-
All replies
-
Helpful answers
-
May 19, 2011 6:53 AM in response to MadMacs0by Mark H. Delfs,FYI: Here's what "MacDefenderKiller" actually does:
First, it will look for the running process called "MacProtector, MacDefender or MacSecurity" and it will kill it by identifying the process number.
Secondly, it will then look for those same 3 items in your apps folder and remove them.
Third, it will remove any item in your downloads folder with the above names, even the installers or packages.
Lastly, it patches Safari's "Safe File" preference (which you can change back if you desire) so the malware can't come back in again. I would just use Google Chrome or Firefox, but that's a discussion for another day...
It puts all the malware junk in the trash for you to investigate and writes a report for you to see what actually happened.
-
May 20, 2011 6:18 AM in response to Ziatronby UK_Mac_User,@ Ziatron
I started out on Macs a year after you - 1985. Sadly, I can report that there were some Mac virii (viruses) up to and including OS9. After OS10, as far as I know, none, apart from some proof of concept stuff.
Think about the logic that the bad-guys, in my book the e-vermin, are now applying:
1. Windows has always been vulnerable, but so have Macs, Linux...... BUT
2. Windows = 85%-90% of the target audience...... SO
3. Target Windows...... BUT
4. Windows 7 plugs most vulnerabilities, and patches for other incarnations mean Windows grows ever harder to attack...... HOWEVER
5. Mac users are complacent..... SO
6. Target Macs with updated Windows trojans...... REPEAT
The battle has only just begun. It is time that Apple educates customers about using non-Admin log-ins for day to day work, and to only log-in as Admin for essential upgrades and maintenance. This is, after all, a key strength of the Unix structure within OS10.
What I would now like to see is an installation procedure that forces the set-up of 2 users, [Admin] and [Name] with entirely different passwords. This could be implemented within 10.7 final release.
-
May 20, 2011 3:38 PM in response to UK_Mac_Userby Dolphbucs,UK_Mac_User wrote:
What I would now like to see is an installation procedure that forces the set-up of 2 users, [Admin] and [Name] with entirely different passwords. This could be implemented within 10.7 final release.
If they could add that along with changing the "open safe files" default ( or even eliminate the option entirely ... does anyone really need it ? ) that would be great ! -
May 20, 2011 4:41 PM in response to UK_Mac_Userby iGary,I use Standard accounts as much as possible and try to convince users to do the same.
It is frustrating however when along comes some app that won't run under a non-admin account! Some developers also need to get on board.
-
May 21, 2011 2:07 AM in response to iGaryby R C-R,Do note that this trojan requires admin authentication to be installed, even if one is logged into an admin account. Plus, once installed it runs as a user process.
-
May 21, 2011 10:35 AM in response to anne eby erinfromwadsworth,Hello all! I was just lewered by the MAC defender, but it was too late...cc entered. I think I have cleaned it out. I checked all the folers and nothing, nothing in apps. activity monitor hd,e tc. my ?? is what do I do with the acct that i used to purchase? how dangerous is this virus? i dont want to have to re do all my accts, because of this jerk...who the company name I got was maritop out of AZ, of course there is no phones asssociated with this business. I am soo mad I did this! so should I change my pw? and/or what else do i need to do!
-
May 21, 2011 11:03 AM in response to erinfromwadsworthby Paul_31,HI Erin
First thing is to contact your bank and put a stop on your card and the transaction. They'll issue you a new card and hopefully stop the payment to the thieving *****.
Don't worry you haven't got a virus, for instructions on how to remove the malware have a look here: http://www.tuaw.com/2011/05/19/macdefender-malware-protection-and-removal-guide/ #continued
Fortunately the malware won't hurt your Mac, just your bank account (get in touch quick and you'll be fine, I'm sure)
I'd also recommend you change your admin password. Good luck.
-
May 21, 2011 11:08 AM in response to Paul_31by erinfromwadsworth,thx changed pw! I also saw at items that open was a macprotector item listed, i dont know what that is so i trashed it. I also installed sophos as it is free.
-
May 21, 2011 11:24 AM in response to erinfromwadsworthby Paul_31,Good that you changed the password but rather than just delete the things you can see in startup items and elsewhere you really need to follow the instructions in the link I gave to remove everything otherwise the thing is likely to keep re-appearing. Don't forget to call your bank .
-
May 21, 2011 11:40 AM in response to anne eby madbutok,To Anne e & others,
If you have gotten a MacDefender Protect & can't get rid of it then go to .
support@zeobit.com & follow along with the email they send you.
Mine is gone from just doing this. Good Luck to you all where ever you are.
madbutok
-
May 21, 2011 2:50 PM in response to madbutokby babowa,Well, rather than using the link you provided, I just googled 'zeobit' and was met with an "untrusted site" warning. I will not be going there; their offices are in the Ukraine.
Before sending others there, please read this discussion:
https://discussions.apple.com/thread/3018826
You can also do a search here for MacKeeper and find all sorts of recommendations against it.
-
-
-
-
May 21, 2011 3:37 PM in response to WZZZby laverne's mom,I don't know how to insert a screen shot, but I've been reading this thread and when I "google" zeobit.com I get some red and some green buttons from WOT on Firefox. Very confusing.
laverne's mom



