You can find it yourself - go for it buddy

It was you who said there is no virus on the Mac , after I even posted a link to a virus article , which you said that even if the link called it a virus (there black and white) that YOU thought it was a minor trojan

I don't know who all has access to his machine. If it's there the only way it could have got there is if someone typed a password and installed it. It happened to Kate, I believe she downloaded it from a site that she wanted to view a video at and it said she needed a video codec to view it. And I don't think Kate was viewing porn. It's also come from legit looking sites/links.

How about this one?

nsIQTScriptablePlugin.xpt

Chris

Yes, all the same machine.

Terminal:

crontab: no crontab for root

Thanks for the replies. This has me baffled.

Chris

That's a common plugin, Chris. You might want to check to see if you have the latest version, anyway.

Didn't that DNS changer also come wrapped up in some pirated iWorks suites offered on bit torrent servers, et al? I suppose if it was able to be bundled for install with an otherwise legitimate-appearing iWorks, it could be attached to any other installer's script, right?

It's okay.

To try and see what may be happening open up Console app in the Utilities folder. Get to the Console log window by clicking logs and choose Console.log. Hit Clear to clear the text so we have a blank window. Then try the upload. Let's see if anything interesting comes up in the Console window around the time the connection fails to try and pinpoint where in the chain the link is dropping and see if it is the computer or something else.

Try flushing the DNS cache of the computer manually. In Terminal type lookupd -flushcache and hit Return, space between d and hyphen. Restarting "should" do it too but this will be good to run after the duck drowns to see if you then can get to http://greenfrogmarket.com. If that doesn't fix it I'd look into clearing the DNS cache of your router. Some have a setting to clear it, most you just power down the router, I'd say you've tried that though.

If you are using a router, if you bypass it and connect the Mac directly via Ethernet to the modem how does it go? You may need to power cycle the modem for it to see the new connection on the Mac. Those have their caches too BTW that a power cycle will clear. If your modem is ISP supplied with a built in router and you don't use a router of your own none of that will matter.

So the same problem happens with Transmit? Not clear if it does or if it just won't connect after Cyber Duck fails.

Even if it was a temporary drop of your ISP's signal it would break the FTP connection but it shouldn't affect the other apps, thinking out loud.

Do you have another machine at the same location to try it on? I was thinking it would actually be good if you had one to put into Target Disk mode to boot your machine from to see it if is a software problem, I'm doubting hardware. Use Ethernet or you'll have to install the USB driver.

Legitimate appearing from a torrent? All bets are off when it's from there.

Yes, it could be attached but that's what's meant by download from only trusted sites, huh? It is a socially engineered trojan. They don't last long. Word spreads fast and since it's a trojan once the source is shut down it can't propagate anymore.

No Bit Torrent here or anything like that. No new sw or anything. Tried the suggested DNS numbers, no change.

This is weird. Expecting to hear the Twilight Zone music...

Chris

LOL. Been there. Network stuff can be a real mind bender. So many places things can go wrong, but also traceable by eliminating different phases of the chain. Try everything else I suggested. Start with keeping Console open to try and see if the system is complaining about anything at the time the connection drops. Then next step I would suggest is go straight to the modem via Ethernet if you're using your own router.