Snow Leopard compromised by Malware

My snow leopard when I perform an install places the following files which do not perform any recognizable function.
the process when Forced to quit restarts itself. I have removed the process and was wondering if anyone else has this file?

Your safe, I've got the file too searching with the free Easy Find from, on 10.6 like you.
If your that paranoid that you can't trust Apple, then don't enter any personal information into the machine because Apple will splash it all over the place being all super helpful and trusting.
If you already have, then backup, erase and reinstall the operating system. Setup and return only files with no personal identification, don't use email with your real information, don't use Address Book or anything.
If you have data you don't want anyone to see, use it on a offline machine that's never connected to the Internet.
Read the "Paranoid" section of my User Tip here, it will blow your mind.
How do I securely delete data from the machine?

  • Snow leopard vulnerability to malware?

    i bought snow leopard boxed from a mac store and installed it two days ago. i twice had to search for and install rosetta, something i have never had to do before. (i am running a dual intel G5 machine.)
    this morning while browsing the new york times with safari, a pop up window appeared warning me of a virus infection from "", which redirected to "" before i could close the browser. i have "block pop up windows" turned on in safari. later today a search query at google was refused because my "network or computer" was sending "spam inquiries".
    i assume i have been infected with malware such as confickr, but i have never had an infection before and the timing immediately after installing snow leopard concerns me. has anyone encountered malware or suspicious network or disk activity in the days immediately after installing snow leopard?

    First off, you are running a Mac Pro, not a PowerMac (can't run SL on G5s). Programs that relied on PowerPC code you now have to option install Rosetta (should only be needed to do once).
    SQL-injection; feeding malware via ads is very common, though I have never once seen it happen running IE8 x64 with Windows Vista/7.
    I use one browser for safe browsing and locked down. Easy to do with Firefox using NoScript and one or two other extensions, and to limit or prevent java and plug-ins.
    *'drive-by' infection*
    I wonder if the changes in Snow Leopard to DNS make for more vulnerable in some way. Snow Leopard doesn't have any real portection.

  • Security Update 2011-003 (Snow Leopard ONLY - Really, Really?!?!?!)

    What anyone who doesn't have Snow Leopard isn't at risk of getting tagged by dreaded "Mac Defender" Trojan Horse???
    Come Apple Snow Leopard isn't the only OS that is at risk, you really should make this avaible to ALL Mac users, not just those who have purchased and installed Snow Leopard.

    Eric Schwarzkopf wrote:
    What anyone who doesn't have Snow Leopard isn't at risk of getting tagged by dreaded "Mac Defender" Trojan Horse???
    Come Apple Snow Leopard isn't the only OS that is at risk, you really should make this avaible to ALL Mac users, not just those who have purchased and installed Snow Leopard.
    It would apparently have been a much bigger undertaking  to provide similar functionality for earlier systems. You'd probably have to start from scratch, whereas for Snow Leopard it's a small update to a pre-existing feature. This isn't to say, though, that Apple shouldn't have provided something for earlier systems anyway.
    About Security Update 2011-003:
    Description: The OSX.MacDefender.A definition has been added to the malware check within File Quarantine.
    The "File Quarantine" check for "potentially unsafe files" began with OS X v10.5, but the addition of a specific  "malware check" feature using a list of known malware was new in Snow Leopard.
    About file quarantine in Mac OS X v10.5 and v10.6:
    Snow Leopard checks for malware
    Mac OS X v10.6 Snow Leopard builds upon the existing unsafe file type check by also checking for known instances of "malware", or malicious software. When you open a quarantined file, the file quarantine feature will check to see if it may include known malware.

