Cori
Possibly a sticky 'eject' key on your keyboard?
Not a virus.
Seriously, Calm down; thinking "virus!" when something happens on a Mac
is like thinking "Unicorn!" when you drive by a farm and see hoof prints
in the road.
There are three common causes for what you describe:
1. A stuck eject key on your keyboard. Does it still happen with a
different keyboard?
2. A malfunctioning USB device. Certain models of Belkin USB hub are
notorious for this. They make the drive door pop open when they
initialize, or when the computer is restarted, or when you plug or
unplug a USB gadget, or just at random. I've seen it happen on several
clients' computers. Does it happen if you unplug all your USB gizmos?
3. A malfunctioning C-ROM drive.
By the way, if you tape the drive door shut, and it is still trying to
eject anyway, eventually you'll burn out the eject motor on the CD-ROM
drive--destroying it.
--
Photography, kink, polyamory, shareware, and more: all at
http://www.xeromag.com/franklin.html
Well, since there have been NO OS X viruses in the wild since it was
introduced in the spring of 2001, I doubt that the problem lies there.
Just exactly where...that I can't say.
Is there a priest in the house? :-D
But seriously - try swapping out your keyboard, and restarting your Mac
if you've not already.
Regards,
Jamie Kahn Genet
--
If you're not part of the solution, you're part of the precipitate.
It could also be a practical joker. drutil tray open/close.
Is remote login enabled?
--
K.
Lang may your lum reek.
*sigh* Please stop doing this...
Just because your computer is doing something unexpected does *not* mean
you have a virus. Viruses today don't do stupid things like opening the
CD drive or no reason - instead, they do things like send massive
amounts of SPAM from your computer or steal personal information from
you.
--
Please send all responses to the relevant news group rather than directly
to me, as E-mail sent to this address may be devoured by my very hungry
SPAM filter. Due to Google's refusal to prevent spammers from posting
messages through their servers, I often ignore posts from Google Groups.
You'll need to use a real news reader if you want me to see your posts.
JR
Cori
> In article <jollyroger-44484...@news.individual.net>,
> Jolly Roger <jolly...@pobox.com> wrote:
>
> > *sigh* Please stop doing this...
>
> You mean replying to clueless goglegroupers that the rest of have
> successfully KF'd?
>
> Yes, please stop doing this.
>
> Do you REALLY thing you're NOT responding to a troll?
>
> <shaking my head>
Why don't you have a problem with all the other folks who responded?
> 30 day penalty. Into the KF.
Go ahead and make it permanent, for all I care.
<claps>
love it.
> In article <120620082350177798%dave@N_O_T_T_H_I_Sbalderstone.ca>,
> Dave Balderstone <dave@N_O_T_T_H_I_Sbalderstone.ca> wrote:
>
>> In article <jollyroger-44484...@news.individual.net>,
>> Jolly Roger <jolly...@pobox.com> wrote:
>>
>>> *sigh* Please stop doing this...
>>
>> You mean replying to clueless goglegroupers that the rest of have
>> successfully KF'd?
>>
>> Yes, please stop doing this.
>>
>> Do you REALLY thing you're NOT responding to a troll?
>>
>> <shaking my head>
>
> Why don't you have a problem with all the other folks who responded?
Because.
>
>> 30 day penalty. Into the KF.
>
> Go ahead and make it permanent, for all I care.
Dave's having a bad year.
>
>
--
email to oshea dot j dot j at gmail dot com.
> Why don't you have a problem with all the other folks who responded?
>
> > 30 day penalty. Into the KF.
>
> Go ahead and make it permanent, for all I care.
I don't understand this "30 day penalty" stuff. Dave's not the only one
who does it, there's a very famous net-kook who very famously does it.
Does anyone really care if they're put in someone's stupid "penalty
box?" What does it prove? I don't have any real individuals in my
kill-file at all, just that MI5 guy. And all of Google groups, of course.
--
W. Oates
Sounds like a sticky key to me.
