Messages In This Digest (23 Messages)
- 1a.
- Re: Reappearing tracking cookies and how to delete them? From: jamesrob@sonic.net
- 1b.
- Re: Reappearing tracking cookies and how to delete them? From: vixpix
- 1c.
- Re: Reappearing tracking cookies and how to delete them? From: Harry Flaxman
- 1d.
- Re: Reappearing tracking cookies and how to delete them? From: vixpix
- 1e.
- Re: Reappearing tracking cookies and how to delete them? From: Michael Stupinski
- 1f.
- Re: Reappearing tracking cookies and how to delete them? From: Vixpix
- 1g.
- Re: Reappearing tracking cookies and how to delete them? From: Michael Stupinski
- 1h.
- Re: Reappearing tracking cookies and how to delete them? From: Jurgen Richter
- 1i.
- Re: Reappearing tracking cookies and how to delete them? From: Patsy Price
- 1j.
- Re: Reappearing tracking cookies and how to delete them? From: Mr X
- 1k.
- Re: Reappearing tracking cookies and how to delete them? From: Harry Flaxman
- 1l.
- Re: Reappearing tracking cookies and how to delete them? From: vixpix
- 1m.
- Re: Reappearing tracking cookies and how to delete them? From: Randy B. Singer
- 2a.
- Re: Identifiing and Dealing with the Flash Installer Trojan From: Eric
- 2b.
- Re: Identifiing and Dealing with the Flash Installer Trojan From: Randy B. Singer
- 3.
- Yahoo Log In From: Betty Jenkins
- 4a.
- Converting VOB file for Mac From: harpangel36
- 4b.
- Re: Converting VOB file for Mac From: Harry Flaxman
- 4c.
- Re: Converting VOB file for Mac From: Randy B. Singer
- 5a.
- Looking for Applescript help From: DaveC
- 5b.
- Re: Looking for Applescript help From: Otto Nikolaus
- 6a.
- Re: [ebmug] Identifiing and Dealing with the Flash Installer Trojan From: Randy B. Singer
- 6b.
- Re: [ebmug] Identifiing and Dealing with the Flash Installer Trojan From: Paulette
Messages
- 1a.
-
Re: Reappearing tracking cookies and how to delete them?
Posted by: "jamesrob@sonic.net" jamesrob@sonic.net jamesrob328i
Fri Sep 30, 2011 5:35 am (PDT)
--- In macsupportcentral@yahoogroups. , "Randy B. Singer" <randy@...> wrote:com
> I should note that, in addition to the normal type of cookies, there
> is a far more insidious type of cookie called a Flash Cookie.
>
> You can delete these with:
>
> Flush (free)
> http://machacks.tv/2009/01/ 27/flushapp- flash-cookie- removal-tool- for-
> os-x/
> or
> http://is.gd/GZ7u1q
>
> More info:
> http://www.orzeszek.org/blog/ 2009/08/12/ how-to-delete- flash-cookies-
> conveniently/
>
> As a side benefit, you might find that your browser is now world's
> faster. I've seen some cases where a user has flushed over a
> thousand Flash cookies!
>
> _____________________ _________ _________ ____
> Randy B. Singer
> Co-author of The Macintosh Bible (4th, 5th, and 6th editions)
>
> Macintosh OS X Routine Maintenance
> http://www.macattorney.com/ts. html
> _____________________ _________ _________ ____
>
Is there any downside to deleting these en masse? Is information stored in these that make my interaction with, say, user forums where I have accounts, more seamless?
I read what's available about Flush.app on their page as well as the Wikipdedia article about local shared objects and couldn't find any warnings about problems that might result, and I found more than 2500 of them in the two locations where Wikepedia says they're stored.
Bottom line, will I miss any of them after they're gone?
;-)
- 1b.
-
Re: Reappearing tracking cookies and how to delete them?
Posted by: "vixpix" vixpix@frontiernet.net nyskater
Fri Sep 30, 2011 6:54 am (PDT)
These cookies must not be related to Flash, as these pesky little things keep coming back. I'm sure every one of you guys have this too, if you look.
