Spyware?

Matsaki

Matsaki

Registered
I had a spyware / trojan 1-2 Month ago and had some poker popups because some trojan was changing my DNS. With some help I found the problem and it was fixed. It was some file in /Libary/internet-plugins (don't remember the name)

Now I get the same popup but it's not working the same way. Here is the URL on the poker popup:

http://adserving.cpxinteractive.com...AAAAA=,,http://www.mediafire.com/?zz3dc30w2yl
Click to expand...

And here is the source code of the popup:

<html><head><title>PKR.com - The Ultimate in Online Poker</title></head><body style="margin-left:0%;margin-right:0%;margin-top:0%;margin-bottom:0%"><iframe scrolling="no" marginwidth="0" marginheight="0" frameborder="0" height="100%" width="100%" src="http://ad.yieldmanager.com/iframe3?JyUgAInLAgCqAwcA3gEBAAIBBAAAAP8AAAAEBwICAAKpWAIALCwCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR8sP0dI.AADo.k2h2j8AACGob1zfPwAAbFQWMeY.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfwqUP40fEAUupvHzWb9Dq8eznTG9IsRRjbaE-gAAAAA=,,http://www.mediafire.com/?zz3dc30w2yl"></iframe></body></html>
Click to expand...

So I am looking for help what is infected on my system this time and how to solve it :(
 
Download PCTools iAntiVirus for the Mac. It is free and does a good job.

http://www.iantivirus.com/

About
Introduction

With PC Tools iAntiVirus™ you are protected against the most nefarious cyber-threats attempting to gain access to your Mac and personal information.

Once your computer has been infected, a virus or worm will usually attempt to spread itself to your friends, family and associates by accessing your email contacts and networked PCs. The infection may also allow hackers to access files on your Mac, use it to launch attacks against other computers and websites or to send mass SPAM email.

PC Tools iAntiVirus™ provides real-time protection and comprehensive system scanning to ensure your Mac remains safe and virus free.

Protection against Mac specific threats

The iAntiVirus™ database has been designed from the ground up to detect and remove Mac specific threats. This enables a high level of protection whilst keeping memory footprint and resource usage at a minimum. The iAntiVirus™ database is not cluttered with signatures for Windows specific threats which your Mac is immune against.

Simple to use

iAntiVirus™ has been designed with the user in mind. The user interface is purely functional, making it simple to scan for, remove and manage infections.

Features

A variety of scan options

You may perform a variety of scan types using iAntiVirus™, this allows you to strike a balance between the time taken to complete a scan, and its thoroughness.

Real-time protection

OnGuard protects your Mac against infections in real time. Whenever an infection is detected and blocked, an alert is displayed below the system menu bar. OnGuard automatically places detected infections in quarantine, works silently in the background and uses minimal system resources.

Quarantine

iAntiVirus™ quarantines all detected infections, allowing you to easily view and restore items in the case of a false positive (for example: when scanning with engine heuristics set to high).

Automatic Smart Updates

Frequent updates to detect and guard computers against new threats and viruses as well as provide enhancements to iAntiVirus™ are automatically installed and downloaded through the Smart Update function. Threat signatures are updated within hours of a high risk malware outbreak to protect you from the latest online threats.

Low resource usage

When in monitoring mode iAntiVirus™ has been designed to work silently in the background, threats are blocked and removed without any system impact, while only a small alert window is displayed to advise you that your Mac has been protected against an attack.
 
Read a HowTo about this pointing to the article First Look: Trojan Horse warning: What you need to know. It will walk you through removing it.

Now get off you duff :)) and use OpenDNS and get a FREE account to control your DNS. This way you can block groups of web site PLUS any web site you want. Also you can see where your Mac has been with absolutely no software tax on your computer. Then you can go to the companion site PhishTank and contribute to the net your site where you find the trojan.

To Easy! Plus STOP going to the site (p0rn, etc) that deposit that trojan!
 
Last edited:
Thanks,
But maybe it's not a virus or trojan as my DNS is not changed this time (as it was before when I found the trojan) And I used CkamXav antivirus for a scan, and it did not find anything.

I think maybe it was just an popup (even if I have popup blocked in Safari) from mediafire.com where I downloaded some stuff from.

Lets wait and see if the popup comes back again.

Don't surf porn sites or download strange codecs :)
 
You must log in or register to reply here.
Back
Top