. Someone who used your machine had to have downloaded it....

Actually, that isn't entirely correct. Some BitTorrent clients have security holes that will allow a miscreant to push a file onto a user's computer as part of the bit stream. Once there, it becomes available for download by others for as long as the file remains on the computer and the computer remains connected to the BitTorrent network.

If you do a lot of file-swapping you're going to end up downloading something that causes problems for you sooner or later and using an insecure BitTorrent client is a very good way to have your computer violated. At the very least, use one that allows filtering rules and use the bad file and IP address lists to reduce the risk.

capaho wrote:

The only way a file of this kind (ie., crack for software) to appear is no mystery. Someone who used your machine had to have downloaded it....

Actually, that isn't entirely correct. Some BitTorrent clients have security holes that will allow a miscreant to push a file onto a user's computer as part of the bit stream. Once there, it becomes available for download by others for as long as the file remains on the computer and the computer remains connected to the BitTorrent network.

If you do a lot of file-swapping you're going to end up downloading something that causes problems for you sooner or later and using an insecure BitTorrent client is a very good way to have your computer violated. At the very least, use one that allows filtering rules and use the bad file and IP address lists to reduce the risk.

Your absolutely corrent. I forgot about this when I was reading up when "bittorrents" starting coming into mainstream.

Good catch and good point. I guess if you 'have' to use these things a good thing to do is check files created or modified to see if anything got pushed to your machine.

But regardless someone on your machine at least used a torrent downloader to download some sort of files (good/bad/pirated/whichever) and it got placed there. They still don't mysteriously show up, they showed up due to something a user did (even if it's downloading something else and having a file pushed without your knowledge).

Good rule, buy software and don't cheat the system. (need to take my own advice sometimes LOL)

Just to report, I found this file on my machine in the root directory of my system drive and I do not use any bit torrent app. I had just installed CS3 and the installation had crashed, near the end. I suspect this file was left over from that failed install attempt but I can't be certain. It's a new MBP and I doubt there's been a chance for malware or viruses to have infected the machine.

The CS3 crack file circulating in the BitTorrent world is probably a cracked version of an installation file that is part of the legitimate installation package, thus the file name is the same.

I too had this file after a fresh install on Leopard and a legal CS3 Master install that crashed after Disk 3. No torrent software in sight in my case either.
Kind regards
Mark

This file showed up after a legitimate update last night. The install took way way too long but what do I know? The first clue I had that something was amiss was that my Finder window was really weird. I'd lost all my left column below the disk list. I noticed the ahmbed.gz file at the top of the second Finder column. There were two unzipped files of the same name. I opened both and they were both blank. I tried to trash the upzipped file but was asked for my password. I didn't want to do that so I opened it. It made another blank unzipped file and the zipped one stayed the same. That's when I decided to find out more.

No one but me uses this computer. I was doing a legit CS3 update from Adobe. Now that I've read the entries in this forum. I'm going to use my password to delete the file and then a secure empty trash. Thanks for the information I've found here.

The ahmbed.gz file may be a legitimate installation file from the CS3 disc, while a hacked version of it circulates on the file swapping circuit.

If you ever have questions about a file, you can install ClamXav and use it to scan individual files that you're not sure about:

http://www.clamxav.com/index.php?page=dl