Official antivirus, malware, and firewall FAQ

Status
Not open for further replies.

BrianLachoreVPI


Retired Staff
Joined
Feb 24, 2011
Messages
3,733
Reaction score
124
Points
63
Location
Maryland
Your Mac's Specs
March 2011 15" MBP 2.3GHz i7 Quad Core 8GB Ram | Mid 2011 27" iMac 3.4 GHz i7 16 GB RAM 2 TB HDD
Any insight would be greatly appreciated.

This morning, my wife woke up and checked her email. Much to her dismay, she had send many emails about sexual related disfunction to many in her address book. The email were all somewhat different.

Here is the environment:

- We have several macs (iMac, macbook, etc.) and no PCs anywhere (I'd love to blame them, but can't)
- Her email is yahoo and she reads and sends from the web.
- The emails were sent and 4:30am for some minutes after that (we were sleeping) and they showed up in her yahoo sent box
- She was alerted because there were many out-of-the-office messages
- Amazingly, many of the email addresses that she sent to are from my address book, which means that the sender had access to information on our local drives (I use the apple mail client, and all of my contacts are in the address book).
- When I checked this morning, the system had been on all night and the yahoo mail page was open. There was a javascript alert on the screen saying that there had been some error.

On the mac that was open, I downloaded SOPHOS (free for home use) and started it. It looks like it will take a long time to run, but in the first few minutes, if found a threat called Troj/Invo-Zip. However, I don't think that it was the evil emailer.

Any ideas or thoughts about what we did and how to prevent? Since the spam that my wife sent looks like many others I receive, this must be a pretty common problem.

Change your passwords immediately. Your wife was probably successfully phished. Change your passwords - it's not a virus.
 
OP
schweb
Joined
Oct 27, 2002
Messages
13,172
Reaction score
348
Points
83
Location
Cleveland, Ohio
Your Mac's Specs
MacBook Pro | LED Cinema Display | iPhone 4 | iPad 2
It's not the Mac, it's your Yahoo webmail account that was compromised. Does she sync contacts with her Yahoo account?
 
Joined
Apr 2, 2011
Messages
2
Reaction score
0
Points
1
You're right. All of MY contacts that she sent to were sync'ed to her yahoo address book. I have no idea when that happened, and I can't find any computer that is currently sync'ing (we sync all of our address books to mobile me), so it must have been sometime in the past that it happened.

It isn't a mac issue at all.

Thanks for your help.
 
Joined
Apr 1, 2011
Messages
11
Reaction score
0
Points
1
Location
New Hampshaaaa
Your Mac's Specs
iMAC 3.2GHZ IntelCore i3 27", iPHONE 3GS (8g)
well done schweb.
well written, and described.
Thank you!
 
Joined
May 4, 2011
Messages
14
Reaction score
0
Points
1
Location
Docklands Melbourne Aus
Your Mac's Specs
21" iMac 3.6 GHz, Intel Core i5, 8 GB, 1333 MHz RAM
I'm confused!

I am brand new to forum and brand new owner of imac so do I or don't I need antivirus for my imac?
:\
 

bobtomay

,
Retired Staff
Joined
Dec 22, 2006
Messages
26,561
Reaction score
677
Points
113
Location
Texas, where else?
Your Mac's Specs
15" MBP '06 2.33 C2D 4GB 10.7; 13" MBA '14 1.8 i7 8GB 10.11; 21" iMac '13 2.9 i5 8GB 10.11; 6S
I am brand new to forum and brand new owner of imac so do I or don't I need antivirus for my imac?
:\

The general consensus among long time OS X users:

My guesstimate - well over 90% (at this forum) do not have an A/V running in OS X and would suggest if you have one that you remove it. If you are running Windows on your Mac, then yes, you need an A/V in Windows. The current recommendation is MSE and it's free.

Currently, follow these simple rules:
Don't pirate software or anything else. Don't download video codecs from (primarily) porn sites. And don't give your CC # to those stupid pop up windows telling you that you have viruses on your computer (it's a scam, the same as it was when you saw them in Windows).

