OS X V10.6 Snow Leopard :: Little Snitch Report... Trojan Infection?
Apr 9, 2012
I'm getting the following report from LS on startup: ".sunupdate wants to connect to the following... then followed by a series of nonsense URLs: vxvhwcixcxqxd.com; stxeapbewbblp.com; and tygoiuoigwodd.com and then all again as .info/.net. What's going on?I've denied those connections in LS, but am now worried as I've heard about the Flashback trojan. I've also run through the Terminal commands to check and see if I'm infected, but those come back clean (or at least the instructions I followed for the '.K' version did... I don't know of any other check for other kinds).I've also written down the info for IP addresses, rev DNS names, process numbers, etc. that came along with the LS alert. But thought I'd better find out if it's a worry before typing in all that info.
I just recently updated to 10.6.3 which, as far as I know does not have built-in protection from stuff like Flashback Trojan. When I click on "Software Update" all I get is an inactive, blank screen. I was told that if I clicked on that I would be able to download Apple's patch preventing this from infecting my iMac.
Apple is indeed well into the development of Mac OS X 10.6, which the company has internally code-named "Snow Leopard," according to ArsTechnica. Citing a person familiar with the situation, the technology website confirms several details of the next major Mac OS X upgrade first reported on Tuesday, including a scheduled release as soon as Macworld 2009 this coming January, and that it will not introduce any major new features.
Instead, Snow Leopard is said to focus heavily on performance optimization and security, a move that will in all likelihood widen the gap between Mac OS X and Microsoft's Windows Vista operating system in those areas. "Things like the MacBook Air, iPhone, iPod touch, and other mysterious devices that have yet to be announced need better performance for better battery life, and that's definitely something Apple wants to excel at in the years to come," wrote Ars' Jacqui Cheng. Unconfirmed is whether the software will be shown off or discussed at the company's annual developers conference next week. However, AppleInsider in recent weeks has been told to expect discussion of "another big cat" at the event................
How can I tell if my computer has been infected with this latest Trojan (or with any Trojan)? I did install the latest update to Java when I was told by my iMac that new software was available for my computer, which was just 2 or 3 days ago (first week of April). Now it is being said that there was a Java Trojan.
I´m a OS X 10.5.8. user. Now my iMac is infected with the flashback trojan. Especially my gmx mail-account is forwarding spam-massages. What do I have to do?
If 10.5 is up to date, is it vunerable to the Flashback.G Trojan that was reported on 2/24? All of the news items about this speak only of 10.6 or 10.7. They imply that if OS X is up to date, then there are no worries.
I noticed a couple times that the green light has been coming on for my webcam on my iMac. Are there any known trojans/viruses that can do this? Is there a way to determine if this is indeed occurring?
My Mini is acting strangely, hanging, slow to respond, when i hit restart, it will not shut down completely until I press the power button.My wireless mouse is stumbling also. Could i have picked up a virus? How can I tell? Is there a diagnostic?
Info: Mac mini, Mac OS X (10.6.8), WD 250 GB external HD
Apparently my mac is holding a Windows Trojan. It probably got on my mac through a USB device when uploading things to desktop.The file itself hasn't been touched since 2006...pretty darn old usb/trojan. I have both Kaspersky Anti-Virus and Sophos (installed after Kaspersky was unable to disenfect) which apparently quarantined the file but can not be deleted.The file autorun.exe is hidden in a folder RECYCLER in the desktop. I've used the Terminal to show the file. I've checked its info and it's already unlocked and privilege is Read & Write. Whenever I throw the whole folder into the trash and attempt to empty, I receive error message "The operation can’t be completed because you don’t have permission to access some of the items." If I drag the file seperate from folder into the trash, I receive the prompt to enter my security question (was never prompted this for any other file). After entering password, it makes the sound that something went it. The Trash however is empty, and the file remains in the RECYCLER folder in the desktop.
I'm new to Apple Mac so apologize in advance for using incorrect terminology. Since yesterday when I signed on to OkCupid, I'm getting what I believe is Apple's "hourglass" icon (round various colored circle) which I can't get rid of (and can't do anything) until I shut down and restart computer. It's happened today on other sites as well. It takes over my computer. Is this a virus? Does anyone know, and if so, how can I get rid of it?
