Pick of the Week - Nov 10 [Show all picks]
Path Finder 5 - A feature-laden Finder replacement
Submit Hint Search The Forums LinksStatsPollsFAQHeadlinesRSS
12,000 hints and counting!


How to find and remove the OSX.RSPlug.A malware | 15 comments | Create New Account
Click here to return to the 'How to find and remove the OSX.RSPlug.A malware' hint
The following comments are owned by whomever posted them. This site is not responsible for what they say.
How to find and remove the OSX.RSPlug.A malware
Authored by: leono on Wed, Oct 31 2007 at 1:03PM PDT
Removing the root crontab altogether (with no review) is a pretty bad idea. You can see what's in the crontab with sudo crontab -l. I have no idea what the malware's crontab entry looks like, but maybe someone can reply and post it here?

If the malware's entry is the only line listed, it is safe to remove the crontab with sudo crontab -r. You can also edit the root crontab in the default editor (vi in Tiger) with sudo crontab -e. If you needed to delete a single line (the malware's) from a multiline file, you would

  1. Use the arrow keys to navigate to the line in question
  2. Type dd to delete the line
  3. Type :wq and press Return to Write the file and Quit
Hope this saves someone's bacon. I'd imagine that most people who have entries in the root crontab know what they're doing enough to not delete it in one shot, but you never know...

[ Reply to This | # ]
How to find and remove the OSX.RSPlug.A malware
Authored by: robg on Wed, Oct 31 2007 at 1:43PM PDT
Good advice, agreed ... though I still can't come up with a single app that installs a root crontab under 10.4 or 10.5.

-rob.

[ Reply to This | # ]
How to find and remove the OSX.RSPlug.A malware
Authored by: remacc on Wed, Oct 31 2007 at 3:03PM PDT
I had a look at my cron jobs using CronniX and opened Crontab for System.

In it was the system-level Macworld hint on scheduling repairing permissions, and also entries for the System Prefpane 'Deja Vu' backup utilty.

CronniX is perhaps the more user-friendly way to see and manage cron jobs.

[ Reply to This | # ]

Search

Advanced

From our Sponsor...

User Functions





Don't have an account yet? Sign up as a New User
Lost your password?

What's New:

Hints

No new hints

Comments last 2 days


Links last 2 weeks

No recent new links

What's New in the Forums?

The Editor's Corner...

Here are some of my (robg) other projects...

•  The Robservatory
My blog - Macs, tech, etc.
•  Mac OS X Power Hound
The best of Hints in print
•  Inside iWork
An iWork training DVD
•  Macworld
Column, features, online...

Hints by Topic

 

News from Macworld

The macosxhints Poll

What version of OS X are you running as your main OS?

What version of OS X are you running as your main OS?

  •  10.6
  •  10.5
  •  10.4
  •  10.3
  •  10.2
  •  10.1
  •  10.0
  •  10.0 Public Beta
This poll has 0 more questions.
Results
Other polls | 11,496 votes | 42 comments
Copyright © 2009 Mac Publishing LLC (Privacy PolicyContact Us
All trademarks and copyrights on this page are owned by their respective owners.

Visit other IDG sites:


Powered by Geeklog Created this page in 0.04 seconds