Skip navigation
This discussion is archived

Possible Virus?

10982 Views 7 Replies Latest reply: Apr 25, 2010 11:02 AM by K Shaffer RSS
Capten Calculating status...
Currently Being Moderated
Apr 24, 2010 2:48 PM
I have recently been getting a message that pops up every 5 minutes when I am on the internet that says: "Adobe Flash Player has stopped a potentially unsafe operation.
The following local application on your computer or network:

javascript: parent.payload1030

is trying to communicate with this internet-enabled location:

ds.serving-sys.com"

And then it gives me the option to either hit "ok" to deny the application access, or to hit "settings" so I can change my security settings and allow it access. I have tried both options: hitting "ok" just makes the message go away for 5 - 10 minutes, and hitting "settings" does the same thing and does not take me to the actual settings menu, and the message just goes away for a bit.
I tried looking this up on the net, and there doesn't seem to be much information about it. The site "ds.serving-sys.com" seems to be some kind of tracking cookie site or potential trojan. I am just wondering: how do I get rid of this thing? I was under the impression that Macs do not get many viruses, so I am not exactly sure how to go about removing it - if it is, in fact, a virus in the first place. Does anyone know what this is, and how to purge it from my machine and/or network?

I should also mention that other people in my house with PCs use the same wireless network, and one of them has potential viruses already. So is it possible that this is coming through the network from one of there machines?
Mac Pro, Mac OS X (10.5.4), wireless connection to a wireless-g linksys 2.4 Ghrz router, cable internet connection
  • Kurt Lang Level 7 Level 7 (31,490 points)
    Currently Being Moderated
    Apr 24, 2010 3:35 PM (in response to Capten)
    According to one site, it's this:

    Basically, that Samsung Flash advert attempts to download some content from a server outside of the domain where the advert is being served from. Flash 10 considers that to be a security risk and pops up the warning.

    So an advertiser somewhere is abusing the established protocol for popping up ads on your computer. Not sure how to get rid of it on the Mac, though.
    Mac Pro 8 core Xeon, 6GB RAM, Mac OS X (10.5.8), Kodak Eversmart Supreme scanner, Epson Stylus Pro 4000
  • Jay Bullock Level 4 Level 4 (3,800 points)
    Currently Being Moderated
    Apr 24, 2010 3:40 PM (in response to Kurt Lang)
    If it is indeed a Flash ad, two tools could help: Click to Flash:
    http://clicktoflash.com/

    And Safari AdBlock:
    http://download.cnet.com/Safari-AdBlock/3000-2378_4-10793198.html

    (Assuming the OP uses Safari. Similar tools exist for FireFox.)
    Aluminum Unibody MacBook, Mac OS X (10.5.8)
  • K Shaffer Level 6 Level 6 (8,580 points)
    Currently Being Moderated
    Apr 24, 2010 3:44 PM (in response to Capten)
    Any forwarded content through a Mac and then back to a Windows PC
    could harbor any virii the original Windows handled product contained.

    This is the main reason why a Mac user may consider anti-virus software.
    Since my computers aren't exposed to Windows directly, and I won't open
    an email into my computer (web mail, read in a browser) that won't happen.

    I have had to force-quit a new secure browser (and reported that to Mozilla)
    when some popup and pop-under ads would not go away.

    And a Mac running Windows via emulation or BootCamp partitioning
    could harbor a Windows virus in that section; so prevention in regard
    to the Windows aspect is the main concern where a Mac is nearby or
    attached to the network.

    There would be no likelihood of malware directly affecting the Mac OS X.
    You could get and use ClamXAV software free (open source) to see if
    there are any of the known possible Mac issues in the computer. Unlikely.

    Some web site content, on the other hand, depending on the kinds of sites
    you frequent, could be trying to get you to load bad content into your Mac.
    Usually, said content would try and invite you to use your Admin password
    to install some thing of unknown quality (or malware) into your Mac's OS X.
    Prevention is the cure, there. It can't install all by itself, for the most part.

    There have been a few patched versions of Flash Player and if you get them,
    they come with an uninstaller to get rid of the older version, first. Then install
    the newer version. That's Adobe Flash. There also is a Shockwave player &
    if your computer has an older one than their site shows is new, replace it, too.
    These both have uninstallers to run first before installing the download new one.

    Someone with more experience with the Flash and web page notice you experienced
    could probably add some information. There have been times where even after I've
    gotten the newest safely secure upgraded web browser and new Flash player, some
    web site may try to load content or a warning window appears. I try to avoid sites where
    such things are known to exist. And I have my browsers set to not go or try to load stuff
    from other web pages; and to limit where cookies are set.

    Essentially, my computers have nothing worth stealing inside them; but they are about
    as secure as they can be (for running Tiger 10.4.11) with latest browsers, flash update,
    firewall settings tight, and so on.

    So, the answer to your first question in the title is probably No. - Unless you're running un-
    protected Windows in a partition, in an Intel-Mac or older PPC-Mac with Virtual Windows.

    Good luck & happy computing!

    { edited }
     iBookG4 1.33 12" 1.5GB RAM (10.4.11)  2-iMacG4 1.25 17" 1GB RAM (10.4.11),  iPod  2-AirPort Extreme M8799LL/A  1-AirPort Express M9470LL/A 
  • Kurt Lang Level 7 Level 7 (31,490 points)
    Currently Being Moderated
    Apr 24, 2010 4:30 PM (in response to Capten)
    Another thing to look for is what's in your cookies list. Open the preferences for Safari and show the list of cookies. Look for any entry that looks like ds.serving-sys.com and remove it. Another very common entry of a site that does nothing but serve up ads is doubleclick.
    Mac Pro 8 core Xeon, 6GB RAM, Mac OS X (10.5.8), Kodak Eversmart Supreme scanner, Epson Stylus Pro 4000
  • Kurt Lang Level 7 Level 7 (31,490 points)
    Currently Being Moderated
    Apr 25, 2010 8:27 AM (in response to Capten)
    Excellent! Always good to find an easy solution (once ya' know what it is).
    Mac Pro 8 core Xeon, 6GB RAM, Mac OS X (10.5.8), Kodak Eversmart Supreme scanner, Epson Stylus Pro 4000
  • K Shaffer Level 6 Level 6 (8,580 points)
    Currently Being Moderated
    Apr 25, 2010 11:02 AM (in response to Capten)
    "...to limit where cookies are set..."

    Depending upon your assortment of available browsers,
    some may be better at not allowing third-party or non-
    visited site cookies or info to trace online paths you take.
    Plus, some bothersome sites integrate traps in popups.

    And under the various (& unstated?) circumstances I addressed
    in my earlier reply, which took longer to write than several short
    'no' replies could have, security and cookie settings; and firewall
    settings were mentioned. Open doors can be a means toward
    infiltration of an OS; usually in OS X, the owner lets in malware.

    Sorry to be inefficient at offering advice;
    it will weigh in future reply considerations.

    Good luck & happy computing!
     iBookG4 1.33 12" 1.5GB RAM (10.4.11)  2-iMacG4 1.25 17" 1GB RAM (10.4.11),  iPod  2-AirPort Extreme M8799LL/A  1-AirPort Express M9470LL/A 

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.