• Welcome to the new Mac-Forums. See News and Community Announcements for more details.

What now? Trojans, etc, reported

Joined
Dec 16, 2008
Messages
58
Reaction score
1
Points
8
I just ran a deep scan with Malwarebytes, and I have 564 threats to deal with.... or not. All but 4 are on my backup disc. There are names like Trojan.MAC.generic.6122, VB:Trojan.Valyris.3236, and that f'ing MacCleaner. What do I do to rid myself of these vermin? Thanks. j
 

Raz0rEdge

Well-known member
Staff member
Moderator
Joined
Jul 17, 2009
Messages
12,662
Reaction score
304
Points
83
Location
MA
Your Mac's Specs
2018 Mac-Mini macOS Catalina 10.15.5, 32 GB
Malwarebytes should not only identify them, it should also quarantine and delete them as well.
 

krs


Joined
Sep 16, 2008
Messages
1,708
Reaction score
35
Points
48
564 threats?

Holy Cow! I didn't think there were even that many "threats" for the Mac.

Had me run Malwarebytes myself right away - luckely my Mac wasstill reported "clean"

Did you try running DetectX Swift to see what results you get there?
 
Joined
Jan 1, 2009
Messages
8,031
Reaction score
147
Points
63
Location
Winchester, VA
Your Mac's Specs
MBP 15" Mid 2015, iPhone 11 Pro, an iMac, plus ATVs, AWatch, MacMini
I would bet that most, if not all, of those "threats" are in emails from Windows owners. They can't run on a Mac, but often get reported because they are attached to email from infected Windows systems.
 
Joined
Feb 1, 2011
Messages
2,028
Reaction score
162
Points
63
Location
Sacramento, California
I would bet that most, if not all, of those "threats" are in emails from Windows owners. They can't run on a Mac, but often get reported because they are attached to email from infected Windows systems.
+1

Whenever I hear from someone that is all upset because their AV scanner told them that they are "infected" with viruses, I ask them "which viruses, *exactly* is it reporting that you are infected with?" Usually it is a combination of Windows viruses attached to e-mails (harmless on a Mac), and sometimes it is things for which there are no reports from respected sources of even existing.

Don't forget that most of the free AV products exist to scare you into eventually purchasing their commercial product. If you go to MalwareBytes Web site, you can instantly see that they are *big liars* about the threat to Mac users. That's just one of the reasons that I don't recommend MalwareBytes anymore.
 
Joined
Dec 16, 2008
Messages
58
Reaction score
1
Points
8
Many thanks. I will download what was mentioned and see if it nukes the "threats".
 
Joined
Feb 1, 2011
Messages
2,028
Reaction score
162
Points
63
Location
Sacramento, California
I downloaded VirusBarrier from the Apple store last evening.

For some reason I can't get it to complete a scan,
If you are running Mojave or Catalina, you may have to give VirusBarrier permission to access your hard drive in :

System Preferences --> Security & Privacy --> Privacy tab --> add it on the right

it's also very, very slow compared to MWB and DetectX Swift.
ROFL! What you are seeing is the normal speed for a real anti-virus program. It's looking everywhere that malware can hide. It might take an hour or two to do a scan.

If you look at past discussions, I've noted that MWB can't possibly be a comprehensive anti-mailware product as its developers claim. And it isn't. After much push-back, even they admitted it. No program can check comprehensively for malware in 20 seconds. MWB can only be doing the most superficial of scans, likely only on the names of a few files in a few places, in a 20 second scan. VirusBarrier actually looks inside files to see what's in them.
 
Joined
Oct 16, 2010
Messages
13,217
Reaction score
207
Points
63
Location
Brentwood Bay, BC, Canada
If you look at past discussions, I've noted that MWB can't possibly be a comprehensive anti-mailware product as its developers claim.

And possibly one of the reasons why I still use an original version Malwarebytes Anti-Malware 1.3.1 as when Thomas Reed originally developed it, and it still updates its database and takes its own good sweet time to do a scan.


EDIT:
BTW: Its scan of 877,829 files of my boot drive just completed and took just over 12+ minutes.




- Patrick
======
 
Last edited:

krs


Joined
Sep 16, 2008
Messages
1,708
Reaction score
35
Points
48
If you are running Mojave or Catalina, you may have to give VirusBarrier permission to access your hard drive in :

System Preferences --> Security & Privacy --> Privacy tab --> add it on the right
I did this when I first set up VirusBarrier, so that by itself can't be the problem.

Even if I hadn't, the scan should still finish for whatever files VB had access to.
Not just stop scanning and when I then try to quit VB tell me it's still scanning, but in fact it's not.
The other thread I started has some more detail on that.

ROFL! What you are seeing is the normal speed for a real anti-virus program. It's looking everywhere that malware can hide. It might take an hour or two to do a scan.

