Heads Up/Warning Mac Defender

I called this number - 1800 417 5679. supposed to be the 'customer service' hotline ...

I too had this happen yesterday when searching Google images. I installed MacDefender but didn't purchase it. It ran a scan and I'm worried I'm at risk. I tried going to applications and dragging MacDefender to the trash but I keep getting a message saying I can't because the program is open. Any suggestions on how to remove this installed program? Thanks.

One of my clients got hit. She was googling plant images. Someone above mentioned pirhana images so appears it's masquerading as images. It seems to be able to install itself bypassing Apple security, without requiring a password. Scary. Hopefully Apple can find and patch this. It kept putting up a translucent window in top right of screen with a warming and large red cleanup button. Like a Growl type dialog - but Growl was not installed. It also put a red Macafee or Windos style security icon on the menu bar. The interface for the app looks very well done. Happily my client called me and did not pay for the app or run it.

It's simple enough to remove, as noted above. I went to login items and deleted it, then restarted. Deleted Mac Defender app, then found the installer package in Downloads and deleted that.

Doug

Thanks. I followed all of these steps and hope it is now gone.

arkling wrote:

I really wish we could run OS X virtualized

You can do the next best thing for surfing the web. Provided you can spare a core and 1GB of RAM (even 512MB).

1: Download VirtualBox, it's free.

2: Download a ISO of Macbuntu 32bit x86 10.10, it's free.

3: Point VirtualBox to open the Linux ISO and install it. (piece of cake)

Don't let Linux have access to OS X side just to be safe, it can read all file formats, including HFS+.

Have a look around, set the display size and when your updated and tweaked, before going online, save a "snapshot" of that OS in VirtualBox. Go surfing and when your done, revert back to the earlier snapshot in VirtualBox.

MacBuntu looks just like OS X, just it's not as smooth and refined. Firefox works just the same.

I you need to transfer files from Linux, see if copy and paste works or use a external USB key.

What's nice about this is your web browser is sandboxed from OS X, and you can still use OS X for other things.

Someone on another discussion of the same topic said they called and got a refund. I don't have the number to call yet.

I just google'd that phone number ... seems like this scam has been around for more than a month ...

http://www.complaintsboard.com/complaints/systemtoolonlinecomiwwwinteractivesoft wareshopcom-c433172.html#c974608

Thank you so much Joseph for explaining a newbe thru the process of getting rid of that **** thing! The same thing happened to me with a photo, down loaded but didn't buy. I was able to dump it all and I thank you for the help.

Brian

I was searching flower photos online this evening via Google when I got a warning of virus activity. I agreed to scan. It said it did, but it was too quick and then I had downloaded "BestMacAntivirus2011.mkpg" (per my downloads list), which showed up as MacDefender on my computer and which also requested I install it immediately for the safety of my computer. It looked and acted suspicious, so I did not install and I googled it instead, leading me here. I've now apparently deleted everything with MacDefender on my computer and emptied my trash. I didn't use spotlight search because I don't know how. There are no suspicious charges showing (yet) on my credit card. I downloaded ClamXav and I intend to run it based on the recommendations here. I will search Finder for BestMacAntivirus as well. I have 2 questions: How do I search my computer with Spotlight? and Did I escape effect of the virus by not installing it, even though it showed as a download (though I never agreed to download anything)? I should also note that it appeared the program/virus had been installed at 2 pm today instead of >4 hours later when the actual incident occurred.

hi. my wife got hit with this too while searching google images for frank lloyd wright. i uninstalled it before i read this thread. deleted all files, installer, went to activity monitor, etc as suggested. but i emptied my trash before restarting my computer. now that i've restarted it, i've searched in finder and spotlight and can find no trace of the macdefender program. did emptying the trash before i restarted the computer compromise it in some way? is there any way i can be sure that it's gone?

I should leave this for the pros being I know next to NOTHING about computers but one thing I do know is where Spotlight is. On your MACs desk top upper right hand corner is a little magnifying glass looking thing next to the clock. Click on that and you will see the word "Spotlight". Put a search word there and it will search the entire computer. If you put Macdefender in spotlight and come up with ANYTHING that says macdefender, you did NOT get rid of it all. If you did just what Joseph said, it is gone.

Brian

The photo I clicked on in Google Images led me to a webpage with the address TenacityWorks.net Now that I risked my computer to click it in history browser, please let me know if I need to be concerned about that. According to my history tab, it failed to open page just now when I peeked again and shut it right away.

This is a good question that the wife and I were pondering, why should it be shut down before the trash is emptied? How about Joseph can you explain it to this clueless computer user? (Me)

Brian