  • Snow Leopard and the Flashback Malware

    I am visiting my elderly mother and (like an idiot) responded to a prompt to update Adobe Flash last night. I have checked for the presence of DYLD_INSERT_LIBRARIES per C|Net's article on how to detect and remove the Flashback malware and it is not present in Mac OSX, Safari or Firefox. Can I relax? Do I still need to completely disable Flash in Preferences? She does not see well and is trained to automatically update via Software Update for Mac.
    Also, her computer is running VERY slow. Any ideas on how to troubleshoot the speed?
    Thanks in advance for any help!  Happy Mother's Day!
    Her iMac:
      Model Name:          iMac
      Model Identifier:          iMac5,1
      Processor Name:          Intel Core 2 Duo
      Processor Speed:          2.16 GHz
      Number Of Processors:          1
      Total Number Of Cores:          2
      L2 Cache:          4 MB
      Memory:          1 GB
      Bus Speed:          667 MHz
    Running Snow Leopard 10.6.8

    If you have installed the appropriate security updates then you computer is protected. See
    Helpful Links Regarding Malware Protection
    An excellent link to read is Tom Reed's Mac Malware Guide.
    Also, visit The XLab FAQs and read Detecting and avoiding malware and spyware.
    See these Apple articles:
       Mac OS X Snow Leopard and malware detection
       OS X Lion- Protect your Mac from malware
       OS X Mountain Lion- Protect your Mac from malware
       About file quarantine in OS X
    If you require anti-virus protection I recommend using ClamXav.
    Mac OS X Snow Leopard and malware detection.

  • My Macpro Intel Core Duo-running OS 10.6.8 has been crashing pretty much with everything I try to open.  I find the last resort will be to boot from Snow Leopard system disc. Has anyone experienced  this? I can only run Google Chrome.

    In the last few days, it seems that my computer has all of a sudden caught a virus.  I have never had that happened to a computer, but I have surely heard about it.  I can't think of any other reason it is behaving like this.  I know that Macs have been pretty much impervious to viruses, but that was before they were the majority of users.
    Anyway, what is happening is, my computer keeps crashing whenever I try to open a program, app, document, folder, file, etc.  I tried to boot from Drive Genius to establish the problem, but Drive Genius crashed too.  I know the last ditch effort (after cleaning and maintenance of disc verification and permissions and repairs, is to reboot from the system disc.
    Before I go there I was hoping someone in the community would have a suggestion to help me avoid that ultimate last resort.  The tech support guy at Drive Genius told me that probably would have to be the way to go (as in reboot) and if that doesn't clear it up, it's repair time.
    Thank you for your consideration in advance;
    Lorain R

    In the last few days, it seems that my computer has all of a sudden caught a virus.
    As others have pointed out, this isn't malware. That should not be your first (or even fifty-first) thought when your Mac starts misbehaving. For more on this topic, see my Mac Malware Guide.
    I know the last ditch effort (after cleaning and maintenance of disc verification and permissions and repairs, is to reboot from the system disc.
    You mention "cleaning and maintenance." Have you been running utilities claiming to do those things? If so, you may be the victim of an overly-zealous cleaning job, which has removed important files and damaged your system.
    If I'm understanding correctly, you're unable to open any applications at all... is that right? Do you have any backups? If you don't have backups, you're in a sticky situation, as it will be difficult to make backups in your current state, but you shouldn't try any kind of repairs without them. (Actually, you shouldn't do anything with your computer without backups, but this is especially important when something is going badly wrong.)
    If you have backups, reboot from your Snow Leopard install disc. From there, first, repair the hard drive with Disk Utility. Once that is done, assuming repairs were successful, reinstall the system. You can simply reinstall it on top of your current system, and it will replace any damaged or lost system files with new copies. (You'll also need to update the system via Software Update after reinstalling.)
    If you don't have backups, or if Disk Utility can't repair damage, or if the problem continues even after a reinstall, post back with those details.