Some newsreaders, such as Hogwasher, default to having filters run for 30 or
31 days. If you want to make a filter, including a kill filter, permanent,
you have to actually make an effort. I normally just leave the default time
setting in place, so my filters expire in 30 days. If I have to filter
someone a second time, I expend the effort to make the filter a permanent
one, as I'm not going to waste more time by filtering them a third time.
You'll probably get a lot of responses to this. They might not be very
helpful, though.
Next time, ask the question in the subject line that you actually want
to ask: "Why does my CD keep opening?" That way someone scanning the
group will see your question and immediately know if they have the
answer.
> In article
> <7fd303e2-9b61-4e04...@z66g2000hsc.googlegroups.com>,
> Cori <cmashiel...@hotmail.com> wrote:
>
>> This just started today, so I'm wondering if there is a possible
>> "Friday the 13th" virus for Macs originating from some country with a
>> time zone ahead of the U. S. At random times, the CD drive not only
>> opens by itself, but keeps opening and closing, sometimes partially
>> and sometimes fully, is if it's possessed! I ran out of the room for
>> some packing tape to stick it closed as it was driving me to
>> distraction, and it stopped. Is there a way to fix this? Thanks!
>
> *sigh* Please stop doing this...
>
> Just because your computer is doing something unexpected does *not* mean
> you have a virus. Viruses today don't do stupid things like opening the
> CD drive or no reason - instead, they do things like send massive
> amounts of SPAM from your computer or steal personal information from
> you.
I think you're being a bit naive. Not all viruses are so malicioius.
Some are quite benign. I have for a long time had a virus on my
current mac that switches the "t" and "h" in the word the, so it
produces "hte". That's just one of many. It frequently switches
"their" for "there" and adds 's where it doesn't belong.
--
Thank you and have a nice day.
Yeah...maybe the tubes had to cool down.
> I think you're being a bit naive. Not all viruses are so malicioius.
> Some are quite benign. I have for a long time had a virus on my
> current mac that switches the "t" and "h" in the word the, so it
> produces "hte". That's just one of many. It frequently switches
> "their" for "there" and adds 's where it doesn't belong.
There are not now nor have there ever been any OS X viruses in the wild.
>> I think you're being a bit naive. Not all viruses are so malicioius.
>> Some are quite benign. I have for a long time had a virus on my
>> current mac that switches the "t" and "h" in the word the, so it
>> produces "hte". That's just one of many. It frequently switches
>> "their" for "there" and adds 's where it doesn't belong.
>
>There are not now nor have there ever been any OS X viruses in the wild.
You need to re-read the above, checking your humor sensor.
Nothing "wild" about this one, though. It's totally domesticated.
> Not all viruses are so malicioius.
> Some are quite benign. I have for a long time had a virus on my
> current mac that switches the "t" and "h" in the word the, so it
> produces "hte". That's just one of many. It frequently switches
> "their" for "there" and adds 's where it doesn't belong.
Somehow I suspect that virus is in your fingers 8-)
--
Mary Loomer Oliver (aka Erilar)
You can't reason with someone whose first line of argument is
that reason doesn't count. --Isaac Asimov
Erilar's Cave Annex: http://www.chibardun.net/~erilarlo
This is absolutely false.
Nope. It's absolutely _true_. There are NO Mac OS X viruses in the
wild. PERIOD.
Any supposed viruses for Mac OS X have been proof-of-concept viruses
created by antivirus software makers and "security professionals" whose
goal is to scare Mac users into buying security software - usually the
software they happen to also make and sell.
It's obvious his sensor has been compromised by the AnAl-RETenTIVe-B
virus.
> > Well, since there have been NO OS X viruses in the wild since it was
> > introduced in the spring of 2001, I doubt that the problem lies there.
> >
> > Just exactly where...that I can't say.
>
> This is absolutely false.
You're claiming there have been OS X viruses that weren't fabricated by
companies selling anti-virus software?
There *was* one Trojan horse - and since people seem to use the word
virus to refer to pretty much any illicit malware nowadays I'll mention
it in this context - that I know did not originate from an anti-virus
vendor or a security professional. It was still a proof of concept,
though. Despite the heat they took for overhyping it, the people who
blamed Intego for *creating* the app-disguised-as-an-MP3 4 years ago
were off-base.
