grazgar
Level 1 (0 points)

Q: How do I remove Backdoor.wirenet.2 from my Mac. DrWeb has detected it but can not remove.

DrWeb has detected Backdoor.wirenet.2 on my Mac.

The Location is /Users/grazia/.Install?Host.app/Contents/MacOs

but when I go there I can not find it.

Any help??

Posted on Mar 25, 2014 4:31 AM

by Linc Davis,Solvedanswer
Linc Davis Linc Davis
Level 10 (208,037 points)
Applications
A:

You removed "DownLite," and you also removed the login item part of "NetWeird." If you also removed the .Install folder, then you should be OK as far as malware goes. You still have "MacKeeper," which is not malware but is useless junk, and you should remove that too. I posted instructions on the first page of this thread.

 

The script ran about three times as fast without "DrWeb" also running.

 

Please take to heart what I wrote about changing the way you use the computer.

Posted on Mar 29, 2014 5:24 PM

Close
grazgar

Q: How do I remove Backdoor.wirenet.2 from my Mac. DrWeb has detected it but can not remove.

  • All replies
  • Helpful answers

Previous Page 2 of 3 last Next

  • by thomas_r.,

    thomas_r. thomas_r. Mar 26, 2014 7:19 PM in response to grazgar
    Level 7 (30,944 points)
    Mac OS X
    Mar 26, 2014 7:19 PM in response to grazgar

    You are infected with the Wirenet (aka NetWeird) malware. One variant of this malware is an app called Host.app, and you have such an app that has been installed into an invisible folder (named ".Install") in your user folder, and which has been added to your login items. Back in 2012, this malware was not very well implemented, but it seems to still be in circulation (thus the ".2" in the name, indicating it is a second variation discovered since the initial appearance), and has probably been improved on.

     

    This malware includes a backdoor, allowing the hackers behind it to install other things on your computer or make configuration changes. And it may potentially have been on your computer for some time. As such, you should consider your computer to be fully compromised, and should not attempt to remove the malware from the system. Instead, you need to erase the hard drive, reinstall the system and only trusted apps from scratch and then restore only your documents from backup. See:

     

    How to reinstall Mac OS X from scratch

     

    Since NetWeird has been known to steal passwords, after you have established a clean system, you should immediately change ALL your online account passwords - e-mail, Apple ID, bank accounts, you name it. Change them all.

     

    Note that you have been advised to remove Dr. Web. If you are using Dr. Web Light, from the App Store, there is absolutely no reason to follow this advice, especially given that it alerted you to this threat. Dr. Web Light cannot cause any problems, as long as you do not act rashly and allow it to delete files prematurely. Further, it is the only App Store anti-virus that I recommend. Reinstall it after wiping the system if you like.

     

    As for other recommendations, for removing things like MacKeeper and uTorrent, I'm behind those 100%. MacKeeper is garbage, and downloading from a torrent is a great way to get infected with malware. Neither of these apps should have a place on your computer. Do not reinstall these after you wipe your system clean.

     

    For more information about protecting yourself from malware in the future, see my Mac Malware Guide.

  • by Linc Davis,

    Linc Davis Linc Davis Mar 26, 2014 8:00 PM in response to Linc Davis
    Level 10 (208,037 points)
    Applications
    Mar 26, 2014 8:00 PM in response to Linc Davis

    Thomas is apparently more current on the subject of this trojan than I am. On the subject of removing "DrWeb," I would only add that it did not save you from being infected, and neither it nor any other "anti-virus" software will save you from being infected again in the future. The only thing that will save you is a drastic change in the way you use the computer, as outlined in my earlier comment. If you wallow in the open sewers of the Internet, you are going to get filthy. Thinking that a deus ex machina like "DrWeb" is going to protect you only puts you at greater risk.

     

    It's likely that you have been infected for more than a year. Whatever damage was going to be done, has been done.

     

    The one thing you can be sure "DrWeb" will do is continue to waste CPU cycles, as it was doing when you ran the test script. At that time, it was using more of the CPU than any other process. I stand by my recommendation that you remove it.