  • Snow Leopard Memory Usage

    I have recently downgraded my iMac 8,1 back to Snow Leopard due to an unsupported video card in Lion. Not soon after I downgraded, I started experiencing high cpu usage when the machine would run for long periods of time without being rebooted (6-7 hours).
    Currently, the machine has 8GB of RAM (which is all recognized in spite of the documentation stating the max ram on this machine is 6GB). I run, on average 8-10 applications at the same time throughout the day. It appears that the offending application that takes up cpu usage varies throughout the day. This morning, it is iTunes using 85%. Other times, it's Apple Mail. Even others, it's MDWorker (which I'm not confident I know what that is).
    What doesn't make sense is that the offending application changes throughout the day. As time passes, sometimes when I attempt to launch a video on a website, it gets real choppy and will not run normally until I reboot. The audio cuts in and out and the frame rate is horrible.
    My initial thought was that one of the memory sticks is bad, but these issues don't indicate a memory problem from what I understand. Yesterday, I removed one of the two sticks of RAM and booted to see what performance was like with just 4GB in. It did the same thing even after only 5 minutes running. I have also considered a memory leak, but that in itself shouldn't cause abnormal CPU usage.
    Currently, My CPU usage is at about 50% on both cores with iTunes taking up 82% (I am streaming audio) and the Activity Monitor itself using 8%. All other processes are under 2%.
    Does anyone have any advice? What should be normal CPU usage on Snow Leopard? Of course, that's a subjective question that depends on what applicatios you are running. I do not do any heavy graphics processing. My main applications are Safari, Word, Excel, Outlook, iChat, and iTunes. I am thinking of, once again, nuking this machine and rebuilding from scratch.
    Any advice would be helpful. I'm pulling my hair out.

    RevJoel wrote:
    On a hunch, I ran ClamXAV from Safe Mode and found 8 emails with Trojans. While not critical, I moved them to the trash and emptied it. One of the 8 was in my Mail folder. The rest were in SPAM. I rebooted after that was complete and have been running better since the above screenshot was taken. I cannot imagine that a trojan was clicked on as it was probably an attachment unless someone I regularly email with accidentally sent me one since that's how they work.
    There are no known Trojans spread through e-mail that affect the Mac and without knowing the infection name I can't really say, but suspect they were all Windows. Most Mac malware detected by ClamXav have "OSX" as part of the infection name.
    It's never a good idea to move e-mail files around using the finder or any AV software. This will most certainly corrupt the mailbox index file which could result in the loss of additional e-mail. You should repair the damage by running "Rebuild" from the Mailbox menu of Mail on both your Inbox and Junk folders. It's also possible that you didn't delete the oriinal mail from your e-mail ISP's server and it will just be downloaded to your computer again the next time you check for mail. Depends several settins in Mail and on your ISP's server.
    You should always use the "Reveal in Finder" option to locate the e-mail in the finder, then double-click it to open it in Mail, then use Mail's delete key (and empty the trash folder if you use it). There may be  one more step to permanently delete it if the e-mail is from a gmail account.

  • Snow Leopard Printing Woes - what worked for me

    I found many print problems posted EVERYWHERE from every printer manufacturer and model and many solutions and some worked for some people. None worked for me.
    I have a HP Laserjet 2100M, which is old, but is listed as compatible with SL. I cannot part with it, as it is a true laser printer, not a monochrome, which means when I need to colour separate say a blue and red document, it prints as solid, not grayscale. It has printed 44,820 pages for me over the years, with only laser cartridge replacement as an expense. As well, I cannot find anything but monochrome for a replacement.
    It worked on my old iMac G5 running Leopard, however, when I got my new iMac running Snow Leopard, I got "Printer Offline" message and it would not go online and while some solution ideas got it to print, sometimes, it was only good for one or two jobs and then would stop again, or it would say printing and nothing would print.
    Here is what worked for me:
    I disconnected my printer's usb and power supply, reset printer system.
    Went to Macintosh HD-Library-printers-PPDs-contents-resources and deleted all of the HP Drivers.
    I got my HP 2100 series driver from my old iMac and put that back in the resources folder and emptied trash.
    I shut down my computer.
    Replugged in power to printer.
    Started up computer.
    After fully launched, I connected my USB cable for the printer. I went to add printer and it came up right away and said new software update was available for my printer AND I SAID NO to updating. In selected my driver, and...
    My printer and I have reached a compromise!
    It still says offline, however, everything is printing anyway... this I can live with.
    I also found this link, which I will only try if I encounter any other disruptions Id=110&prodSeriesId=385457&prodTypeId=18972&prodSeriesId=385457&objectID=c018677 22
    At some point I printed a Self Test/Configuration page which has I/O Port Status as
    USB STATUS - not ready
    and Appletalk Status - Ready
    which is probably a good clue, however, I have been printing successfully for 15 hours and my hair is starting to grow back.

