[X-Newbies] Possible Trojan
Chris Walker
chris at mymac.demon.co.uk
Sat Dec 17 06:44:48 PST 2005
Hi all,
this afternoon I tried to do a Google search but received the reply that
my request was refused as they were receiving excessive multiple
requests from my address. It sounded like a DDOS attack coming from
from my machine. I was advised to get some AV software and eradicate this.
I fired up Interarchy and found stuff was going to
www2.vip.ukl.yahoo.com (217.12.3.11). Trying that in Safari got a page
not found. I blocked the traffic with Snitch and Google resumed normal
service. another IP was 224.0.0.251 to which regular connections were
being made.
This has me a bit worried. Whether it was spyware or something that
simply flooded Google with spurious packets I don't know. The only
thing I can put it down to was a Beeblefish widget which might have been
a trojan. It came from MacUpdate which is usually reliable. I suspect
the thing is still installed somewhere and only Snitch is stopping it
operating, but other than using spotlight - which shows nothing - I
don't know where to look.
I've always harboured doubts about widgets - they smack too much of
Active-X for my liking with consequences we all know.
cheers,
Chris
More information about the X-Newbies
mailing list