  • by grazgar,

    grazgar grazgar Mar 27, 2014 1:45 AM in response to Linc Davis
    Level 1 (0 points)
    Mar 27, 2014 1:45 AM in response to Linc Davis

    /users/grazia/.install/host.app

  • by grazgar,

    grazgar grazgar Mar 27, 2014 1:49 AM in response to thomas_r.
    Level 1 (0 points)
    Mar 27, 2014 1:49 AM in response to thomas_r.

    Thanks Thomas for your advice.

    I think I know when I got infected. My computer started to behave in a strange way just after I installed a program.

  • by MadMacs0,

    MadMacs0 MadMacs0 Mar 27, 2014 2:02 AM in response to grazgar
    Level 5 (4,801 points)
    Mar 27, 2014 2:02 AM in response to grazgar

    grazgar wrote:

     

    My computer started to behave in a strange way just after I installed a program.

    And what Thomas and I are trying to get our hands on is that p;rogram. Don't post a link, but can you describe in some way where we can find it? That way we might be able to figure out what beside that host.app has been installed.

  • by thomas_r.,

    thomas_r. thomas_r. Mar 27, 2014 3:28 AM in response to Linc Davis
    Level 7 (30,944 points)
    Mac OS X
    Mar 27, 2014 3:28 AM in response to Linc Davis

    On the subject of removing "DrWeb," I would only add that it did not save you from being infected, and neither it nor any other "anti-virus" software will save you from being infected again in the future.

     

    Do you know when Dr. Web was installed and when the infection happened? I don't.

     

    What I can say is that the built-in XProtect system should protect against this at this point. After my findings back on March 5 (Time to re-evaluate safety of Mac OS X), showing that Mac OS X did not actually protect against NetWeird (among other things), and after I submitted two samples of this malware to Apple, it now protects against this. On the 13th, Apple added a definition for OSX.NetWeird.A.

     

    Prior to that point, ONLY anti-virus software would have protected grazgar against this threat. Dr. Web has recgonized it for quite some time. My guess is that either Dr. Web wasn't installed when the infection happened, or Dr. Web Light was installed and not used to scan the downloaded file. (Dr. Web Light is only capable of manual scans, and as such, it is not going to "continue to waste CPU cycles.")

  • by grazgar,

    grazgar grazgar Mar 27, 2014 3:48 AM in response to thomas_r.
    Level 1 (0 points)
    Mar 27, 2014 3:48 AM in response to thomas_r.

    Thomas,

    I did not have any idea that Mac could be attacked by Virus before this episode.

    I just discovered Dr Web in the last few days when I realised there was something wrong with my Mac and I tried to find a solution.

  • by grazgar,

    grazgar grazgar Mar 27, 2014 3:50 AM in response to MadMacs0
    Level 1 (0 points)
    Mar 27, 2014 3:50 AM in response to MadMacs0

    MadMacs0

     

    I think the program that infected by Mac could be associated with the movie 'casablanca' thepiratebay.

  • by grazgar,

    grazgar grazgar Mar 27, 2014 4:12 AM in response to thomas_r.
    Level 1 (0 points)
    Mar 27, 2014 4:12 AM in response to thomas_r.

    My Other MacBook Pro have started to give me problem as well .

    I can not use the cursor of the mouse.

    The touch pad seems to be broken.

    I run the steps reccomanded by Linc Davis and it is the result:

    ANY IDEA?

     

     

     

     

    No root access


    System Version: Mac OS X 10.6.8 (10K549)

    Kernel Version: Darwin 10.8.0

    Boot Mode: Normal


    Model: MacBookPro7,1


    Kernel messages


      Tue Mar 25   kernel[0]: Previous Shutdown Cause: -60

      Tue Mar 25   kernel[0]: AppleBCM5701Ethernet: 0 0 setFixedSpeed - logic error, speed any?

      Wed Mar 26   kernel[0]: AppleBCM5701Ethernet: 0 0 setFixedSpeed - logic error, speed any?

      Wed Mar 26   kernel[0]: AppleBCM5701Ethernet: 0 0 setFixedSpeed - logic error, speed any?

      Wed Mar 26   kernel[0]: AppleBCM5701Ethernet: 0 0 setFixedSpeed - logic error, speed any?

      Thu Mar 27   kernel[0]: PM notification timeout (pid 118, Seagate Storage )

      Thu Mar 27   kernel[0]: AppleBCM5701Ethernet: 0 0 setFixedSpeed - logic error, speed any?


