flashback and ip address

Discussion in 'Mac Basics and Help' started by captoats, Jul 4, 2012.

  1. captoats macrumors newbie

    Feb 27, 2012
    I'm currently renting a house with 3 other college students, and someone has a flashback trojan, but I'm not sure who it is and can't even figure out if I have it. It has caused several suspensions from our internet provider and I'm tired of different sites telling me yes and others telling me no.

    I've kept Java up to date and have it disabled, but when I go to Kaspersky's http://flashbackcheck.com/ it tells me I'm infected, yet no scans find anything. Is the site just bad and did I do a bad thing despite reviews and recommendations I've found saying it's ok, or is it possible that it's checking an old database and at one point my mac was infected (which is what it reads/sees) but since I've removed it but it's infected list hasn't changed?

    Second question, I'm not sure why but my IP address keeps changing, which leads me to believe I'm accidentally looking at my router's IP as we have 2 different routers here, but if I am I have no idea where my computer's IP address is. I'm curious because I'm trying to check the last suspension summary we received which gives the IP, port and asn of the botnet activity. Also should I be looking at the TCI/IP or DNS numbers.

    System preferences > Network is how I'm checking it, and depending on which of the 2 routers I'm connected to it show's something differently, none of which are what is shown on the suspension report though.

    Sorry if this is vague or poorly worded, any help on setting this straight would be greatly appreciated.

    Thanks, and Happy 4th!
  2. SandboxGeneral Moderator emeritus


    Sep 8, 2010
  3. captoats thread starter macrumors newbie

    Feb 27, 2012
    I have downloaded it, but to be perfectly honest I'm not sure it's done anything, after installing I can't find anything besides the dmg
  4. Darth.Titan macrumors 68030


    Oct 31, 2007
    Austin, TX
    Then mount the .dmg and run the FlashbackMalwareRemover.pkg
  5. chown33 macrumors 604

    Aug 9, 2009
    Sailing beyond the sunset
    If Kaspersky's database is using IP addresses, it will be using public IP addresses. The public IP address may or may not have any relation to the IP address assigned to your computer by your router.

    To find your public IP address, use a website like http://www.whatismyip.com/

    If you have multiple routers, you should check your public IP address when you're connected with each of your routers.

Share This Page