--
"Harry?" Ron's voice was a mere whisper. "Do you smell something ... burning?"
- Harry Potter and the Odor of the Phoenix
That's to funny. I tried two keep the definitions up too date,
but as you can see, I have the same virus.
--
Wes Groleau
Change is inevitable.
Liberals need to learn that "inevitable" is not a synonym for "good."
Conservatives should learn that "inevitable" is not a synonym for "bad."
-- WWG
Please give me some links to available Mac viruses ... I'm feeling left
out. I want one!
--
Adrian
>Please give me some links to available Mac viruses ... I'm feeling left
>out. I want one!
The easiest one to acquire is the one mentioned earlier - the one that
misspells words such as "their" or "its". It can do tremendous
amounts of damage.
Or, here is the famous DIY virus:
1) Save a copy of these instructions.
2) Randomly delete a few files you like plus a few system files that you
have no idea what they do.
3) Mail a copy of this page to everyone in your Address Book.
Done!
--
Team EM to the rescue! http://www.team-em.com
Damn! Last night I ran into ANOTHER damn virus. I went out to eat
with some friends, in the pouring rain, I might add. I was out about 3
hours. When I got home my computer was turned off! Not only did the
virus turn my computer off, but it reset all the clocks and my VHS
recorder to 12 o'clock. Damn--I never even heard of a Microsoft virus
that did all that!
I'm moving back to XP...
> I think you're being a bit naive. Not all viruses are so malicioius.
> Some are quite benign. I have for a long time had a virus on my
> current mac that switches the "t" and "h" in the word the, so it
> produces "hte". That's just one of many. It frequently switches
> "their" for "there" and adds 's where it doesn't belong.
Mine had a virus that wrote "suod" instead of "sudo" so often that I had
to create an alias to kill it.
--
W. Oates
> In article <jollyroger-77EE5...@individual.net>,
> Jolly Roger <jolly...@pobox.com> wrote:
>
> > Any supposed viruses for Mac OS X have been proof-of-concept viruses
> > created by antivirus software makers and "security professionals" whose
> > goal is to scare Mac users into buying security software - usually the
> > software they happen to also make and sell.
>
> There *was* one Trojan horse - and since people seem to use the word
> virus to refer to pretty much any illicit malware nowadays I'll mention
> it in this context - that I know did not originate from an anti-virus
> vendor or a security professional.
Since the overwhelming majority of proof-of-concept malware for Mac OS X
*has* originated from anti-virus vendors and "security professionals",
you'll need to offer proof that it did not originate from an anti-virus
vendor or a security professional. I'm not taking your word for it.
Nothing personal.
>Damn! Last night I ran into ANOTHER damn virus. I went out to eat
>with some friends, in the pouring rain, I might add. I was out about 3
>hours. When I got home my computer was turned off! Not only did the
>virus turn my computer off, but it reset all the clocks and my VHS
>recorder to 12 o'clock. Damn--I never even heard of a Microsoft virus
>that did all that!
>
>I'm moving back to XP...
I'm going to steal that one, it's worth sharing. 8^)
very wise - you can't be too careful
--
Adrian
Cori
Yeah, and that stuff doesn't take into account the "bots" and "malware"
and "zombies" that are somewhere on my mac, behind the scenes or in the
dead of night downloading porn to my computer! I've explained to my
wife how they got there, so she understands now. But it was very
embarrassing. Dang, I need to get some serious security product. I'm
gonna look into that sometime this summer. Or sometime at the beginning
of the year when I have some extra cash.
I'm assuming this is a Power Mac G4 with a tray-loading optical drive.
Unlike the slot-loading drives Apple uses in most Mac models, your Mac
uses a standard full-sized drive. Several people have suggested the
eject key on the keyboard might be stuck, but it's likely that the eject
button on the front of the drive itself is playing up. Pushing this
button will cause the tray to open or close.
I've never used a Power Mac G4, but I assume it's the same as the eMac
and that Apple hides the button behind the drive door. If you open the
tray can you see the button on the front of the drive? If so try pushing
it a few times and see what happens.