    Extrinsic agents


      edu.mit.Kerberos.KerberosAgent

      com.paragon.ntfs.vendor

      com.paragon.ntfs.trial

      com.seagate.SeagateStorageGauge.plist

      com.epson.epw.agent

      com.adobe.CS5ServiceManager

      edu.mit.Kerberos.CCacheServer


    launchd items


      /Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist

                (com.adobe.AAM.Startup-1.0)

      /Library/LaunchAgents/com.adobe.CS5ServiceManager.plist

                (com.adobe.CS5ServiceManager)

      /Library/LaunchAgents/com.epson.epw.agent.plist

                (com.epson.epw.agent)

      /Library/LaunchAgents/com.seagate.SeagateStorageGauge.plist

                (com.seagate.SeagateStorageGauge.plist)

      /Library/LaunchDaemons/com.adobe.fpsaud.plist

                (com.adobe.fpsaud)

      /Library/LaunchDaemons/com.adobe.SwitchBoard.plist

                (com.adobe.SwitchBoard)

      /Library/LaunchDaemons/com.apple.third_party_32b_kext_logger.plist

                (com.apple.third_party_32b_kext_logger)

      /Library/LaunchDaemons/com.sierrawireless.SWoCTool.plist

                (com.sierrawireless.SWoCTool)


    Extrinsic loadable bundles


      /System/Library/CoreServices/SecurityAgentPlugins/HomeDirMechanism.bundle

                (com.apple.SecurityAgentPlugin.HomeDirMechanism)

      /System/Library/CoreServices/SecurityAgentPlugins/loginKC.bundle

                (com.apple.loginKC)

      /System/Library/CoreServices/SecurityAgentPlugins/loginwindow.bundle

                (com.apple.securityAgentPlugin.loginwindowUI2)

      /System/Library/CoreServices/SecurityAgentPlugins/MCXMechanism.bundle

                (com.apple.securityAgentPlugin.MCXMechanism)

      /System/Library/CoreServices/SecurityAgentPlugins/PKINITMechanism.bundle

                (com.apple.PKINITMechanism)

      /System/Library/CoreServices/SecurityAgentPlugins/RestartAuthorization.bundle

                (com.apple.securityAgentPlugin.RestartAuthorization)

      /System/Library/Extensions/AppleIntelSNBGraphicsFB.kext

                (com.apple.driver.AppleIntelSNBGraphicsFB)

      /System/Library/Extensions/AppleIntelSNBVA.bundle

                (com.apple.AppleIntelSNBFBVA)

      /System/Library/Extensions/AppleMCP89RootPortPM.kext

                (com.apple.driver.AppleMCP89RootPortPM)

      /System/Library/Extensions/AppleThunderboltDPAdapters.kext

                (com.apple.driver.AppleThunderboltDPAdapters)

      /System/Library/Extensions/AppleThunderboltEDMService.kext

                (com.apple.driver.AppleThunderboltEDMService)

      /System/Library/Extensions/AppleThunderboltNHI.kext

                (com.apple.driver.AppleThunderboltNHI)

      /System/Library/Extensions/AppleThunderboltPCIAdapters.kext

                (com.apple.driver.AppleThunderboltPCIAdapters)

      /System/Library/Extensions/AppleThunderboltUTDM.kext

                (com.apple.iokit.AppleThunderboltUTDM)

      /System/Library/Extensions/ATI6000Controller.kext

                (com.apple.kext.ATI6000Controller)

      /System/Library/Extensions/EPSONUSBPrintClass.kext

                (com.epson.print.kext.USBPrintClass)

      /System/Library/Extensions/hp_designjet_series.kext

                (com.hp.print.hpio.Designjet.kext)

      /System/Library/Extensions/hp_Deskjet_io_enabler.kext

                (com.hp.print.hpio.Deskjet.kext)

      /System/Library/Extensions/hp_Inkjet1_io_enabler.kext

                (com.hp.print.hpio.Inkjet1.kext)

      /System/Library/Extensions/hp_Inkjet2_io_enabler.kext

                (com.hp.print.hpio.Inkjet2.kext)

      /System/Library/Extensions/hp_Inkjet3_io_enabler.kext

                (com.hp.print.hpio.Inkjet3.kext)