Vickie
Sent from a spoiled little iPad
On Sep 29, 2011, at 9:59 PM, "Randy B. Singer" <randy@macattorney.com > wrote:
>
> On Sep 29, 2011, at 4:34 PM, vixpix wrote:
>
>> Can someone tell me how to permanently delete cookies? What folder
>> do they all reside in?
>
> I should note that, in addition to the normal type of cookies, there
> is a far more insidious type of cookie called a Flash Cookie.
>
> You can delete these with:
>
> Flush (free)
> http://machacks.tv/2009/01/ 27/flushapp- flash-cookie- removal-tool- for-
> os-x/
> or
> http://is.gd/GZ7u1q
>
> More info:
> http://www.orzeszek.org/blog/ 2009/08/12/ how-to-delete- flash-cookies-
> conveniently/
>
> As a side benefit, you might find that your browser is now world's
> faster. I've seen some cases where a user has flushed over a
> thousand Flash cookies!
>
> _____________________ _________ _________ ____
> Randy B. Singer
> Co-author of The Macintosh Bible (4th, 5th, and 6th editions)
>
> Macintosh OS X Routine Maintenance
> http://www.macattorney.com/ts. html
> _____________________ _________ _________ ____
>
>
>
>
>
> --------------------- --------- ------
>
> Group FAQ:
> <http://www.macsupportcentral. >com/policies/
>
> Yahoo! Groups Links
>
>
>
- 1c.
-
Re: Reappearing tracking cookies and how to delete them?
Posted by: "Harry Flaxman" harry.flaxman@comcast.net hflaxman001
Fri Sep 30, 2011 6:58 am (PDT)
On 9/30/2011 9:55 AM, vixpix wrote:
> These cookies must not be related to Flash, as these pesky little things keep coming back. I'm sure every one of you guys have this too, if you look.
>
> Vickie
>
> Sent from a spoiled little iPad
>
> On Sep 29, 2011, at 9:59 PM, "Randy B. Singer"<randy@macattorney.com > wrote:
>
>> >
>> > On Sep 29, 2011, at 4:34 PM, vixpix wrote:
>> >
>>> >> Can someone tell me how to permanently delete cookies? What folder
>>> >> do they all reside in?
>> >
>> > I should note that, in addition to the normal type of cookies, there
>> > is a far more insidious type of cookie called a Flash Cookie.
>> >
>> > You can delete these with:
>> >
>> > Flush (free)
>> > http://machacks.tv/2009/01/ 27/flushapp- flash-cookie- removal-tool- for-
>> > os-x/
>> > or
>> > http://is.gd/GZ7u1q
Saw a CNET podcast this morning, The Buzz Report, that stated that
Facebook claims this is a bug that will be fixed. They have supposedly
been able to track anyone, even if they're logged off.
I don't believe that for one moment, but at least, they'll be 'fixing' it!
Harry
- 1d.
-
Re: Reappearing tracking cookies and how to delete them?
Posted by: "vixpix" vixpix@frontiernet.net nyskater
Fri Sep 30, 2011 7:13 am (PDT)
It's not just Facebook. I've got cookies from Google, Mashable, adverting, and dozens more. I wonder if this only happens in Safari and not Firefox.
Vickie
Sent from a spoiled little iPad
On Sep 30, 2011, at 9:57 AM, Harry Flaxman <harry.flaxman@comcast.net > wrote:
> On 9/30/2011 9:55 AM, vixpix wrote:
>> These cookies must not be related to Flash, as these pesky little things keep coming back. I'm sure every one of you guys have this too, if you look.
>>
>> Vickie
>>
>> Sent from a spoiled little iPad
>>
>> On Sep 29, 2011, at 9:59 PM, "Randy B. Singer"<randy@macattorney.com > wrote:
>>
>>>>
>>>> On Sep 29, 2011, at 4:34 PM, vixpix wrote:
>>>>
>>>>>> Can someone tell me how to permanently delete cookies? What folder
>>>>>> do they all reside in?