So, the last few times I've logged into Facebook, several IM chats open up with me having send a couple of my contacts spam. I'm using a mac so I know I haven't installed anything weird, what could it be? I changed my password but I'll see if it continues.
I uninstalled LittleSnitch with Appcleaner but I still have the network icon on my menu bar. Every few moments I get a notification that LittleSnitch trial is over. I did a search through spotlight for "little snitch" and I get no results.
I have recently installed little snitch, later i prefer to uninstall that, because, whenever i open any application, immediately one notification window opens and asking about some TPC connection. see the photo. how to make to uninstall little snitch
I've been running the Little Snitch demo for some time now and have been noticing that the links that it tells me are active are wrong. This is what I read when I hover my mouse over the icon in the menu bar.
For example I'm downloading the Aperture 2 manual now from Apple however Little Snitch says that Safari is downloading it from [URL] or something. Like what the heck?
No other webpage, download or application was using the internet at the time. Is it that Apple uses this address or is it that Little Snitch has gone crazy?
Just curious if anyone knows of a program with similar features to Little Snitch that is shareware.
This has probably been brought up in another thread already but I wasn't able to find the answer I was looking for. If you happen to know of that conversation it would be awesome if you could post a link to it.
When a program crashes and the error report window opens, I fill it in the best I can and hit send.A new window opens that says "Submission failed, Your report could not be submitted. Please try again later." No matter how many times I try, minutes later, hours later, next day, they don;t go through.
A few days ago I installed a legit version of Little Snitch on my iMac. The program and the internet worked fine but the pop ups were just too annoying. I uninstalled Little Snitch using the uninstaller that came with the program, restarted my computer and then my internet was crippled. I could access the internet through Firefox and safari but all other programs were unable to access the internet, including a shell script that I embeded on my Desktop and Azures. After trying everything I could think of, including restarting and looking for /System/Library/Extensions/LittleSnitch.kext I re-installed Little Snitch and all my programs work fine. Any way to get rid of Little Snitch while keeping my internet working?
One of the features I mostly like about Little Snitch is the Alert Panel pop ups, which give me full control of what type of access is given to which applications. Here is the alert panel: I found that some users dislike it, and even some discussions were started on how to get rid of it. That's not my case today. My Little Snitch was working perfectly until I decided to upgrade my Macbook HD to a higher storage. I went to an authorized Mac store, which replaced the new HD into place and advised me to go back home and boot the MacBook with the installation disk pressing C.
Then, after installation, I chose to restore my files from the last Time Machine backup. However, after doing this it seemed that many applications including Little Snitch started to operate differently... as if I would be running them for the first time. So in addition to the automatic Time Machine restore, I went to a manual restore of applications and library items. When I tried to overwrite the files of Little Snitch on the Library folder, I was asked my Administrator password. Then after typing it, I received the message that I did not have sufficient administrator preferences................
So far I haven't seen any uninstall options in all the software that I've installed, so if I were to uninstall programs that are linked to the Start Up list, how should I do it? Can I just delete them from the HD? Because for Windows, messing with files that are related to the registry or system can really cause big problems for the computer.
I upgraded to Snow Leopard last week but before I upgraded I exported all the Little Snitch settings. After the upgrade to Snow Leopard, I installed Little Snitch and imported the settings that I exported. Now everything works fine except MobileMe sync. I suspect Little Snitch is blocking some process that is causing this. I turned off the Network filter in Little Snitch and was able to do that MobileMe sync perfectly.
... long time reader, first time poster!! So I'm doing it. I'm switching from PC to Mac. I've been waiting for a while now and the new MacBook Pro's have convinced me. I'm buying the 13 inch this week.
However I'm slightly worried about the upgrade to Snow Leopard in September.
My question is if I buy a new MacBook Pro this week and upgrade from the current version of Leopard to Snow Leopard will it be the EXACT same as the version of Snow Leopard that ships with new MacBooks after September?
Is the upgrade just the same as the full software version available post September? Does the upgrade it just detect if you have the previous software and installs as if it were the full? Or does it just "patch" things depending on what's different from previous versions?
I can wait till after Snow Leopard is released in September 09 if it is different to Leopard upgraded to Snow Leopard.
