FlashPlayer Virus

The Java update only closes the hole that allows for the malware installation, and does not get rid of it on an infected system. If you had an unpatched version of Java running on your system in the past month or two, then I would recommend you run the Terminal commands in that article to check for the presence of the malware (this can also be done with malware scanners).

This may be slightly off topic in this thread, but someone mentioned Flashback, so I'll chime in with this:

I have created a user tip and malware checker/removal tool: https://discussions.apple.com/docs/DOC-3271

I used the removal tool you posted. It immedietly says no malware detected. Maybe what i have is not the flashback? My problems are when watching videos. A pop up window that cant be removed shows up over most videos. Its asking to allow or deny. Problem is, I cant do anything with it. It says it is has to do with adobe flashplayer settings

My problems are when watching videos. A pop up window that cant be removed shows up over most videos. Its asking to allow or deny. Problem is, I cant do anything with it. It says it is has to do with adobe flashplayer settings

That is a common problem with Flash videos on many sites. I see that on the local news web pages and other legitimate sites pretty frequently. What's happening is the Flash player is initially denying the Flash video to play and giving you the option to Deny or Allow. The problem is the site feeding the video on the page is repeatedly ignoring your request to halt loading and playback of the video, and immediately requesting again to allow playback.

Thanks Kurt, so the flashback virus isnt the proble? It just started recently, while my son was playing a video game on a kids site. Very annoying

Jim

Thanks Kurt, so the flashback virus isnt the proble?

Nope. Despite the similarity of the name, Flashback doesn't have anything to do with the Adobe Flash player. It's just badly written sites ignoring your request to halt playback of the embedded Flash video.

Very annoying

Yes! 🙂

thanks topher, for the article on c-net. I have 2 machines, one running still on OS 10.4.11, w/o intel. I ran the terminal commands on both computers, and only got positive results. (does not exist/no such file or directory). getting these outputs, is it 100% reliable, that they are not infected?

thank you again!

There is actually a Flash Player Udate available. It is just lost in a jungle of paranoia and poor downloading practice.

Good Luck

Pete

Thanks etresoft for actually trying to help people!

My macbook has been slowing down the last couple of months and I have tried a couple of virus/malware tests with no results.

I ran your malware checker today and it suggested to remove the following items:

Adobe Reader Updater Helper

com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae.plist

com.google.keystone.agent.plist

I have no idea whether these items are fake, but after removing them my mac runs like born again 🙂

Thanks again,

Per

yep i got this too. was pretty sure it was fake already -- but when i tried to click cancel (cant be bothered to download updates unless i need them lol) button was unresponsive. immediately force shut down machine. its fine now. updating os. hopefully that works. dont really know what else to do havent looked into it much. so far these things dont seem too risky. hippy dippy tech explanations from me lol.

button was unresponsive

It actually was, but they were using the same browser trick as all of these dumb "Your computer is infected with xxx. Call 1-800-xxx-xxxx for immediate assistance!", or other such baloney.

The trick is a JavaScript loop. You really did dismiss the box when you clicked OK, but the exiting command of the popup is to display the same popup again. So you're in a continual loop, keeping you seemingly "stuck" to the page.

All you need to do is Force Quit Safari, then hold down the Shift key while relaunching it. The Shift key tells Safari not to reload any sites from the previous session.