Previous 1 2 Next 18 Replies Latest reply: Nov 27, 2012 8:36 PM by KL1207 Go to original post
  • KL1207 Level 1 Level 1 (0 points)

    So if there is something on my computer the only option is wiping everything clean? What if I don't have another device to back up everything? Is there a way for me to find out if something has been installed without removing everything? If possible I'd like to figure out if anything has been installed.

  • John Galt Level 8 Level 8 (41,295 points)

    A Java exploit is possible, but if you are using Mountain Lion and run Software Update, that should rule out that possibility. I assume Java is enabled in Safari, but if you do not require Java then disable it.

     

    I know of no Mac keylogger apps that would not require Administrator access to install. All the Runescape scams I have been able to determine attempt to deceive you into installing software through social networking.

     

    You also need to answer Linc Davis's question about Safari extensions that you do not recognize - Safari menu > Preferences > Extensions.

     

    It looks like this:

     

    Screen Shot 2012-11-27 at 11.24.53 PM.png

     

    What do you see there?

  • Linc Davis Level 10 Level 10 (169,105 points)

    I'm not sure what a Safari extension is

     

    Select Safari Preferences Extensions from the Safari menu bar. If any extensions are installed, that's where they're listed. If the list is not empty, there anything in it you don't recognize?

     

    Java is enabled.

     

    Java should always be considered untrustworthy. Unless you have a need for it, disable it. No Java exploits are known to be circulating at the moment, but I can't promise you that you're not among the first victims of a new one. If you are, then what will probably happen is that it will be identified by security researchers and Apple will then (after some delay) issue an update to remove it and the exploit that enabled it to be installed.

     

    But it's overwhelmingly likely that you don't have a keylogger. Nobody would go to that much trouble just to steal passwords for a game site. The likelihood is that the game vendor's server was hacked -- a common occurrence, unlike client-side Java exploits, which are relatively rare. The post on the message board could be a hoax, or it could be someone trying to deflect blame.

  • KL1207 Level 1 Level 1 (0 points)

    I  just looked at the extensions and I don't have any. I wasn't aware that Java is untrustworthy, the only thing I use it for is Runescape.

Previous 1 2 Next