We are getting a screen indicating that there are 71 items that need attention as part of an Apple Security Alert. The screen indicates that it is part of Apple Security Center. It asks to click ok to remove the offending objects (virus, malware). Is this legitimate apple software or will it introduce a virus?
iMac, Mac OS X (10.6.7)
You don't do that kind of thing in a web browser. To find the range you want to block, look up the assigned IPs. http://www.countryipblocks.net/ can help. You then need to play with the command line. For example, to block access to a web server, you need to modify .htaccess. if you don't know what .htaccess is or where to find it or how to change it, you shouldn't be modifying it. You can also add blocks to your hosts file, but doing things that way is tedious. Again, if you don't know where or what the hosts file is, you might want to reconsider changing it.
It might be worth mentioning that the according to the Country IP Blocks web site among the countries originating the most spam the U.S. is high on the list, edging out both China & the Russian Federation for top honors in the first quarter of this year. Great Britain, Germany, Japan, & Canada were also among the top ten.
Not sure if this is a new development or not...but this thing has hijacked my Chrome browser and I can't get rid of it! I didn't click on anything...It didn't download the files onto my system or install them. But the window trying to get me to do the download is running in my Chrome and no matter what I do I can't close and get rid of it.
I was on the MSNBC website when it hijacked my tab, btw. It's the 178. IP address still.
When I click the "close" button for that window, I get a pop-up in the window asking me if I really want to do that. I'm not dumb enough to not realize that whichever option I click, it will activate a download. The force quit function isn't working for that session. I can make Chrome quit by using the system wide force quit function, but it saves the open tabs and when I re-open Chrome...the malware window comes right back.
Help...any idea how to get my browser back? A re-install?
Open Activity Monitor>Active Processes in Utilities. Find whatever this thing is named, if it's there, and force quit it. In Chrome Preferences -- I don't have or know Chrome, but is there a setting that will quit all open tabs on re-opening?
Full removal: You have nothng to worry about if you didn't give your password to install it. These are the full instructions for those who have. But it can't hurt to check these locations, anyway.
First, restart in Safe Boot by holding the Shift key down at the chime. Or, alternatively, open Activity Monitor in Utilities, set to Active Processes, find the program and force quit it. This will keep it from running, but only temporarily, so you can remove it.
1. Drag the MacSecurity program -- or whatever it's called; it keeps using different names -- MAC Defender, MacProtector, MacKeeper 911, Apple Security Center, Apple Web Security -- it's not hard to imagine the new names it will be using in the coming days -- (installed in the Applications folder by default) to the Trash. Empty the Trash.
2. Remove item of same name from the Login Items for your Account in the OS X System Preferences (if it exists).
3. Go to your Home folder Library>Preferences and, if you find it, delete com.alppe.spav.plist. Look also in Application Support (may not be anything there, but check just in case) and search for any files with one of the above names and trash them. Empty the trash.
4. If you use Safari, go to Preferences>General and UNCHECK "Open "safe" files after downloading. Keep that unchecked.
If you paid for it, they have your credit card #. Call your credit card and dispute the charges. Also, cancel the card ASAP.
As a precaution, change your password.
I _think_ that if you hold the shift key down (or maybe the option key, or maybe both...) Chrome will clear the previous settings and start up with a new window. Other than that you'd need to delete the Chrome pref files in /Library/Prefrences.
You can disconnect your Mac from the Internet, then launch Chrome. It will attempt to open all pages from the last session, but without an Internet connection, it won't be able to load the JavaScript that prevents you from easily closing the window for the infected page. At this point you can close that window and quit Chrome, which will save the session without that window open. Then you can reconnect to the Internet and the next time you launch Chrome, it will not attempt to open that page.
MANY websites, (usually pop-ups and spam, even if they aren't dangerous or malicious) will use a pop-up window to ask you if you really want to close the window. Clicking the right button (I think it's the "OK" button) will close the window.
From my understanding, the "Are you sure..." pop-up is part of the operating system/browser. It is meant for preventing accidental closing of windows with un-saved information on it. (Such as filling out a form, or writing a message.)
Unless it is part of the website, made to look like the OS, then it will not download anything. (At least in Safari.) And you shouldn't worry about simply having a file download to you computer. You should only worry if you actually install said file.
The pop-up box wasn't the standard Chrome warning - it had custom text in it claiming that closing the window would leave the viruses on my computer and wreak death and destruction (j/k - but you get the gist) so I think it was compromised, masquerading as part of the OS but actually part of the browser hijack...
Just trying to err on the side of extreme caution because I work online (own an online media company) and so my entire life and job is on this computer! I can't afford downtime while I fix a trojan that got on my computer, or to lose files, etc!
I understand your caution.
But I forgot to mention that the websites also usually have custom alert text and custom text on the buttons. But it still seems to be part of the system.
It's always good to be on the safe side though. But you needn't jump through hoops to avoid clicking that alert.
ScrapNancy wrote:
The pop-up box wasn't the standard Chrome warning - it had custom text in it claiming that closing the window would leave the viruses on my computer and wreak death and destruction (j/k - but you get the gist) so I think it was compromised, masquerading as part of the OS but actually part of the browser hijack...
I'm not a Chrome user, so I refrained from responding until now. It's certainly possible for the web site to have been revised again. It has changed much more often than the downloaded package has over the past few weeks, but with the page that was running on Saturday, using either Safari or Opera, I was able to dismiss the window by clicking OK without receiving the download. I do agree that this was not the standard browser warning, but a similar one provided by the website (I assume via JavaScript).
I fixed it with the nuclear option - a clean re-install of Chrome. Back up and running in time to get my weekly podcast taped this afternoon over Skype. Phew!
Lets send Seal Team Six after these guys next...this stuff is heinous. 😮
The first thing I would do is make sure that Chrome doesn't save the last session's windows. And then the next thing I would do is make sure files won't get automatically opened once downloaded. And then I would stop using Chrome. lol
robin1232 wrote:
"killall Google\ Chrome".
I like that one. 🙂
I don't know why people use a browser from a company **** bent on profiling them, watching everything they do online, tell others where they live, etc., like Google does.
Guess they just don't know, give these corporations too much control or don't know how to install privacy control Add-ons with Firefox. (NoScript, BetterPrivacy, Ghostery, Ad block Plus)
Companies that don't have a real need to know, don't need to know your personal data.
Well let's see. Chrome has proven to be the fastest and most secure web browser on the market today. Not only that, Chrome does not send Google your web browsing history, so nice try. The source code for Chromium is available for you to look at if you want, but I doubt someone like you would be able to understand it.
Your ISP knows MUCH more about you than you think, and have access to every website you visit. Extensions such as NoScript will not stop your ISP from knowing every little detail about your web browsing history. At that point the only thing you can do is use a VPN 24/7 but then, oh wait, the ISP at the VPN knows everything you're doing as well. I suppose Tor would work too if you wan't to go back to AOL speeds.
rnawky wrote:
Do not worry, it is safe. Don't you remember, Apple computers don't get viruses 🙂
Viruses get on computers unaware to the user, this MacGuard, MacDefender, Macwhatever is a TROJAN.
Trojans don't get on computers without the users help in some fashion.
On Windows they have to deal with all sort of malware, on Mac's it's only the user weakness that malware gets on at all.
Doesn't matter how tough the operating system is, if the user is tricked, they can compromise the machine.
If the user is suspectible to being tricked constantly, then they need to get one of those dumbed down iPads where they can use their fingers like a child and have it manged by someone else with a real computer.
is apple security center safe?