If you look at past discussions, I've noted that MWB can't possibly be a comprehensive anti-mailware product as its developers claim. And it isn't. After much push-back, even they admitted it. No program can check comprehensively for malware in 20 seconds. MWB can only be doing the most superficial of scans, likely only on the names of a few files in a few places, in a 20 second scan. VirusBarrier actually looks inside files to see what's in them.
My understanding was that MWB only looks for malware that can affect the Mac.
And since there is a very small number of Mac malware compared to Windows, MWB only checks the file areas where the known Mac malware is"hiding" and that can be done very quickly.
Anyway, that was the explanation I got originally - sort of looking for malware intelligently rather than brute force.
 
Joined
Feb 1, 2011
Messages
2,028
Reaction score
162
Points
63
Location
Sacramento, California
And possibly one of the reasons why I still use an original version Malwarebytes Anti-Malware 1.3.1 as when Thomas Reed originally developed it, and it still updates its database and takes its own good sweet time to do a scan.


EDIT:
BTW: Its scan of 877,829 files of my boot drive just completed and took just over 12+ minutes.
That's nothing. I don't think that any version of MWB or Adware Medic ever did more than quickly scan for a few pieces of easy to find malware. (Note that Thomas Reed never claimed that Adware Medic looked for any malware. Just adware.)

However, both product have always done an excellent job of searching for adware, so they have always been invaluable. Just not as comprehensive anti-virus software.
 
Last edited:
Joined
Feb 1, 2011
Messages
2,028
Reaction score
162
Points
63
Location
Sacramento, California
My understanding was that MWB only looks for malware that can affect the Mac.
And since there is a very small number of Mac malware compared to Windows, MWB only checks the file areas where the known Mac malware is"hiding" and that can be done very quickly.
Anyway, that was the explanation I got originally - sort of looking for malware intelligently rather than brute force.
That's the spin that they have put on it, yes.

It's not what any real comprehensive anti-virus product does. (If you go to any big company that uses Macs, MWB isn't what they are using to protect themselves from malware. They know what works.)

There is no way in hell that MWB can be comprehensively looking for all Mac malware in the time that it takes to do a run, no matter how they spin it.

I'll believe it when there is an independent, reliable, and trust-able source that does a comparison test of AV products that shows that it does. Unfortunately, there are no such sources anymore. (Though there are plenty of shill sites you can find on the Web.)
 
Joined
Feb 1, 2011
Messages
2,028
Reaction score
162
Points
63
Location
Sacramento, California
Randy, can you take a look at this thread and maybe have an idea why I can't get VirusBarrier to complete a scan?
I did look, and I'm sorry to report that I don't know.

I went to Intego's Web site and I couldn't find any reports of anyone having similar problems.
Intego Support

You may want to ask Intego tech support:
Submit a request – Intego Support

Sometimes anti-virus scanners can get hung up on compressed/archived/encrypted files. So you may want to set VB to skip those.

You may also want to set VB to just scan in certain parts of your drive (e.g. in e-mail and downloads where viruses are most likely to appear) and see if that works.

Check VB's logs and see if there is a clue as to what it is choking on.

Or you might want to try running VB while booted into Safe Mode. (If that is even possible.) VB might be hanging due to something that is simultaneously running.

Sorry that I can't be of more assistance, but I've never heard from anyone else who has had this problem with VB.
 

krs


Joined
Sep 16, 2008
Messages
1,708
Reaction score
35
Points
48
Thanks for the detailed reply Randy

I'll try VB support tomorrow.
 
Joined
Dec 16, 2008
Messages
58
Reaction score
1
Points
8
First, my mistake; my original post said I ran MWB but it was BitDefender. OK, I've now run Virus Barrier and it took 2 days, scanning over 67 million files. It reports several quarantined and MANY infected files. Infected names include "com.updat...mcy.plist, OSX/InstallCore.mcy", "info.plist, OSX/AnySearch" "MyShopcoupon, OSX/SurfBuyer.gen", "com.updater.mcy.plist, OSX/Install.mcy", "fw.tgz, JS/Agent", "FastWeb.safariextz, JS/Agent", and many, many others. Apparently there is no list of infected files kept, but there are several "manifest.json" in quarantine. So what do I do with these infected files? Thanks.
 
Joined
Dec 16, 2008
Messages
58
Reaction score
1
Points
8
P: Thanks for the reply. I read the manual for what to do with the quarantined files, but what about those infected? That is my issue. The manual does not say what to do with them. Am I to assume that they were nuked by VB?
 

krs


Joined
Sep 16, 2008
Messages
1,708
Reaction score
35
Points
48
First, my mistake; my original post said I ran MWB but it was BitDefender. OK, I've now run Virus Barrier and it took 2 days, scanning over 67 million files.
Were you using your Mac while VirusBarrier was running?
Seems everytime I run VB and then use my Mac for basic other things, like web browsing or reading emails, the scan stops and I can't get it to start again other than from the beginning.
 
Top