>>>>
>>>> I should note that, in addition to the normal type of cookies, there
>>>> is a far more insidious type of cookie called a Flash Cookie.
>>>>
>>>> You can delete these with:
>>>>
>>>> Flush (free)
>>>> http://machacks.tv/2009/01/ 27/flushapp- flash-cookie- removal-tool- for-
>>>> os-x/
>>>> or
>>>> http://is.gd/GZ7u1q
>
>
> Saw a CNET podcast this morning, The Buzz Report, that stated that
> Facebook claims this is a bug that will be fixed. They have supposedly
> been able to track anyone, even if they're logged off.
>
> I don't believe that for one moment, but at least, they'll be 'fixing' it!
>
> Harry
>
>
>
>
> --------------------- --------- ------
>
> Group FAQ:
> <http://www.macsupportcentral. >com/policies/
>
> Yahoo! Groups Links
>
>
>
- 1e.
-
Re: Reappearing tracking cookies and how to delete them?
Posted by: "Michael Stupinski" stupnski@tiac.net mstupinski
Fri Sep 30, 2011 7:17 am (PDT)
Well, if I'm not mistaken, if you regularly access financial accounts,
for example, you will likely be rejected if you don't have accepting
cookies enabled. That means you would have to accept them for the
session and then delete them for each session if you don't want to
keep any cookies at all on your machine. I have mine set to accept
cookies only from sites to which I navigate. I was unaware of Flash
Cookies until I saw Randy's response, but I don't think financial
sites use them. I'll guess I'll find out, as soon as I download and
use Flush per the recommendation!
...........Mike
On Sep 30, 2011, at 8:35 AM, jamesrob@sonic.net wrote:
>
>
> --- In macsupportcentral@yahoogroups. , "Randy B. Singer"com
> <randy@...> wrote:
>
>> I should note that, in addition to the normal type of cookies, there
>> is a far more insidious type of cookie called a Flash Cookie.
>>
>> You can delete these with:
>>
>> Flush (free)
>> http://machacks.tv/2009/01/ 27/flushapp- flash-cookie- removal-tool- for-
>> os-x/
>> or
>> http://is.gd/GZ7u1q
>>
>> More info:
>> http://www.orzeszek.org/blog/ 2009/08/12/ how-to-delete- flash-cookies-
>> conveniently/
>>
>> As a side benefit, you might find that your browser is now world's
>> faster. I've seen some cases where a user has flushed over a
>> thousand Flash cookies!
>>
>> _____________________ _________ _________ ____
>> Randy B. Singer
>> Co-author of The Macintosh Bible (4th, 5th, and 6th editions)
>>
>> Macintosh OS X Routine Maintenance
>> http://www.macattorney.com/ts. html
>> _____________________ _________ _________ ____
>>
> Is there any downside to deleting these en masse? Is information
> stored in these that make my interaction with, say, user forums
> where I have accounts, more seamless?
>
> I read what's available about Flush.app on their page as well as the
> Wikipdedia article about local shared objects and couldn't find any
> warnings about problems that might result, and I found more than
> 2500 of them in the two locations where Wikepedia says they're stored.
>
> Bottom line, will I miss any of them after they're gone?
>
> ;-)
>
>
>
>
>
> --------------------- --------- ------
>
> Group FAQ:
> <http://www.macsupportcentral. >com/policies/
>
> Yahoo! Groups Links
>
>
>
- 1f.
-
Re: Reappearing tracking cookies and how to delete them?
Posted by: "Vixpix" vixpix@frontiernet.net nyskater
Fri Sep 30, 2011 7:28 am (PDT)
I just saw this information on tracking cookies:
http://www.blogotechblog.com/ 2011/09/protect- yourself- from-facebook- tracking/
Vickie
[Non-text portions of this message have been removed]
- 1g.
-
Re: Reappearing tracking cookies and how to delete them?
Posted by: "Michael Stupinski" stupnski@tiac.net mstupinski
Fri Sep 30, 2011 7:29 am (PDT)
OK, I've run Flush, which found about 920 Flash Cookies and deleted
them all. Normal cookies remain apparently untouched and I wasn't
rejected by any of the financial sites I visited.