    The HP document appears to solve your issue. When your hair starts falling out again, use it.

  • After updating to snow leopard  and trying to delete mackeeper flash player will no longer work. Can anyone help me?

    After updating to snow leopard and trying to delete mackeeper, Flash player is being blocked and will not allow me to view utubes. Can anyone help?

    Here are instructions for eradicating MacKeeper - you may need to re-install it to uninstall it fully:
    Regarding Flash - there are many reports on here that v13.x isn't working for a lot of people. distractme in the following thread posted instructions on how to install the previous version, which should work whilst Adobe work on a fix:

  • Does anybody know how to install Snow Leopard on an external HD with Lion?

    My MacBook Pro came from apple with Lion OS X 10.7.1 installed and it doesn't operate with Pro Tools LE 8.0.5 (or any other version for that matter and PT 9.0.5 is only in beta) So, I'm looking to partition Snow Leopard OS X 10.6 to my external HD so I can bypass the issue without compromising and downgrading my MacBook Pro (which I've been told is not possible anyway but I'm sure there is a way) and having to A) Pay out more money to avid and get PT 9 ( BETA) or B) Run a different DAW (Also costing more $$$) Any help would be MUCH appreciated!!!

    Yes it's possible, you need another Firewire capable Mac#2 that can hold c boot off the 10.6.3 Snow Leopard Retail Disks and a Firewire cable and if necessary a FW 800 to 400 adapter.
    First you boot into Lion on Mac#1 and use Disk Utility to Erase Free Space, this will take a few hours.
    Then backup your data off the Mac#1 Lion partition to a external drive and disconnect. (for safety sake)
    Then you create a second partition on the drive in Disk Utility, formatted OS X Extended (Journaled) under the Partition Tab.
    While that is all going on, on the other Mac#2 that can boot off 10.6.3 disks, you do the same thing,
    First you boot into Snow or Lion on Mac#2 and use Disk Utility to Erase Free Space, this will take a few hours.
    Then backup the data off the Mac#2 main boot partition to a external drive and disconnect. (for safety sake)
    Then you create a second partition on the drive in Disk Utility, formatted OS X Extended (Journaled) under the Partition Tab.
    Hold c and boot Mac#2 off the 10.6.3 Retail Snow Leopard Disk (won't work with grey disks unless it matches the target machine model) and install onto the new partition on Mac#2, reboot holding option key and select the 10.6.3 partition, once in, use the Combo Update to get to 10.6.8. (must do)
    Reboot holding T this Lion Mac#1 so it's in Target Disk Mode, connect the Firewire cable to the other Mac#2, then hold option key and reboot into the second partition on Mac#2. Download and use Carbon Copy Cloner to clone the new partition of Mac#2 to new partition of Mac#1
    Reboot Mac#1 holding option key  to boot into Snow partition on the factory Lion Mac#1.
    If that doesn't work, you need to combine the 10.6.3 and the 10.6.8 Combo Update together in this process at the link below, and apply the 10.6.3 + 10.6.8 combined image in the same Target Disk mode fashion
    Another method is if you can convince Apple to send you the 10.6.6 install disks for your machine, then use the Target Disk Mode approach to circumvent the firmware which is preventing you from booting off install disks from any previous version of OS X.
    For example, my new 2011 MBP came with 10.6.6 grey install disks, but can't boot off the 10.6.3 Snow Leopard Retail Disks.
    Another method would be to find another same exact machine as yours, came with 10.6.6 from the factory (even if upgraded to Lion it should still boot 10.6.6), thus will boot off the 10.6.6 install disks and install it onto your parttion.
    Needless to say, after going through all this, you really need to make a clone of the partition once it's successfully installed.
    Set the startup disk in system preferences to Snow.