--
Roger Johnstone, Invercargill, New Zealand -> http://roger.geek.nz
Cori
>> There *was* one Trojan horse - and since people seem to use the word
>> virus to refer to pretty much any illicit malware nowadays I'll mention
>> it in this context - that I know did not originate from an anti-virus
>> vendor or a security professional.
>
>Since the overwhelming majority of proof-of-concept malware for Mac OS X
>*has* originated from anti-virus vendors and "security professionals",
>you'll need to offer proof that it did not originate from an anti-virus
>vendor or a security professional. I'm not taking your word for it.
>Nothing personal.
While I agree with you, I will note that it really doesn't matter
where it originated when we evaluate its chances of harming us.
Well it matters to me. If malware created by such a company were to make
its way onto people's computers, and one could prove the malware was
created by those companies, the shit would hit the fan.
Of course these companies know they are playing a dangerous and risky
game, and it's in their best interests to make sure the proof-of-concept
malware they create never sees the light of day.
But even if that never happens, paying "security professionals" to
create malware in order to issue press releases with the intent to scare
Mac users into purchasing anti-virus and security software is a
despicable practice.
> In article <uce-54ECFC.2...@newsclstr02.news.prodigy.com>,
> Gregory Weston <u...@splook.com> wrote:
>
> > In article <jollyroger-77EE5...@individual.net>,
> > Jolly Roger <jolly...@pobox.com> wrote:
> >
> > > Any supposed viruses for Mac OS X have been proof-of-concept viruses
> > > created by antivirus software makers and "security professionals" whose
> > > goal is to scare Mac users into buying security software - usually the
> > > software they happen to also make and sell.
> >
> > There *was* one Trojan horse - and since people seem to use the word
> > virus to refer to pretty much any illicit malware nowadays I'll mention
> > it in this context - that I know did not originate from an anti-virus
> > vendor or a security professional.
>
> Since the overwhelming majority of proof-of-concept malware for Mac OS X
> *has* originated from anti-virus vendors and "security professionals",
Do *you* have any proof of *that* claim?
> you'll need to offer proof that it did not originate from an anti-virus
> vendor or a security professional. I'm not taking your word for it.
> Nothing personal.
Simple: I was a participant in a March/April, 2004, Usenet discussion
that led to the first of the OS X TH's. Several other long-term and
respected contributors to these groups also participated. Essentially we
confirmed for an interested poster that a social engineering exploit
that's been available on the Mac since day 1 still exists and described
how it would work.
Here's the message ID for the root of the thread:
ynk6c.411$Fo4....@typhoon.sonic.net
Message ID <blgl-5D750C.0...@news.bahnhof.se> from that thread
announces the development of the proof of concept, which was
"discovered" by Intego a couple of weeks later.
> In article <jollyroger-C0354...@individual.net>,
> Jolly Roger <jolly...@pobox.com> wrote:
>
> > In article <uce-54ECFC.2...@newsclstr02.news.prodigy.com>,
> > Gregory Weston <u...@splook.com> wrote:
> >
> > > In article <jollyroger-77EE5...@individual.net>,
> > > Jolly Roger <jolly...@pobox.com> wrote:
> > >
> > > > Any supposed viruses for Mac OS X have been proof-of-concept viruses
> > > > created by antivirus software makers and "security professionals" whose
> > > > goal is to scare Mac users into buying security software - usually the
> > > > software they happen to also make and sell.
> > >
> > > There *was* one Trojan horse - and since people seem to use the word
> > > virus to refer to pretty much any illicit malware nowadays I'll mention
> > > it in this context - that I know did not originate from an anti-virus
> > > vendor or a security professional.
> >
> > Since the overwhelming majority of proof-of-concept malware for Mac OS X
> > *has* originated from anti-virus vendors and "security professionals",
>
> Do *you* have any proof of *that* claim?
You want proof that anti-virus vendors and "security professionals"
create the majority of Mac OS X proof-of-concept exploits?
> > you'll need to offer proof that it did not originate from an anti-virus
> > vendor or a security professional. I'm not taking your word for it.
> > Nothing personal.