For those that are in a school or at a work place where an A/V is required if you want access to the local network install ClamXav.

(And, of course, now that I've put a number on those that don't run an A/V, all those that do will come out of the closet.)
 
Joined
May 4, 2011
Messages
14
Reaction score
0
Points
1
Location
Docklands Melbourne Aus
Your Mac's Specs
21" iMac 3.6 GHz, Intel Core i5, 8 GB, 1333 MHz RAM
Thanks - then what about spam and junk email in my mail account because I am getting stuff coming in to inbox that should be going straight to junk mail.
 

bobtomay

,
Retired Staff
Joined
Dec 22, 2006
Messages
26,561
Reaction score
677
Points
113
Location
Texas, where else?
Your Mac's Specs
15" MBP '06 2.33 C2D 4GB 10.7; 13" MBA '14 1.8 i7 8GB 10.11; 21" iMac '13 2.9 i5 8GB 10.11; 6S
As it comes in, select the mail message, right click and select Mark - As Junk. It'll learn.

The stuff that's from sites where you signed up, head for the unsubscribe button in the email if you don't want the junk any longer.
 
Joined
May 4, 2011
Messages
5
Reaction score
0
Points
1
Currently, follow these simple rules:
Don't pirate software or anything else. Don't download video codecs from (primarily) porn sites. And don't give your CC # to those stupid pop up windows telling you that you have viruses on your computer (it's a scam, the same as it was when you saw them in Windows).

For many users, myself included, downloading video codecs from pornsites is one of the main reasons for having a home computer. A computer that you cannot download these videos to is not much of a computer.

So while I agree that your suggestions are great for users who are not interested in that kind of content, they seem pretty problematic for the rest of us.
 
Joined
Feb 1, 2011
Messages
4,399
Reaction score
2,086
Points
113
Location
Sacramento, California
Thanks - then what about spam and junk email in my mail account because I am getting stuff coming in to inbox that should be going straight to junk mail.

Apple's Mail has built-in anti-spam filters that have to be set up and trained to work well. Personally, I never was satisfied with them.

So instead I use:

SpamSieve ($30)
SpamSieve: Powerful Spam Filtering for Mac OS X

SpamSieve works like magic!

Review:
C-Command Software SpamSieve 2.7.4 E-Mail & Internet Software Review | Macworld
(Five out of five mice from Macworld magazine.)

Another way to go, which is free, is to open a free Gmail account, which includes excellent anti-spam filters, and use your favorite e-mail program as a front end for receiving your e-mail. See here for using Apple's Mail with Gmail:
Apple Mail 3.0 - Gmail Help
 

bobtomay

,
Retired Staff
Joined
Dec 22, 2006
Messages
26,561
Reaction score
677
Points
113
Location
Texas, where else?
Your Mac's Specs
15" MBP '06 2.33 C2D 4GB 10.7; 13" MBA '14 1.8 i7 8GB 10.11; 21" iMac '13 2.9 i5 8GB 10.11; 6S
For many users, myself included, downloading video codecs from pornsites is one of the main reasons for having a home computer. A computer that you cannot download these videos to is not much of a computer.

So while I agree that your suggestions are great for users who are not interested in that kind of content, they seem pretty problematic for the rest of us.

I didn't mention anything about downloading or watching videos. I said video codecs. These are the ones that tell you to download some other player (or codec) in order to watch a video. It is these that are filled with virii and trojans and if you're downloading them onto any Win machine, you are now infected.

Most of these in fact do not download a codec that allows you to watch their vids. They download a piece of nasty onto your machine, get you to install it and infect your machine, then let you watch vids with the codecs you already had installed on it to begin with.
 
Joined
Feb 1, 2011
Messages
4,399
Reaction score
2,086
Points
113
Location
Sacramento, California
Here is an interesting article. It is simply entitled "Wolf." It is about the press crying "wolf" for the past 7 years with regard to the "coming wave of Mac malware."

Daring Fireball: Wolf!
 
