The Official Mac AntiVirus and Firewall FAQ

[basic.works]

I've got issues

I'm not all that "hip" on Mac and all of it tools. I've had this one for 2 or 3 years now and haven't had much troubles. This has changed.

iCal
can't alter an entry without it creating a new one
can't delete an entry, it only comes back a few seconds later
Not only are the "alarms" repeating, they're multiplying and adding more each time another entry is triggered.

Stickies
I usedd to be able to add notes and the like and "quit" the application. When I reopened it, all the "stuff" would still be there. Not anymore, it won't save a thing unless, I assume, I save the file manually, in which case I'm better off to just use TextEdit.

Dock
Though I can add an app to my dock and tell it to "keep in dock", it will, even after I quit the app. How ever, when I log out of my user account or restart the machine, the apps are no longer on the dock.

These are what I've noticed, thus far. It all seemed to start right after last weeks updates notices I received. Oddly but maybe that the way it is, I as using my computer but had to uninstall a program and in order to do that, I needed to go into my Admin account to perform the task. that's when I got the notices. They came via 'Mac software updates" as far as I know.

Please, is there any one out there that could offer some guidance?

 

[cwa107]

The following is an article posted in "ZDNet Tech Update Today"


GENEVA — In a sign that cyber-criminals are investing more time and resources into attacks against Apple’s Mac users, a new malware affiliate program has been discovered offering 43c for every infected Mac machine. During an eye-opening presentation at the VB Conference 2009 conference here, Sophos Labs researcher Dmitry Samosseikko provided a glimpse into the “Partnerka,” a Russian network of spam and malware affiliates that have turned their attention to the Mac platform — using social engineering tricks to load fake codecs and scareware programs.

Samosseiko discussed the “codec-partnerka,” which is dedicated solely to the sale and promotion of fake Mac software.
[ SEE: Mac Attack: Porn video lures dropping DNS-changer Trojan ]
He pointed to a site called Mac-codec.com (now offline) which was offering $0.43 for each malicious install, a price tag that suggests the Mac platform is becoming more and more lucrative to online crime gangs.
The site was also offering various promotional materials in the form of MacOS video players, a sign that the investment is just more than tricking users into paying for fake security software.
In the past, we have seen the use of porn video lures to trick Mac users into downloadiing and installing DNS changer Trojans.
The DNS changer Trojans typically change the Mac’s DNS server (the server that is used to look up the correspondences between domain names and IP addresses for web sites and other Internet services). When this new, malicious, DNS server is active, it hijacks some web requests, leading users to phishing web sites (for sites such as Ebay, PayPal and some banks), or simply to web pages displaying ads for other pornographic web sites.

Yes, these are the Trojans I referred to in my last post in this thread. They are easily avoided simply by not downloading supposed codecs from disreputable sites.

 

[cwa107]

I'm not all that "hip" on Mac and all of it tools. I've had this one for 2 or 3 years now and haven't had much troubles. This has changed.

iCal
can't alter an entry without it creating a new one
can't delete an entry, it only comes back a few seconds later
Not only are the "alarms" repeating, they're multiplying and adding more each time another entry is triggered.

Stickies
I usedd to be able to add notes and the like and "quit" the application. When I reopened it, all the "stuff" would still be there. Not anymore, it won't save a thing unless, I assume, I save the file manually, in which case I'm better off to just use TextEdit.

Dock
Though I can add an app to my dock and tell it to "keep in dock", it will, even after I quit the app. How ever, when I log out of my user account or restart the machine, the apps are no longer on the dock.

These are what I've noticed, thus far. It all seemed to start right after last weeks updates notices I received. Oddly but maybe that the way it is, I as using my computer but had to uninstall a program and in order to do that, I needed to go into my Admin account to perform the task. that's when I got the notices. They came via 'Mac software updates" as far as I know.

Please, is there any one out there that could offer some guidance?

Perhaps you should start your own thread. These issues are likely not due to any kind of Trojan.

 

[basic.works]

cwa107.

I'm sorry. Seeing as there are posts about Viruses and Trojans, and in view of the article I posted, ,I though this might be a good place to ask. When I entered a search this thread was the first at the top of the list. If I've offended, it wasn't my intention, nor was it to steal this thread.

As soon as I have some time to figure out how to create a thread and where to place it, I'll be sure to do as you suggest.

In the mean time, should someone have any ideas....??

 

[gliimpbu]

Now when it comes to antivirus software it gets trickier and there isn't as much agreement. Here are the normal pros and cons...

Pros:

* If you use the machine in a mixed network antivirus software will help stop you from further infecting the network. While your Mac can't be infected by a Windows virus, it can pass it on.
* Even though there is not a virus for Mac OSX that doesn't mean there will never be one. Having antivirus software installed makes you proactive in your protection.
* Most users see no performance decrease or issues when running antivirus software.

Cons:

* There has never been a virus or spyware released for Mac OSX to date.
* It eats up resources on some machines
* In certain situations it could cause stability issues or kernel panics

 

[dtravis7]

cwa107.

I'm sorry. Seeing as there are posts about Viruses and Trojans, and in view of the article I posted, ,I though this might be a good place to ask. When I entered a search this thread was the first at the top of the list. If I've offended, it wasn't my intention, nor was it to steal this thread.

