| Forum Home | ||||
| PC World Chat | ||||
| Thread ID: 118081 | 2011-05-18 17:52:00 | 'Mac Defender' In The Wild | SurferJoe46 (51) | PC World Chat |
| Post ID | Timestamp | Content | User | ||
| 1203213 | 2011-05-19 03:21:00 | Then why does it open the floodgates to all sorts of porn sites and DOS? It doesn't normally, but browser hijacks have been around for years regardless of operating system or web browser being used. |
Safari (3993) | ||
| 1203214 | 2011-05-19 03:35:00 | It's a lot more than a browser hijack Safari, for a start here are a few of the files it puts on the Mac... /Applications/MacDefender.app/ /Applications/MacDefender.app/Contents /Applications/MacDefender.app/Contents/Info.plist /Applications/MacDefender.app/Contents/MacOS /Applications/MacDefender.app/Contents/MacOS/MacDefender /Applications/MacDefender.app/Contents/PkgInfo /Applications/MacDefender.app/Contents/Resources /Applications/MacDefender.app/Contents/Resources/About-Back.png /Applications/MacDefender.app/Contents/Resources/AboutD.nib /Applications/MacDefender.app/Contents/Resources/AboutMBMI.png /Applications/MacDefender.app/Contents/Resources/affid.txt /Applications/MacDefender.app/Contents/Resources/ControlCenterD.nib /Applications/MacDefender.app/Contents/Resources/Curing_1.png /Applications/MacDefender.app/Contents/Resources/Curing_2.png /Applications/MacDefender.app/Contents/Resources/Curing_3.png /Applications/MacDefender.app/Contents/Resources/Curing_4.png /Applications/MacDefender.app/Contents/Resources/Curing_5.png /Applications/MacDefender.app/Contents/Resources/Curing_6.png /Applications/MacDefender.app/Contents/Resources/Curing_7.png ... <numerous other image and media files> It installs itself (or asks to be installed) as an application. That aint no browser hijack. |
wratterus (105) | ||
| 1203215 | 2011-05-19 05:49:00 | It's a lot more than a browser hijack Safari, for a start here are a few of the files it puts on the Mac... /Applications/MacDefender.app/ /Applications/MacDefender.app/Contents /Applications/MacDefender.app/Contents/Info.plist /Applications/MacDefender.app/Contents/MacOS /Applications/MacDefender.app/Contents/MacOS/MacDefender /Applications/MacDefender.app/Contents/PkgInfo /Applications/MacDefender.app/Contents/Resources /Applications/MacDefender.app/Contents/Resources/About-Back.png /Applications/MacDefender.app/Contents/Resources/AboutD.nib /Applications/MacDefender.app/Contents/Resources/AboutMBMI.png /Applications/MacDefender.app/Contents/Resources/affid.txt /Applications/MacDefender.app/Contents/Resources/ControlCenterD.nib /Applications/MacDefender.app/Contents/Resources/Curing_1.png /Applications/MacDefender.app/Contents/Resources/Curing_2.png /Applications/MacDefender.app/Contents/Resources/Curing_3.png /Applications/MacDefender.app/Contents/Resources/Curing_4.png /Applications/MacDefender.app/Contents/Resources/Curing_5.png /Applications/MacDefender.app/Contents/Resources/Curing_6.png /Applications/MacDefender.app/Contents/Resources/Curing_7.png ... <numerous other image and media files> It installs itself (or asks to be installed) as an application. That aint no browser hijack. Those are just files associated with MacDefender and don't affect the operation of any other Mac files. They can all be removed by just deleting the MacDefender .app program. OS X does not have a registry like Windows that can get corrupted and affect the whole system. |
Safari (3993) | ||
| 1203216 | 2011-05-19 06:05:00 | Since it is supposedly running all the time, a Mac won't let you kill an operating program - right? | SurferJoe46 (51) | ||
| 1203217 | 2011-05-19 06:18:00 | Since it is supposedly running all the time, a Mac won't let you kill an operating program - right? You just open Activity Monitor, select Mac Defender and quit process to stop it running. |
Safari (3993) | ||
| 1203218 | 2011-05-19 06:28:00 | Sounds like a Windows-thing to me. | SurferJoe46 (51) | ||
| 1203219 | 2011-05-19 06:59:00 | Sounds like a Windows-thing to me. Yeah only better. support.apple.com |
Safari (3993) | ||
| 1203220 | 2011-05-19 07:09:00 | At least the Mac version of the "fake antivirus/anti-spyware" is dead easy to remove. Serious question, a co-worker has a Mac and encountered one of these fake virus alerts from a website. She wants to know if there is a good antivirus/antispyware app (preferable free) for her Mac. This will also allow her to scan files before they are transferred to a Window OS. Any recommendations? :) |
Jen (38) | ||
| 1203221 | 2011-05-19 07:41:00 | PEBKAC. That is my generalisation. Irregardless of OS. | bob_doe_nz (92) | ||
| 1203222 | 2011-05-19 07:52:00 | At least the Mac version of the "fake antivirus/anti-spyware" is dead easy to remove. Serious question, a co-worker has a Mac and encountered one of these fake virus alerts from a website. She wants to know if there is a good antivirus/antispyware app (preferable free) for her Mac. This will also allow her to scan files before they are transferred to a Window OS. Any recommendations? :) I installed avast trial version just to run a check. It is very easy to use and still works even though it was a trial version. www.apple.com I just noticed Sophos has a free version www.apple.com Have installed it to see what it looks like and seems to do the job It also has an on-access scanner which runs in the background. Not sure how good any of the AV programs are at stopping the fake AV issue as can be seen by the number of windows users who have been infected even though they have updated AV programs running. The source of the fake AV is quite often from Poisoned Google image searches so users need to be cautious when using image searches in Google. www.net-security.org |
Safari (3993) | ||
| 1 2 3 4 5 | |||||