............Mike
On Sep 30, 2011, at 10:17 AM, Michael Stupinski wrote:
> Well, if I'm not mistaken, if you regularly access financial accounts,
> for example, you will likely be rejected if you don't have accepting
> cookies enabled. That means you would have to accept them for the
> session and then delete them for each session if you don't want to
> keep any cookies at all on your machine. I have mine set to accept
> cookies only from sites to which I navigate. I was unaware of Flash
> Cookies until I saw Randy's response, but I don't think financial
> sites use them. I'll guess I'll find out, as soon as I download and
> use Flush per the recommendation!
>
> ...........Mike
>
> On Sep 30, 2011, at 8:35 AM, jamesrob@sonic.net wrote:
>
>>
>>
>> --- In macsupportcentral@yahoogroups. , "Randy B. Singer"com
>> <randy@...> wrote:
>>
>>> I should note that, in addition to the normal type of cookies, there
>>> is a far more insidious type of cookie called a Flash Cookie.
>>>
>>> You can delete these with:
>>>
>>> Flush (free)
>>> http://machacks.tv/2009/01/ 27/flushapp- flash-cookie- removal-tool-
>>> for-
>>> os-x/
>>> or
>>> http://is.gd/GZ7u1q
>>>
>>> More info:
>>> http://www.orzeszek.org/blog/ 2009/08/12/ how-to-delete- flash-cookies-
>>> conveniently/
>>>
>>> As a side benefit, you might find that your browser is now world's
>>> faster. I've seen some cases where a user has flushed over a
>>> thousand Flash cookies!
>>>
>>> _____________________ _________ _________ ____
>>> Randy B. Singer
>>> Co-author of The Macintosh Bible (4th, 5th, and 6th editions)
>>>
>>> Macintosh OS X Routine Maintenance
>>> http://www.macattorney.com/ts. html
>>> _____________________ _________ _________ ____
>>>
>> Is there any downside to deleting these en masse? Is information
>> stored in these that make my interaction with, say, user forums
>> where I have accounts, more seamless?
>>
>> I read what's available about Flush.app on their page as well as the
>> Wikipdedia article about local shared objects and couldn't find any
>> warnings about problems that might result, and I found more than
>> 2500 of them in the two locations where Wikepedia says they're
>> stored.
>>
>> Bottom line, will I miss any of them after they're gone?
>>
>> ;-)
>>
>>
>>
>>
>>
>> --------------------- --------- ------
>>
>> Group FAQ:
>> <http://www.macsupportcentral. >com/policies/
>>
>> Yahoo! Groups Links
>>
>>
>>
>
>
>
> --------------------- --------- ------
>
> Group FAQ:
> <http://www.macsupportcentral. >com/policies/
>
> Yahoo! Groups Links
>
>
>
- 1h.
-
Re: Reappearing tracking cookies and how to delete them?
Posted by: "Jurgen Richter" yahoo-1@sympatico.ca epsongroups
Fri Sep 30, 2011 8:09 am (PDT)
A great little stand-alone script - thanks Randy
I also use the Better Privacy plugin on Firefox. I also use Safari more
and more, but keep Firefox running just to keep the Better Privacy
plugin running. Can't believe how many of these Flash cookies get loaded
through Safari.
With the BP plugin, it shows right under my toolbar in Firefox and
notifies me when one of these LSO cookies is stored. I then have an
opportunity to delete them directly (it goes to a window and shows you
which LSO are stored, you get to choose which you want to delete.)
This is in addition to managing regular cookies too, which I routinely
purge.
Cheers
- 1i.
-
Re: Reappearing tracking cookies and how to delete them?
Posted by: "Patsy Price" beyondwords@shaw.ca beyondwords2
Fri Sep 30, 2011 10:11 am (PDT)
>Is there any downside to deleting these en masse? Is information
>stored in these that make my interaction with, say, user forums
>where I have accounts, more seamless? ...
>Bottom line, will I miss any of them after they're gone?
