system 10.10.1 on MacBook Pro (Retina, 15-inch, Mid 2014). I can't get any updated.. message i get fro apple store for updates "Can't connect to the Software Update server (swscan.apple.com)."
Looking for help, please... Thank you!
Triple-click the word "telnet" in the line below on this page to select the whole line:
telnet swscan.apple.com 443
Copy the selected text to the Clipboard by pressing the key combination command-C.
Launch the built-in Terminal application in any of the following ways:
☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
☞ Open LaunchPad and start typing the name.
Paste into the Terminal window by pressing command-V. I've tested these instructions only with the Safari web browser. If you use another browser, you may have to press the return key after pasting.
You should almost instantly get three lines of output below what you entered, the last of which is this:
Escape character is '^]'.
If there's no output within ten seconds, consider that a failure. Otherwise, please post the output in a reply. You can then quit Terminal.
Triple-click the word "telnet" in the line below on this page to select the whole line:
telnet swscan.apple.com 443
Copy the selected text to the Clipboard by pressing the key combination command-C.
Launch the built-in Terminal application in any of the following ways:
☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
☞ Open LaunchPad and start typing the name.
Paste into the Terminal window by pressing command-V. I've tested these instructions only with the Safari web browser. If you use another browser, you may have to press the return key after pasting.
You should almost instantly get three lines of output below what you entered, the last of which is this:
Escape character is '^]'.
If there's no output within ten seconds, consider that a failure. Otherwise, please post the output in a reply. You can then quit Terminal.
didn't work.. I got this:
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
telnet: Unable to connect to remote host
You installed the "iWorm" trojan. The following procedure may leave a few small files behind, but it will permanently deactivate the trojan, as long as you never reinstall it.
"iWorm" is known to be distributed via BitTorrent in the form of a pirated Adobe product. If you've ever downloaded any software from a torrent, delete it. I suggest you delete the torrent client as well, to avoid making the same mistake again. If you know of any other way in which you might have been infected, please give details. That information may help others.
While "iWorm" was present, your computer may have been under the remote control of criminals. Change all Internet passwords and check all financial accounts for unauthorized transactions. Do this after the system has been secured, not before.
Others may tell you that you should erase the startup volume, reinstall OS X, and restore only user data from a backup in order to be sure that you're rid of the malware. All other software would then have to be reinstalled from fresh downloads or original media. You can do that if you wish, but I've seen no evidence that it's necessary. If you choose that option, you can skip the rest of this comment. Ask for guidance if you need it.
Malware is always changing to get around the defenses against it. These instructions are valid as of now, as far as I know. They won't necessarily be valid in the future. Anyone finding this comment a few days or more after it was posted should look for more recent discussions or start a new one.
Back up all data before proceeding. If you have more than one user account, you must be logged in as an administrator.
Step 1
Triple-click anywhere in the line below on this page to select it:
/Library/LaunchDaemons/com.JavaW.plist
Right-click or control-click the line and select
Services ▹ Reveal in Finder (or just Reveal)
from the contextual menu.* A folder should open with an item named "com.JavaW.plist" selected. Drag the selected item to the Trash. You may be prompted for your administrator login password.
Restart the computer and empty the Trash. Then delete the following item in the same way:
/Library/Application Support/JavaW
*If you don't see the contextual menu item, copy the selected text to the Clipboard by pressing the key combination command-C. In the Finder, select
Go ▹ Go to Folder...
from the menu bar and paste into the box that opens by pressing command-V. You won't see what you pasted because a line break is included. Press return.
Step 2
The trojan hacks the system to block software updates from Apple. The file modified is /etc/hosts.
The easiest way to fix the hosts file is to restore it from a backup that predates the modification, or to copy the unmodified file from another Mac. If you can't do that, then do as below.
Triple-click anywhere in the line below on this page to select it:
open -e /etc/hosts
Copy the selected text to the Clipboard by pressing the key combination command-C.
Paste into a Terminal window by pressing command-V. A TextEdit window should open. At the top of the window, you should see this:
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
fe80::1%lo0 localhost
Below that, you may see some other lines. The first 10 lines should be exactly as above, apart from differences in the blank space within lines. Otherwise you can't use this procedure—STOP and ask for guidance.
If the contents of the TextEdit window are as described, close it, then enter the following command in the Terminal window in the same way as before (by copy and paste):
sudo sed -i~ '11,$d' /etc/hosts
You may be prompted for your login password, which won't be displayed when you type it. Type carefully and then press return. If you don’t have a login password, you’ll need to set one before you can run the command. You may get a one-time warning to be careful. Confirm. Quit Terminal.
If you see a message that your username "is not in the sudoers file," then you're not logged in as an administrator. Log in as one and start over.
That will fix the hosts file. There is now a copy of the old hosts file with the name "hosts~" in the same folder as "hosts". You can delete the copy if you wish. Don't delete the file named "hosts".
i have the same problem. This is the output when i ran "telnet" command:
Trying 17.164.1.22...
Connected to p01-swscan.apple.com.akadns.net.
Escape character is '^]'.
linhtn wrote:
i have the same problem. This is the output when i ran "telnet" command:
Trying 17.164.1.22...
Connected to p01-swscan.apple.com.akadns.net.
That shows you do have connectivity with the App Store, so you do not have the same problem. Please start a new thread and describe the problem you are having.
Thanks so much. After days of readings and try, without success, this really helped. i0m ver
Scaring the fact i got a malware and i pay a lot of attention to this things..
Ale
Hi, i was having the same issue with my updates from the app store. The only difference is if i downloaded manually from the apple download page everything would work except the security update and the OS X EL Capitian 10.11.1 update. I think i followed your directions correctly and this is what it came up with.....
danas-iMac-3:~ danacoultrup$ telnet swscan.apple.com 443
Trying 17.164.1.22...
Connected to p01-swscan.apple.com.akadns.net.
Escape character is '^]'.
Connection closed by foreign host.
danas-iMac-3:~ danacoultrup$
Would you possibly have any suggestions for me?
Thank you for your time.
Dana
danacoult wrote:
$ telnet swscan.apple.com 443
Trying 17.164.1.22...
Connected to p01-swscan.apple.com.akadns.net.
That shows you do have connectivity with the App Store, so you do not have the same problem. Please start a new thread and describe the problem you are having.
can not connect to swscan.apple.com for updates