  • I am trying to install Symantec Antivirus and it says I need Rosetta from Snow Leopard-How do I get this?, I am trying to install Symantec Antivirus and it says I need Rosetta from Snow Leopard-How do I get this?

    I am trying to install symantex antivirus and it says I need Rosetta from Snow Leopard. How do I get this?

    wicklows wrote:
    I am trying to install symantex antivirus and it says I need Rosetta from Snow Leopard. How do I get this?
    You have a Retina MacBook Pro, it runs OS X 10.7 or 10.8.
    It won't run Snow Leopard (10.6) and Rosetta is only for Snow Leopard to run older PowerPC processor based programs when Mac's used to have those instead of the Intel processors they all have now.
    So that software your installing is incredibly old, if you bought it, return it for a refund.
    Also you don't need a anti-virus for OS X, Apple installed one for all OS X 10.6.8-10.8 users.
    If you need anti-virus to clean the Windows files of their malware before passing it on, then the free ClamXav does the job.
    If your worried about real threats, then this is worth reading.
    Security Issues Warning List
    Harden your Mac against malware attacks

  • Macbook pro snow leopard 10.6.8 with VMsoftware partition can i upgrade to Yosemite

    I have a MacBook Pro laptop bought in 2010 using Snow Leopard 10.6.8. 4 GB of Memory and 2.66GHZintel core i7.  I have also partitioned the drive with VMware to use a windows application.  If I have backed up all personal photos documents, music, movies etc and I don't mind if I lose all the info in the partition VMware, is it ok to 
    update to Yosemite. Is there anything special I need to do, like uninstall the VMware first?  Also do I need more than 8GB on my hard drive?
    Any one done anything similar and if so were there any issues?
    thanks for any help,

    VirusBarrier needs to be uninstalled using the original installer. That installer will have a button that allows you to uninstall the software. If you no longer have the original installer, you will need to re-download it.
    BitDefender must be removed using the uninstaller provided by the developer. That uninstaller is found on the .dmg file that also contained the original installer. If you no longer have that, you will need to re-download it.
    Do not try to locate and remove these items manually! They must be removed using the uninstaller!
    Note that it's a bad idea to have two anti-virus programs like these installed and active at the same time. That can easily cause all manner of problems, including serious performance problems. For more information about protecting yourself against malware, see my Mac Malware Guide.
    You also have SpeedIt installed, which is a badly outdated program that has been discontinued. The developer is no longer in business. I would be surprised if it wasn't causing problems. Unfortunately, because it is so old and the developer's site is gone, I cannot find any uninstaller or uninstallation instructions. See if you have a SpeedIt uninstaller somewhere. If you still have the SpeedIt installer somewhere, that may include the uninstaller.
    If removing those programs doesn't fix the problem, the only other third-party kernel extensions you have installed are:
    com.markspace.driver.Android.RNDIS    1.2
    com.roxio.BluRaySupport    1.1.6
    You'll need to remove those using the uninstaller provided by the developers ( and

  • Zip file created in Snow Leopard can't be opened on a PC

    I've created a zip file of a folder containing Word and pdf files using File>Compress in Snow Leopard.
    After emailing to clients, they cannot open the zip file on their PCs.
    Any help? I thought zip was supposed to be universal.
    Thanks in advance!