Joined
May 4, 2011
Messages
5
Reaction score
0
Points
1
I didn't mention anything about downloading or watching videos. I said video codecs. These are the ones that tell you to download some other player (or codec) in order to watch a video. It is these that are filled with virii and trojans and if you're downloading them onto any Win machine, you are now infected.

Most of these in fact do not download a codec that allows you to watch their vids. They download a piece of nasty onto your machine, get you to install it and infect your machine, then let you watch vids with the codecs you already had installed on it to begin with.

Point taken.
 
Joined
May 3, 2011
Messages
4
Reaction score
0
Points
1
Suspicious file activity, ClamXav wont recognize

Has anyone heard of a malware file named something similar to emalware.### (numbers ranging in the hundreds from 100 and above) I saw them when my ClamXav was doing a full system scan and then I searched for them in Finder and found nothing, even after searching invisible files and extensive searches in my Library folder. Due to the name I saw on these files, I'm guessing its something bad that I want to get rid of, but ClamXav doesn't recognize the many files as threats. I have been using Vuze which I'm almost positive is the problem but even the Vuze plus antivirus picked up nothing. Any ideas on what the file could be and if it is malicious? Any advice is appreciated!

Mac OS X 10.6.7
Vuze plus 4.6
Java 1.6.0_24
Mac firewall
Have been connected recently to WoW Cable Columbus and Time Warner Akron
Wireless connection
both connections have NAT routers
 
Joined
Feb 1, 2011
Messages
4,399
Reaction score
2,086
Points
113
Location
Sacramento, California
Has anyone heard of a malware file named something similar to emalware.### (numbers ranging in the hundreds from 100 and above) I saw them when my ClamXav was doing a full system scan ...Any ideas on what the file could be and if it is malicious?

ClamXav uses the ClamX database. The ClamX database is filled with literally hundreds of thousands of instances of malware that have nothing whatsoever to do with the Macintosh.

All of the Macintosh malware in the ClamX database has the term "OSX" identifying it. "emalware" is not for the Macintosh, according to the ClamX database. You can check for yourself by doing a search through the ClamX database here:

ClamAV Virus Database Search

Do a search for "OSX" and all of the Macintosh malware that ClamXav/ClamX knows about will be listed. (There will be 24 hits, but much of that is multiple variations of the same malware.)

So, whatever "emalware" is, it isn't Macintosh malware, which means that it can't harm your Macintosh.
 
Joined
May 14, 2009
Messages
2,052
Reaction score
136
Points
63
Location
Near Whitehorse, Yukon
Your Mac's Specs
2012 MBP i7 2.7 GHz 15" Matte - 16 GB RAM - 120 GB Intel SSD - 500 GB DataDoubler Mac OS 10.9
The Staff might want to consider adding this to the 1st page article,

Never, ever open anything in your Downloads folder that you can't remember downloading.

If using Safari, uncheck "Open "safe" files after downloading" in Safari>Preferences>General
 

robduckyworth


Retired Staff
Joined
Jan 4, 2011
Messages
2,971
Reaction score
109
Points
63
Location
Reading, UK
Your Mac's Specs
15" MBP, 2.5GHz i7, 750GB, 6770M 1GB, iPad 3, iPhone 4, custom PC
The Staff might want to consider adding this to the 1st page article,

Never, ever open anything in your Downloads folder that you can't remember downloading.

If using Safari, uncheck "Open "safe" files after downloading" in Safari>Preferences>General

I second this, in light of the recent "Best Anti virus 2011" trojan that came about.
 
Joined
May 21, 2011
Messages
3
Reaction score
0
Points
1
How do i get rid of Trojan.Gen.2

How do I get rid of Trojan.Gen.2 that has infected my iMac?
 

cwa107


Retired Staff
Joined
Dec 20, 2006
Messages
27,042
Reaction score
812
Points
113
Location
Lake Mary, Florida
Your Mac's Specs
14" MacBook Pro M1 Pro, 16GB RAM, 1TB SSD
How do I get rid of Trojan.Gen.2 that has infected my iMac?

The only references I can find to a "Trojan.Gen.2" is to a Windows trojan. How are you determining that you are indeed infected by it?
 
Status
Not open for further replies.

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top