Well, I used Flush.app to delete all my Flash cookies
yesterday---just around 50 on this new-to-me iMac with everything
cleanly installed two months ago, including ClickToPlugin, and Safari
as my main browser.
The first thing I discovered was that I had lost my scores for
Flash-based puzzles I do regularly (JigSawDoku). So that I won't lose
those again, after I did a new puzzle and new Flash cookies were
created, I found them in Finder and applied a color label. I'll do
the same with any others I wish I hadn't deleted. Next time, before I
use Flush.app, I'll temporarily move those to a safe place. Will a
new folder on the desktop be safe enough?
Patsy
- 1j.
-
Re: Reappearing tracking cookies and how to delete them?
Posted by: "Mr X" x255075@gmail.com x255075
Fri Sep 30, 2011 10:30 am (PDT)
Hi:
I had been using Flush with no problems before. Now I get this message:
File Macintosh
HD:users:myname:library:preferen ces:macromedia:
flash player wasn't found
Not sure what to do....
Thanks, Azim
Mr X's Hardware Overview:
Model Name: iMac
Identifier: iMac5,1
Processor Name: Intel Core 2 Duo
Processor Speed: 2.16 GHz
Number Of Processors: 1
Total Number Of Cores: 2
L2 Cache: 4 MB
Memory: 4 GB
Bus Speed: 667 MHz
Boot ROM Version: IM51.0090.B09
SMC Version: 1.9f4
System: Mac OS X 10.6.8 Snow Leopard
Memory Slots 0 and 1: 2 GB each
On 2011.Sep.30, at 10:10 AM, Patsy Price wrote:
>Is there any downside to deleting these en masse? Is information
>stored in these that make my interaction with, say, user forums
>where I have accounts, more seamless? ...
>Bottom line, will I miss any of them after they're gone?
Well, I used Flush.app to delete all my Flash cookies
yesterday---just around 50 on this new-to-me iMac with everything
cleanly installed two months ago, including ClickToPlugin, and Safari
as my main browser.
The first thing I discovered was that I had lost my scores for
Flash-based puzzles I do regularly (JigSawDoku). So that I won't lose
those again, after I did a new puzzle and new Flash cookies were
created, I found them in Finder and applied a color label. I'll do
the same with any others I wish I hadn't deleted. Next time, before I
use Flush.app, I'll temporarily move those to a safe place. Will a
new folder on the desktop be safe enough?
Patsy
[Non-text portions of this message have been removed]
- 1k.
-
Re: Reappearing tracking cookies and how to delete them?
Posted by: "Harry Flaxman" harry.flaxman@comcast.net hflaxman001
Fri Sep 30, 2011 10:39 am (PDT)
On 9/30/2011 1:30 PM, Mr X wrote:
> Hi:
>
> I had been using Flush with no problems before. Now I get this message:
>
> File Macintosh
> HD:users:myname:library:preferen ces:macromedia:
> flash player wasn't found
>
> Not sure what to do....
>
> Thanks, Azim
I get that when there are no Flash cookies to be 'flushed'. It's
happened in 10.6 and 10.7.
Harry
- 1l.
-
Re: Reappearing tracking cookies and how to delete them?
Posted by: "vixpix" vixpix@frontiernet.net nyskater
Fri Sep 30, 2011 10:52 am (PDT)
When I used Flush, it almost looked like an error message from Terminal. Not sure it was working properly. Any suggestions?
Vickie
Sent from a spoiled little iPad
On Sep 30, 2011, at 1:38 PM, Harry Flaxman <harry.flaxman@comcast.net > wrote:
> On 9/30/2011 1:30 PM, Mr X wrote:
>> Hi:
>>
>> I had been using Flush with no problems before. Now I get this message:
>>
>> File Macintosh
>> HD:users:myname:library:preferen ces:macromedia:
>> flash player wasn't found
>>
>> Not sure what to do....
>>
>> Thanks, Azim
> I get that when there are no Flash cookies to be 'flushed'. It's
> happened in 10.6 and 10.7.
>
> Harry
>
>
>
>
> --------------------- --------- ------
>
> Group FAQ:
> <http://www.macsupportcentral. >com/policies/
>
>
>
- 1m.