    All clients, or some clients? How big are the zip files?
    Usually when this happens, one of two things is going on: one of your mail servers is truncating the message (cutting off part of the attachment) because the message exceeds some pre-determined maximum message size (or the mailbox goes over a quota), OR one of you is running a virus/malware scanner on your mail server that objects to certain file types (it's not uncommon to strip .ZIP, .COM, and .EXE files).
    There's also the possibility that a Windows client just doesn't understand the file's type. While that shouldn't be, it does happen sometimes (I've seen it with Lotus Notes, for example). In that case, the recipient should save the attachment as a file on their desktop and open it from the desktop.

  • Trouble with Snow Leopard

    I tried to update my macbook to Snow leopard and it keeps installing and then restarting and then immediatly installing again. Is there anything I can do or am I screwed?

    If you have a backup of your files off the machine, then your fine, else you need to install Snow Leopard on a blank external drive and boot from it to recover your files off the internal drive.
    Create a data recovery/undelete external boot drive
    Once you have your files off, you can follow this user tip to reinstall Snow Leopard fresh and tweak it for performance.
    How to erase and install Snow Leopard 10.6
    For Snow Leopard Speed Freaks
    To get a copy of your free iLife off the 10.5 disks, run the bundled app installer or use Pacifist from CharlesSoft to extract them. Then Software update and they will be currently updated.
    Restoring your Free iLife (iPhoto, iMovie etc)
    I do NOT recommend a 10.4/10.5 era machine to be updated any further than 10.6.8, rather consider the machine in it's end of life stage and enjoy the superior 10.6 performance and your PPC based apps working (which won't in 10.7 or 10.8) and save up for buying a new machine in a year or two.
    Apple is issuing updates to 10.6, anti-malware is installed in 10.6.8 as well, so enjoy the performance as it goes downhill past 10.7. on older machines.
    About 45% of OS X users are on Snow Leopard and likely will remain so until their hardware dies because of many third party programs won't update their verions for 10.7 and later.

  • Washed out icons for snow leopard

    I have isnstalled Snow leopard and I have noticed that dock's icons seems washed out (no brilliant at all) ... adobe or apple's software seems work properly with my color profile.
    It seems that icons are showed at gamma 1.8 and not at new 2.2 ...:-(
    Has anyone a solution for this ugly issue?
    Thx in advance

    Installing anti-malware after the fact is sort of pointless and a waste of effort.
    Run through this list of fixes, disable all login items and don't run any third party programs (until they have been reinstalled from original clean sources after the malware scan later)
    ..Step by Step to fix your Mac
    Create a new user account and transfer files (only) manually to the other accounts dropbox so they change permissions.
    Of course backup files manually to a external drive (not only TimeMachine as it's infected also) before starting.
    Once you have a purged OS X and a new user account, then install a free scanner like Virus Barrier Express and run a scan.
    I doubt very much you have anything, but if there is anything left of the malware after doing all the above it's going to be in the Applications folder or the infected user account folder.
    But you can't scan anything with a infected OS X, so that needs to be purged first.
    Once the scan comes up clean, try reinstalling all your third party apps to fix them.
    So it's likely your not infected, but rather there is a problem with your machines software or hardware.
    Good Luck

  • What is the recommended virus protection softwear for iMac 10.6 Snow Leopard ?

    My iMac v 10.5 has had viruses more than once.  I recently upgraded to v 10.6 Snow Leopard.  I wanted to check what virus protection was recommended. Best Buy told me MacKeeper was the best one to use.  After reading  reviews I am hesitant to install it.    Any opinions?

    Read Klaus's User Tips and his reference to Thomas Reed's website on Safe Macs.
    It is not likely you actually had viruses since there are no known viruses in the wild that infect Mac OS X machines.
    DO NOT take the advice of Best Buy...MacKeeper is one of the worst of the worst and most users on here consider it to be malware.  Once installed it is extremely difficult to remove.
    Anti-virus software is not needed with Macs.  Definitely avoid that from McAfee and Norton as they have been shown repeatedly to cause serious damage to the operating system.