>
> Simple: I was a participant in a March/April, 2004, Usenet discussion
> that led to the first of the OS X TH's. Several other long-term and
> respected contributors to these groups also participated. Essentially we
> confirmed for an interested poster that a social engineering exploit
> that's been available on the Mac since day 1 still exists and described
> how it would work.
>
> Here's the message ID for the root of the thread:
> ynk6c.411$Fo4....@typhoon.sonic.net
>
> Message ID <blgl-5D750C.0...@news.bahnhof.se> from that thread
> announces the development of the proof of concept, which was
> "discovered" by Intego a couple of weeks later.
Oh you're talking about the shell script masquerading as an audio file.
Ok I remember that one. I think of that as a pretty well isolated
incident.
> In article <uce-CF354B.1...@newsclstr03.news.prodigy.net>,
> Gregory Weston <u...@splook.com> wrote:
>
> > In article <jollyroger-C0354...@individual.net>,
> > Jolly Roger <jolly...@pobox.com> wrote:
> >
> > > In article <uce-54ECFC.2...@newsclstr02.news.prodigy.com>,
> > > Gregory Weston <u...@splook.com> wrote:
> > >
> > > > In article <jollyroger-77EE5...@individual.net>,
> > > > Jolly Roger <jolly...@pobox.com> wrote:
> > > >
> > > > > Any supposed viruses for Mac OS X have been proof-of-concept viruses
> > > > > created by antivirus software makers and "security professionals"
> > > > > whose
> > > > > goal is to scare Mac users into buying security software - usually
> > > > > the
> > > > > software they happen to also make and sell.
> > > >
> > > > There *was* one Trojan horse - and since people seem to use the word
> > > > virus to refer to pretty much any illicit malware nowadays I'll mention
> > > > it in this context - that I know did not originate from an anti-virus
> > > > vendor or a security professional.
> > >
> > > Since the overwhelming majority of proof-of-concept malware for Mac OS X
> > > *has* originated from anti-virus vendors and "security professionals",
> >
> > Do *you* have any proof of *that* claim?
>
> You want proof that anti-virus vendors and "security professionals"
> create the majority of Mac OS X proof-of-concept exploits?
Yes. You're making the claim. It's a fairly serious one to make. Even as
presumably harmless proof-of-concept releases, there's a BIG difference
between stirring up and capitalizing on fears through rhetoric and
actually implementing and distributing software that reinforces those
fears.
> > > you'll need to offer proof that it did not originate from an anti-virus
> > > vendor or a security professional. I'm not taking your word for it.
> > > Nothing personal.
> >
> > Simple: I was a participant in a March/April, 2004, Usenet discussion
> > that led to the first of the OS X TH's. Several other long-term and
> > respected contributors to these groups also participated. Essentially we
> > confirmed for an interested poster that a social engineering exploit
> > that's been available on the Mac since day 1 still exists and described
> > how it would work.
> >
> > Here's the message ID for the root of the thread:
> > ynk6c.411$Fo4....@typhoon.sonic.net
> >
> > Message ID <blgl-5D750C.0...@news.bahnhof.se> from that thread
> > announces the development of the proof of concept, which was
> > "discovered" by Intego a couple of weeks later.
>
> Oh you're talking about the shell script masquerading as an audio file.
> Ok I remember that one. I think of that as a pretty well isolated
> incident.
It wasn't a shell script. It was an actual, playable audio file that was
*also* an actual, runnable native-code application.
And I believe that *I* was the original "interested poster"...
--
Don Bruder - dak...@sonic.net - If your "From:" address isn't on my whitelist,
or the subject of the message doesn't contain the exact text "PopperAndShadow"
somewhere, any message sent to this address will go in the garbage without my
ever knowing it arrived. Sorry... <http://www.sonic.net/~dakidd> for more info
> > > you'll need to offer proof that it did not originate from an anti-virus
> > > vendor or a security professional. I'm not taking your word for it.
> > > Nothing personal.
> >
> > Simple: I was a participant in a March/April, 2004, Usenet discussion
> > that led to the first of the OS X TH's. Several other long-term and
> > respected contributors to these groups also participated. Essentially we
> > confirmed for an interested poster that a social engineering exploit
> > that's been available on the Mac since day 1 still exists and described
> > how it would work.