-
Re: Reappearing tracking cookies and how to delete them?
Posted by: "Randy B. Singer" randy@macattorney.com randybrucesinger
Fri Sep 30, 2011 4:45 pm (PDT)
On Sep 30, 2011, at 5:35 AM, jamesrob@sonic.net wrote:
> Is there any downside to deleting these en masse? Is information
> stored in these that make my interaction with, say, user forums
> where I have accounts, more seamless?
I had over a thousand of them. When I deleted all of them the only
site that acted any differently was Pandora. It no longer had my pre-
set "channels."
Note that Flash cookies are not legitimate standard cookies. They
are covert and not designed for what you would normally accept
cookies to be doing.
Has anyone else noticed a huge performance increase in Safari after
deleting them?
_____________________ _________ _________ ____
Randy B. Singer
Co-author of The Macintosh Bible (4th, 5th, and 6th editions)
Macintosh OS X Routine Maintenance
http://www.macattorney.com/ts. html
_____________________ _________ _________ ____
- 2a.
-
Re: Identifiing and Dealing with the Flash Installer Trojan
Posted by: "Eric" emanmb@yahoo.com emanmb
Fri Sep 30, 2011 9:20 am (PDT)
Also Sophos for Mac has been updated as well and is also free.
--- In macsupportcentral@yahoogroups. , "Randy B. Singer" <randy@...> wrote:com
>
> I've been receiving a lot of private e-mails about how to tell if you
> have been infected by the recent Flash Installer Trojan Horse. This
> should make it easy. The free anti-virus program ClamXav has been
> updated to detect and deal with this Trojan Horse. It identifies it
> as: "OSX.Flashback ". Installing and running ClamXav is quick and easy.
>
> ClamXav (free)
> http://www.clamxav.com/
>
>
> _____________________ _________ _________ ____
> Randy B. Singer
> Co-author of The Macintosh Bible (4th, 5th, and 6th editions)
>
> Macintosh OS X Routine Maintenance
> http://www.macattorney.com/ts. html
> _____________________ _________ _________ ____
>
- 2b.
-
Re: Identifiing and Dealing with the Flash Installer Trojan
Posted by: "Randy B. Singer" randy@macattorney.com randybrucesinger
Fri Sep 30, 2011 4:47 pm (PDT)
On Sep 30, 2011, at 9:20 AM, Eric wrote:
> Also Sophos for Mac has been updated as well and is also free.
Thanks, I know. However, I don't recommend fully interactive anti-
virus software at this time. This sort of software can cause more
problems than it cures.
Mac OS X anti-virus software: More trouble than it's worth? | MacFixIt
http://reviews.cnet.com/ 8301-13727_ 7-10331147- 263.html
_____________________ _________ _________ ____
Randy B. Singer
Co-author of The Macintosh Bible (4th, 5th, and 6th editions)
Macintosh OS X Routine Maintenance
http://www.macattorney.com/ts. html
_____________________ _________ _________ ____
- 3.
-
Yahoo Log In
Posted by: "Betty Jenkins" bboopj@yahoo.com BBoopj
Fri Sep 30, 2011 11:07 am (PDT)
I get the popup error box on my Yahoo Plus account; The Yahoo! POP server �plus.pop.mail.yahoo.com� rejected the password for user �bboopj@yahoo. com �
I then get prompted to enter my password and save it. The password is being saved correctly in the KeyChain. After this, the error will return in some few minutes.
Apple support has tried several things without any improvement. Yahoo support appears to be limited to changing to changing password or upgrading account.
Would appreciate any help.
- 4a.
-
Converting VOB file for Mac
Posted by: "harpangel36" harpangel36@yahoo.com harpangel36
Fri Sep 30, 2011 5:51 pm (PDT)
I have a DVD that I need to convert to a compatible format to put in an iPhoto slideshow. Are there any free or low cost programs that will do this? I have handbrake and Evom but they didn't work for that.
- 4b.