      /System/Library/Extensions/hp_Inkjet4_io_enabler.kext

                (com.hp.print.hpio.Inkjet4.kext)

      /System/Library/Extensions/hp_Inkjet5_io_enabler.kext

                (com.hp.print.hpio.Inkjet5.kext)

      /System/Library/Extensions/hp_Inkjet7_io_enabler.kext

                (com.hp.print.hpio.inkjet7.kext)

      /System/Library/Extensions/hp_Inkjet8_io_enabler.kext

                (com.hp.print.hpio.inkjet8.kext)

      /System/Library/Extensions/hp_Inkjet_io_enabler.kext

                (com.hp.print.hpio.Inkjet.kext)

      /System/Library/Extensions/hp_io_printerclassdriver_enabler.kext

                (com.hp.hpio.hp_io_printerclassdriver_enabler)

      /System/Library/Extensions/hp_Laserjet_io_enabler.kext

                (com.hp.print.hpio.Laserjet.kext)

      /System/Library/Extensions/hp_Officejet_io_enabler.kext

                (com.hp.print.hpio.Officejet.kext)

      /System/Library/Extensions/hp_Photosmart_io_enabler.kext

                (com.hp.print.hpio.Photosmart.kext)

      /System/Library/Extensions/hp_PhotosmartPro_io_enabler.kext

                (com.hp.print.hpio.PhotosmartPro.kext)

      /System/Library/Extensions/hp_psa640_io_enabler.kext

                (com.hp.hpio.hp_psa640_io_enabler)

      /System/Library/Extensions/hp_qc_io_enabler.kext

                (com.hp.hpio.hp_psa530_630_io_enabler)

      /System/Library/Extensions/IOThunderboltFamily.kext

                (com.apple.iokit.IOThunderboltFamily)

      /System/Library/Extensions/LexmarkUSBMerge.kext

                (com.lexmark.print.usbmerge)

      /System/Library/Extensions/Maxon.kext

                (au.com.maxon.driver.MaxonFamily)

      /System/Library/Extensions/Option72.kext

                (com.option.driver.Option72)

      /System/Library/Extensions/OptionMSD.kext

                (com.option.driver.OptionMSD)

      /System/Library/Extensions/PromiseSTEX.kext

                (com.promise.driver.stex)

      /System/Library/Extensions/Seagate Storage Driver.kext

                (com.seagate.driver.PowSecDriverCore)

      /System/Library/Extensions/SierraDevSupport.kext

                (com.sierrawireless.driver.SierraDevSupport)

      /System/Library/Extensions/SierraDIPSupport.kext

                (com.sierrawireless.driver.SierraDIPSupport)

      /System/Library/Extensions/SierraFSRSupport.kext

                (com.sierrawireless.driver.SierraFSRSupport)

      /System/Library/Extensions/SierraHSRSupport.kext

                (com.sierrawireless.driver.SierraHSRSupport)

      /System/Library/Extensions/SierraIPDirect.kext

                (com.sierrawireless.driver.SierraIPDirect)

      /System/Library/Extensions/UsbEthernetGadget.kext

                (com.tomtom.driver.UsbEthernetGadget)

      /System/Library/Extensions/ZTEUSBCDCACMData.kext

                (com.ZTE.driver.ZTEUSBCDCACMData)

      /System/Library/Extensions/ZTEUSBMassStorageFilter.kext

                (com.ZTE.driver.ZTEUSBMassStorageFilter)

      /Library/Audio/Plug-Ins/HAL/iSightAudio.plugin

                (com.apple.iSightAudio)

      /Library/Internet Plug-Ins/DivXBrowserPlugin.plugin

                (com.divx.DivXBrowserPlugin)

      /Library/Internet Plug-Ins/Flash Player.plugin

                (com.macromedia.Flash Player.plugin)

      /Library/Internet Plug-Ins/iPhotoPhotocast.plugin

                (com.apple.plugin.iPhotoPhotocast)

      /Library/Internet Plug-Ins/JavaAppletPlugin.plugin

                (com.apple.java.JavaAppletPlugin)

      /Library/Internet Plug-Ins/OfficeLiveBrowserPlugin.plugin

                (com.microsoft.officelive.browserplugin)