As soon as I have some time to figure out how to create a thread and where to place it, I'll be sure to do as you suggest.

In the mean time, should someone have any ideas....??

CWA was not saying you offended anyone. Just with your issues you are having, a new thread might get you a lot more help than at the end of a AntiVirus Thread.

 

[aietcetera]

I have a 5 day old Snow Leopard MBP 15" so far so good. I don't have a partition of sorts nor Windows at all because I just don't need Windows (I'm in for MBP because I do a lot of designing). I do have to read Word documents though due to being a student but I opted for Open Office instead which is a great choice and is working fine.

I have both Safari and Firefox. Safari primarily used at home whereas Firefox on campus (Safari won't load as fast there). Safari's great at blocking pop-ups but it sometimes let a few out. Should I be concerned with this?

 

[(L)SD]

Firewall, minor correction and question (newbie)

(brand new Mini 10.5.8) On my machine, the firewall setting is under
System Pref>Personal>Security. The Default setting is "allow-all", which, in my Windoze mind doesn't sound very 'secure'. Should I change that?
(L)SD

 

[cwa107]

(brand new Mini 10.5.8) On my machine, the firewall setting is under
System Pref>Personal>Security. The Default setting is "allow-all", which, in my Windoze mind doesn't sound very 'secure'. Should I change that?
(L)SD

Do you have a wireless router? Does the machine ever leave the network in your house?

 

[(L)SD]

We have ATT Uverse wireless in our house. Always stay in that network, and have another PC and a G4 laptop.

 

[thehappyhitman]

so here's a question... i just got my macbook pro 2 days ago... and i love it. naturally being a native windows user, not having a/v has freaked me out. Considering i am a frequent downloader, and considering this article i read (Virus Found in Pirated Copies of iWork'09 - Tom's Guide) would downloading this program through a windows computer, scanning it with a/v, then transferring it to their mac have done anything?

 

[bobtomay]

so here's a question... i just got my macbook pro 2 days ago... and i love it. naturally being a native windows user, not having a/v has freaked me out. Considering i am a frequent downloader, and considering this article i read (Virus Found in Pirated Copies of iWork'09 - Tom's Guide) would downloading this program through a windows computer, scanning it with a/v, then transferring it to their mac have done anything?

No need to worry about it at all if you're not pirating software.

 

[thehappyhitman]

not all software costs money. There's freeware, shareware, trials, and demos. If i want to be extra careful, would doing it this way help? i don't download alot of applications, and also plan on being mindful of downloading form reputable sites as well, but...

 

[Chris H.]

If anything, it is better in some ways to download from Apple's Download's website because (I believe) they check things like this. So you have some degree of extra security here.

 

[D3v1L80Y]

If anything, it is better in some ways to download from Apple's Download's website because (I believe) they check things like this. So you have some degree of extra security here.

They don't check anything.

In fact, all third-party downloads on Apple's site contain the following disclaimer:

Apple is providing links to these applications as a courtesy, and makes no representations regarding the applications or any information related thereto. Any questions, complaints or claims regarding the applications must be directed to the appropriate software vendor.

 

[thehappyhitman]

in which case would running the application through a windows a/v catch anything? or do you think they are included in the virus definitions?

one other thing... how many virus definitions, trojans are actually out there. i've read some very conflicting things on the interwebs

 

[Chris H.]

They don't check anything.

In fact, all third-party downloads on Apple's site contain the following disclaimer:

Thanks for pointing that one out. Forgot.

IMO I think they should, since well, they sell the OS, they put the applications on their website! Besides, I know they check iPhone/iPod touch apps before they make it onto the iTunes Store..why not do the same for Mac OS X apps?

 

[thehappyhitman]

IMO I think they should, since well, they sell the OS, they put the applications on their website! Besides, I know they check iPhone/iPod touch apps before they make it onto the iTunes Store..why not do the same for Mac OS X apps?

maybe it has something to do with because it's a phone or mobile device. or maybe because it's because it's SOLD through Itunes and they're just doing a bit of CYA

 

[bobtomay]

No, running an OS X app through an AV that is looking for Windows viruses would not catch the couple of trojans that can affect OS X.

There are still no viruses and no malware in the wild that can affect OS X at this time.

There are only two ways that have been reported thus far for you to get one of the couple of trojans that are in the wild on your Mac right now.
1. Downloading pirated software
2. Downloading certain "video codecs" from porn sites

If you're doing neither of the above, well, when the first virus does hit OS X, we'll hear about it all over the news.

 

[kepople]

My Wife just called to tell me that my 2.8ghz Leopard machine is displaying the dreaded "total Security Protection Installation" virus screen taht killed my PC laptops harddrive a few weeks ago.

I am not looking forward to seeing that when I get home, could she be imagining that?
She said it was the same virus screen we had ont he PC.
Have they developed this internet bug for the MAC?

It blocks internet programs from accessing the internet and blows away a PC's sytem resources.

Question #2:
if it is there, Can I go into the Tasks and kill that running app of Safari and make it go away?

Anyone heard of this before?

Regards;
Kirby