-
Re: Converting VOB file for Mac
Posted by: "Harry Flaxman" harry.flaxman@comcast.net hflaxman001
Fri Sep 30, 2011 6:01 pm (PDT)
On 9/30/2011 8:51 PM, harpangel36 wrote:
> I have a DVD that I need to convert to a compatible format to put in an iPhoto slideshow. Are there any free or low cost programs that will do this? I have handbrake and Evom but they didn't work for that.
>
>
>
> --------------------- --------- ---
Handbrake works. It's here: handbrake.fr
Free, fast and easy!
\
Harry
- 4c.
-
Re: Converting VOB file for Mac
Posted by: "Randy B. Singer" randy@macattorney.com randybrucesinger
Sat Oct 1, 2011 12:11 am (PDT)
On Sep 30, 2011, at 5:51 PM, harpangel36 wrote:
> I have a DVD that I need to convert to a compatible format to put
> in an iPhoto slideshow.
This one is free and excellent:
MPEGStreamClip (free)
http://www.squared5.com/
_____________________ _________ _________ ____
Randy B. Singer
Co-author of The Macintosh Bible (4th, 5th, and 6th editions)
Macintosh OS X Routine Maintenance
http://www.macattorney.com/ts. html
_____________________ _________ _________ ____
- 5a.
-
Looking for Applescript help
Posted by: "DaveC" davec2468@yahoo.com davec2468
Fri Sep 30, 2011 11:19 pm (PDT)
Anybody on the list care to answer a few basic questions? Or point me
somewhere I can ask these?
I presume it's a bit OT for the List...
Off-list if you prefer.
Thanks,
Dave
- 5b.
-
Re: Looking for Applescript help
Posted by: "Otto Nikolaus" otto.nikolaus@googlemail.com nikyzf
Sat Oct 1, 2011 3:25 am (PDT)
We must have some members who can help. Why not give it a try?
Otto
On 1 October 2011 07:19, DaveC <davec2468@yahoo.com > wrote:
> Anybody on the list care to answer a few basic questions? Or point me
> somewhere I can ask these?
>
> I presume it's a bit OT for the List...
>
> Off-list if you prefer.
>
[Non-text portions of this message have been removed]
- 6a.
-
Re: [ebmug] Identifiing and Dealing with the Flash Installer Trojan
Posted by: "Randy B. Singer" randy@macattorney.com randybrucesinger
Fri Sep 30, 2011 11:51 pm (PDT)
There are some new findings with regard to the Flash Installer Trojan
Horse.
There are two signatures in ClamXav for this Trojan currently. Apple
currently has eight
definitions, all for the same Mac Trojan. A sample collected of the
Trojan from a malware site does not match any of these.
Further when the sample was
uploaded to a site that scans it with 43 different anti-virus
products, none of them
caught it, either. It would appear that the bad guys are able to
change the
Trojan�s signature while retaining it's functionality. So you
probably need to uninstall this Trojan manually if you have been
infected. At this point you probably have to assume that no anti-
virus software is effective for eradicating it from your Mac.
A sample from the same site was analyzed by someone who
installed the Trojan in a sandbox environment and posted his results
here
<https://discussions.apple.com/ >message/16247297 #16247297
Nobody who has been infected has reported any symptoms other than
finding that Little
Snitch had been disabled. Whatever the Trojan was doing (probably
"phoning home")
was being done in the background.
So here is what I recommend if you think you might have installed
it. Download a copy of:
EasyFind (free)
http://www.devon-technologies. com/download/ index.html
(scroll to the bottom of the page)
You will be using EasyFind to find and delete all of the files that
the Trojan has left on your system. Spotlight will not work for
this, as Spotlight isn�t designed to search in system areas, and it
won�t search for invisible files.
Set EasyFind to search only for files and folders, and to also search
for invisibile files and folders.
See if any of these files are installed in your user directory:
.MacOSX/environment.plist
Library/LaunchAgents/com.apple. SystemUI. plist
Library/Preferences/perflib
Library/Preferences/Preferences. dylib
Library/Logs/swlog
The first is a hidden folder, so don�t leave out the leading period
in your search. None of these four
belong on your computer so if you find them, you have been infected
and if
they are not there, you are not infected.