      /Library/Internet Plug-Ins/OVSHelper.plugin

                (com.divx.OVSHelper)

      /Library/Internet Plug-Ins/Quartz Composer.webplugin

                (com.apple.QuartzComposer.webplugin)

      /Library/Internet Plug-Ins/QuickTime Plugin.plugin

                (com.apple.QuickTime Plugin.plugin)

      /Library/Internet Plug-Ins/Yahoo! Installer 3.plugin

                (com.yahoo.installer.3)

      /Library/iTunes/iTunes Plug-ins/Quartz Composer Visualizer.bundle

                (com.apple.QuartzComposer.iTunesPlugIn)

      /Library/PreferencePanes/DivX.prefPane

                (com.divx.divxprefs)

      /Library/PreferencePanes/Flash Player.prefPane

                (com.adobe.flashplayerpreferences)

      /Library/PreferencePanes/Growl.prefPane

                (com.growl.prefpanel)

      /Library/PreferencePanes/NTFSforMacOSX.prefPane

                (com.paragon-software.filesystems.ntfs.prefpanel)

      /Library/QuickTime/AppleIntermediateCodec.component

                (com.apple.AppleIntermediateCodec)

      /Library/QuickTime/AppleMPEG2Codec.component

                (com.apple.AppleMPEG2Codec)

      /Library/QuickTime/DivX Decoder.component

                (com.DivXInc.DivXDecoder)

      /Library/QuickTime/DivX Encoder.component

                (com.DivXInc.DivXCodec)

      /Library/ScriptingAdditions/Adobe Unit Types.osax

                (No bundle ID)

      /Library/Spotlight/AppleWorks.mdimporter

                (com.apple.MDImporter.appleworks)

      /Library/Spotlight/GBSpotlightImporter.mdimporter

                (com.apple.garageband.spotlightimporter)

      /Library/Spotlight/iWork.mdimporter

                (com.apple.MDImporter.iWork)

      /Library/Spotlight/Microsoft Office.mdimporter

                (com.microsoft.MDImporter.Office)


