display of TL9 , N39,etc
Mac Pro, Mac OS X (10.6.7)
Want to highlight a helpful answer? Upvote!
Did someone help you, or did an answer or User Tip resolve your issue? Upvote by selecting the upvote arrow. Your feedback helps others! Learn more about when to upvote >
Did someone help you, or did an answer or User Tip resolve your issue? Upvote by selecting the upvote arrow. Your feedback helps others! Learn more about when to upvote >
You've been infected with the Flashback Trojan. The trojan is designed to steal your personal information. Your best bet is to erase your hard drive & reinstall from a backup prior to this happening. You should also change your passwords for banking, email, iTunes, etc. UCLA "claims" this can remove the trojan...you can give it a shot, but I'd erase your drive & reinstall:
http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-ed ition.aspx
Here's info on the original flashback trojan:
INTEGO SECURITY MEMO: Mac Flashback Trojan Horse Masquerades as Flash Player Installer Package
and the latest strain,
New Flashback Trojan Horse Variant Uses Novel Delivery Method to Infect Macs
Please read the following thread. It has links to articles on this topic and possible fixes for this trojan. You don't have to reinstall.
Also, some have found just making sure you have the latest version of java installed is sufficient:
URGENT: Ensure Java is up-to-date!
Related to this and java:
I was also having this issue. I sent some suspect files to Sophos and the verified they were indeed a virus. They identified this as OSX/Flshplyr-A . As of today, thier definition updates claim to now protect against this using thier free antivirus solution for Mac.
The infected files on my machine were:
/Users/Shared/.SuperJigsawPets.so
/User/Shared/.svcdmp.so
~/.MACOSX/environment.plist
Once these were removed, my issues were resolved.
You should be warned that each variant of Flashback is very different, and very insidious. They will all inject malicious code into a variety of apps, and some of them will disable the built-in anti-malware protection in Mac OS X. Some will refuse to install if third-party malware protection is installed, others will disable that protection as well. And since there is absolutely no agreement among the various anti-virus companies as to a name, we have no way of knowing which variant it is that Sophos is calling OSX/Flshplyr-A.
Your symptoms may have resolved, but you may still be infected. Which means, you may still have malicious code in, say, Safari, snooping on your surfing and reporting back what it finds. It's looking in particular for things like bank site passwords. My advice at this point is to erase the hard drive and completely reinstall the system and all apps cleanly, bringing only user data over from your backups. See Flashback infections becoming widespread.
(Note that my pages contain links to other pages that promote my services, and this should not be taken as an endorsement of my services by Apple.)
display of TL9 , N39,etc