If you are running "Little Snitch" check to see if it has been
disabled in
some way.
If you are not infected look in your download folder for a file named
"FlashPlayer-11-macos. pkg". That is the Trojan installer and needs to go
directly to the Trash. Infected users will not find this file as it
destroys
itself after completing the installation.
If you are infected you must trash all five files during the same
session or
you may not be able to log back in to your account. That especially
applies
to the one in the hidden folder which may exist on normal Macs but is
replaced by the one the Trojan installs. If that is the only one of the
listed files you find, leave it alone.
Now some good news. The installer distribution site has been down for
the
last day and a half. It could be temporary, they could have moved it
(but I
have not read any new reports during that time), they may be
regrouping or
they may have satisfied whatever their objective was. I prefer to think
their computers were all confiscated when the police arrested them all.
_____________________ _________ _________ ____
Randy B. Singer
Co-author of The Macintosh Bible (4th, 5th, and 6th editions)
Macintosh OS X Routine Maintenance
http://www.macattorney.com/ts. html
_____________________ _________ _________ ____
- 6b.
-
Re: [ebmug] Identifiing and Dealing with the Flash Installer Trojan
Posted by: "Paulette" behindmylens@gmail.com paulette1031
Sat Oct 1, 2011 12:12 am (PDT)
Thank you for this Randy. I did everything suggested and computer is
clean. Whew.
Paulette
Visit my photo gallery: http://www.pbase.com/gsds4me
Kiva, loans that change lives http://www.kiva.org/
On Sat, Oct 1, 2011 at 4:51 PM, Randy B. Singer <randy@macattorney.com >wrote:
> There are some new findings with regard to the Flash Installer Trojan
> Horse.
>
> There are two signatures in ClamXav for this Trojan currently. Apple
> currently has eight
> definitions, all for the same Mac Trojan. A sample collected of the
> Trojan from a malware site does not match any of these.
> Further when the sample was
> uploaded to a site that scans it with 43 different anti-virus
> products, none of them
> caught it, either. It would appear that the bad guys are able to
> change the
> Trojan�s signature while retaining it's functionality. So you
> probably need to uninstall this Trojan manually if you have been
> infected. At this point you probably have to assume that no anti-
> virus software is effective for eradicating it from your Mac.
>
> A sample from the same site was analyzed by someone who
> installed the Trojan in a sandbox environment and posted his results
> here
> <https://discussions.apple.com/ >message/16247297 #16247297
>
> Nobody who has been infected has reported any symptoms other than
> finding that Little
> Snitch had been disabled. Whatever the Trojan was doing (probably
> "phoning home")
> was being done in the background.
>
> So here is what I recommend if you think you might have installed
> it. Download a copy of:
>
> EasyFind (free)
> http://www.devon-technologies. com/download/ index.html
> (scroll to the bottom of the page)
> You will be using EasyFind to find and delete all of the files that
> the Trojan has left on your system. Spotlight will not work for
> this, as Spotlight isn�t designed to search in system areas, and it
> won�t search for invisible files.
>
> Set EasyFind to search only for files and folders, and to also search
> for invisibile files and folders.
>
> See if any of these files are installed in your user directory:
>
> .MacOSX/environment.plist
> Library/LaunchAgents/com.apple. SystemUI. plist
> Library/Preferences/perflib
> Library/Preferences/Preferences. dylib
> Library/Logs/swlog
>
> The first is a hidden folder, so don�t leave out the leading period
> in your search. None of these four
> belong on your computer so if you find them, you have been infected
> and if
> they are not there, you are not infected.
>
> If you are running "Little Snitch" check to see if it has been
> disabled in
> some way.
>
[Non-text portions of this message have been removed]
Need to Reply?
Click one of the "Reply" links to respond to a specific message in the Daily Digest.
MARKETPLACE
Change settings via the Web (Yahoo! ID required)
Change settings via email: Switch delivery to Individual | Switch format to Traditional
Visit Your Group | Yahoo! Groups Terms of Use | Unsubscribe