> >
> > Here's the message ID for the root of the thread:
> > ynk6c.411$Fo4....@typhoon.sonic.net
> >
> > Message ID <blgl-5D750C.0...@news.bahnhof.se> from that thread
> > announces the development of the proof of concept, which was
> > "discovered" by Intego a couple of weeks later.
>
> And I believe that *I* was the original "interested poster"...
Yep. That's the thread.
> In article <uce-CF354B.1...@newsclstr03.news.prodigy.net>,
> Gregory Weston <u...@splook.com> wrote:
>
> > Here's the message ID for the root of the thread:
> > ynk6c.411$Fo4....@typhoon.sonic.net
>
> MTNW treats that as an email address.
Okay, this is a URL formed from the message ID.
<news:ynk6c.411$Fo4....@typhoon.sonic.net>
But I think your best bet is using Google groups or a similar archive to
look for the ID.
> In article <uce-349228.1...@newsclstr03.news.prodigy.net>,
> Gregory Weston <u...@splook.com> wrote:
>
> > > > Here's the message ID for the root of the thread:
> > > > ynk6c.411$Fo4....@typhoon.sonic.net
> > >
> > > MTNW treats that as an email address.
> >
> > Okay, this is a URL formed from the message ID.
> >
> > <news:ynk6c.411$Fo4....@typhoon.sonic.net>
>
> And it's not on my ISP's server any more. Oh, the irony.
>
> > But I think your best bet is using Google groups or a similar archive
> > to look for the ID.
>
> If I were more interested, I would. But thanks for reminding me of that
> trick; next time I want to backtrack a message that MNTW can't handle,
> I'll remember to try it.
The summary is: The name and icon of a file isn't a reliable indicator
as to the nature of the file. It's entire possible to have a file named
"Queen - Tie Your Mother Down.mp3" with a normal iTunes MP3 icon that in
reality is an app that will run when double-clicked. Under some
circumstances, it's possible to even provide valid data in the
proclaimed format that allows the registered document reader to open and
process the file without error. I noted in that thread that just to mess
with someone's head I had, several years earlier, created a single file
that ran as a native executable on 68k and PPC Macs, MS-DOS and Windows.
It's not necessary to distribute proof-of-concept malware. In fact, the
majority of proof-of-concept exploits aren't distributed at all. All one
need do is create it, document it, and issue a press release that it
exists. That's all that is needed to spread fear, uncertainty, and
doubt, which is what these companies rely on to sell their software.
>> While I agree with you, I will note that it really doesn't matter
>> where it originated when we evaluate its chances of harming us.
>
>Well it matters to me. If malware created by such a company were to make
>its way onto people's computers, and one could prove the malware was
>created by those companies, the shit would hit the fan.
It matters politically, and it would get a different political/law
enforcement response from me.
But that doesn't change how I evaluate and/or prepare for it.
A friend of mine's G4 iMac combi-drive is also on the blink. The problem
started when the Japanese police took his computer into custody - they
were looking for evidence of illegal activity. The blockheads couldn't
figure out how to open the tray. Apparently they must have forced it
with a screwdriver or something as the front flap won't close anymore
and the thing pops out on annoyingly odd occasions. They also took his
printer into custody too as it was 'part of the set'.
They returned it to him (well actually told him to travel to Osaka and
pick it up himself) a few weeks later.
Apparently if he'd had any child pornography, that would have been OK -
owning the stuff here is quite all right. Various police agencies around
the world have been trying to bring Japan into line with the rest of the
world but Japanese politicos have been resisting the move as it would
interfere with their lucrative business.
Japan can be a weird place at times.
>Apparently if he'd had any child pornography, that would have been OK -
>owning the stuff here is quite all right. Various police agencies around
>the world have been trying to bring Japan into line with the rest of the
>world but Japanese politicos have been resisting the move as it would
>interfere with their lucrative business.
I never knew that "the rest of the world" was in agreement on what
threats are worth grabbing our computers.
Heck, my own country's three branches don't seem to be in agreement
here.