New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus • Advice and insight from world-class Apple enthusiasts • Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
OS X - Operating System General OS operation information and support

Constant momentary alert popups - malware?


Post Reply New Thread Subscribe

 
Thread Tools
PongSentry

 
Member Since: May 15, 2013
Posts: 6
PongSentry is on a distinguished road

PongSentry is offline
Hello all, I've tried to search past threads for some guidance on my issue but I can't quite determine what the proper nomenclature to describe what's happening.

This morning, I installed some software updates on OSX that required restart. IIRC, it was updates to Safari, HP printer drivers, and Java. I booted over to Windows for a bit and then back to OSX.

Now, regardless of which application I'm in, every 5-7 seconds a momentary alert box pops up and then instantly closes, stealing focus from whatever window I'm in for a fraction of a second, and perhaps eats a single keystroke or an open drop-down menu before the window gets closed.

This reeks of malware to me, since alert windows don't typically close themselves. Please let me know if I should post Activity Monitor screencaps or whatever else might be useful for more info, I simply don't know how to proceed since I've never run across anything like this in 8 years of OSX use.
QUOTE Thanks
PongSentry

 
Member Since: May 15, 2013
Posts: 6
PongSentry is on a distinguished road

PongSentry is offline
I've disabled all Java runtimes, downloaded ClamXav but could use some insight on where to scan. If there's a place where popup alerts are logged, that would do a lot to give me something more to work with.

The alert boxes have the yellow alert triangle and seem to be in response to a process crashing. I'm now going to start just killing processes in Activity Monitor to try and isolate it.

UPDATE: I've removed all startup items from my admin account and the popup continues. I even log into another account that I've hardly ever used on this machine and the popup continues.

UPDATE 2: Finally pointed a 60fps video camera at my screen and got a frame of the popup. Do you want the application "java" to accept incoming network connections? Clicking deny... etc etc

Seems sketchy since I disabled both Java runtime environments hours ago. Blocking all incoming connections in Firewall has stopped the popups. However, I would like to get this process off of my machine. I am fairly convinced that it's not Java. I can't find java.app anywhere on my drive, so is there a way to reverse search for programs based on their name?
QUOTE Thanks
cradom

 
cradom's Avatar
 
Member Since: Feb 14, 2004
Location: Nederland, Texas
Posts: 3,086
cradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant future
Mac Specs: 21in iMac core2 Duo- 13in macbook - 10.9 on both

cradom is offline
Run /Applications/Utilities/Console and peek around in the logs for anything strange. There should be something related.

Craig Domingue - resident redneck.
“Never argue with an idiot. He will only bring you down to his level and beat you with experience.”, George Carlin
QUOTE Thanks
PongSentry

 
Member Since: May 15, 2013
Posts: 6
PongSentry is on a distinguished road

PongSentry is offline
Googling around with the alert message led me to this thread:

https://discussions.apple.com/thread...art=0&tstart=0

And to this blog article:

How to allow java in the firewall on OS X Mountain Lion | Tech Blog (wh)

I feel pretty confident that this will solve the issue for me. I'm running a repair permissions now and a lot of corrections are coming up in /sys/lib/frameworks/Java*. I'm going to leave this thread here though, since this is a tough problem to Google for and hopefully anyone else that develops it and finds this thread can get themselves to the answers.
QUOTE Thanks

Post Reply New Thread Subscribe


« Command + Q is not working properly | Question regarding formatting/backing up to new hard drive »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

Similar Threads
Thread
Thread Starter
Forum
Replies
Last Post
Constant Guard Alert from Comcast? polina161 OS X - Operating System 1 08-04-2012 06:20 AM
Official antivirus, malware, and firewall FAQ schweb Switcher Hangout 120 07-28-2011 04:27 PM
Is Apple ready to play cat and mouse with malware developers? OneMoreThing... Apple Rumors and Reports 3 06-04-2011 10:10 PM
MacDefender malware protection and removal guide OneMoreThing... Apple Rumors and Reports 0 05-19-2011 12:54 PM
MacDefender malware targeting Mac users OneMoreThing... Apple Rumors and Reports 10 05-07-2011 08:28 PM

All times are GMT -4. The time now is 12:05 AM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?