    Extrinsic shared libraries


      /usr/lib/dtrace/libdtrace_dyld.dylib

      /usr/lib/gcc/i686-apple-darwin10/4.0.1/libstdc++.dylib

      /usr/lib/gcc/i686-apple-darwin10/4.2.1/libstdc++.dylib

      /usr/lib/gcc/powerpc-apple-darwin10/4.0.1/libstdc++.dylib

      /usr/lib/gcc/powerpc-apple-darwin10/4.2.1/libstdc++.dylib

      /usr/lib/libLTO.dylib

      /usr/lib/libneon.27.dylib

      /usr/lib/libUFSDNTFS.dylib

      /usr/lib/libXplugin.1.dylib

      /usr/lib/samba/auth/domain.dylib

      /usr/lib/samba/auth/odsam.dylib

      /usr/lib/samba/auth/script.dylib

      /usr/lib/samba/auth/smbserver.dylib

      /usr/lib/samba/auth/unix.dylib

      /usr/lib/samba/auth/winbind.dylib

      /usr/lib/samba/charset/CP437.dylib

      /usr/lib/samba/charset/CP850.dylib

      /usr/lib/samba/charset/macosxfs.dylib

      /usr/lib/samba/idmap/ad.dylib

      /usr/lib/samba/idmap/ldap.dylib

      /usr/lib/samba/idmap/odsam.dylib

      /usr/lib/samba/idmap/rid.dylib

      /usr/lib/samba/libmsrpc.dylib

      /usr/lib/samba/libsmbclient.dylib

      /usr/lib/samba/libsmbsharemodes.dylib

      /usr/lib/samba/pdb/ldapsam.dylib

      /usr/lib/samba/pdb/odsam.dylib

      /usr/lib/samba/vfs/audit.dylib

      /usr/lib/samba/vfs/cacheprime.dylib

      /usr/lib/samba/vfs/cap.dylib

      /usr/lib/samba/vfs/catia.dylib

      /usr/lib/samba/vfs/commit.dylib

      /usr/lib/samba/vfs/darwin_streams.dylib

      /usr/lib/samba/vfs/darwinacl.dylib

      /usr/lib/samba/vfs/default_quota.dylib

      /usr/lib/samba/vfs/expand_msdfs.dylib

      /usr/lib/samba/vfs/extd_audit.dylib

      /usr/lib/samba/vfs/fake_perms.dylib

      /usr/lib/samba/vfs/full_audit.dylib

      /usr/lib/samba/vfs/netatalk.dylib

      /usr/lib/samba/vfs/notify_kqueue.dylib

      /usr/lib/samba/vfs/prealloc.dylib

      /usr/lib/samba/vfs/readahead.dylib

      /usr/lib/samba/vfs/readonly.dylib

      /usr/lib/samba/vfs/recycle.dylib

      /usr/lib/samba/vfs/shadow_copy.dylib


    Restricted user files: 5


    Font problems: 34


    Elapsed time (s): 119

  • by thomas_r.,

    thomas_r. thomas_r. Mar 27, 2014 4:43 AM in response to thomas_r.
    Level 7 (30,944 points)
    Mac OS X
    Mar 27, 2014 4:43 AM in response to thomas_r.

    Actually, I spoke too soon... I've just found three samples of Wirenet.2 that are not currently detected by XProtect. I'll be submitting these to Apple ASAP.

  • by thomas_r.,

    thomas_r. thomas_r. Mar 27, 2014 4:46 AM in response to grazgar
    Level 7 (30,944 points)
    Mac OS X
    Mar 27, 2014 4:46 AM in response to grazgar

    My Other MacBook Pro have started to give me problem as well .

    I can not use the cursor of the mouse.

    The touch pad seems to be broken.

     

    This is probably not related to a Wirenet infection. However, you could try scanning that machine with Dr. Web Light and see if it finds anything.

  • by WZZZ,

    WZZZ WZZZ Mar 27, 2014 6:10 AM in response to thomas_r.
    Level 6 (13,112 points)
    Mac OS X
    Mar 27, 2014 6:10 AM in response to thomas_r.

    thomas_r. wrote:

     

    Actually, I spoke too soon... I've just found three samples of Wirenet.2 that are not currently detected by XProtect. I'll be submitting these to Apple ASAP.

    Just moved over more or less completley to ML from Snow (but with dual booting), where I had been running Sophos for a few weeks, as a bit of limited insurance against exploits against the probably more vulnerable OS that Snow, now unsupported, has become. After hearing this from you (and your earlier conclusions about Apple not getting these things into XProtect sooner or even ever), looks like I'll probably be putting Sophos on the ML too, even though I would have preferred not to. I haven't had any  issues with Sophos, and not a big deal at all, but it does tend to make things hesitate a tiny bit as it runs its checks, along with a brief spike in CPU usage,

  • by thomas_r.,

    thomas_r. thomas_r. Mar 27, 2014 6:23 AM in response to WZZZ
    Level 7 (30,944 points)
    Mac OS X
    Mar 27, 2014 6:23 AM in response to WZZZ

    Yup, increasingly, it's looking like anti-virus software may be necessary. It doesn't look like Apple is putting enough resources towards updating XProtect... one of these samples I found was submitted to the security community via VirusTotal back in July of 2013. Apple should have been able to spot that already, but it isn't blocked by XProtect.

  • by Linc Davis,

    Linc Davis Linc Davis Mar 27, 2014 7:09 AM in response to grazgar
    Level 10 (208,037 points)
    Applications
    Mar 27, 2014 7:09 AM in response to grazgar

    First, the problem with the other computer is not related, and if you can't find a solution by searching the site, please start another thread to address it.

     

    You have two different kinds of malware. One, DownLite, is causing the visible manifestations: popup ads. I posted instructions for removing it.

     

    The other, NetWierd or whatever it's called, probably causes no visible manifestations and was designed to be stealthy, so you would not know it was there. It may have been there much longer than DownLite and may have done serious harm by stealing your Internet passwords, or potentially any other kind of data. I don't have a sample of this malware, but based on your information and what I've been able to gather, I believe you can inactivate it as follows.

     

    1. Delete "Hosts" from the list of login items in Users & Groups.

     

    2. Triple-click the line below on this page to select it, then copy the text to the Clipboard by pressing the key combination  command-C: 

    ~/.install

    In the Finder, select

    Go Go to Folder...

    from the menu bar and paste into the box that opens (command-V). You won't see what you pasted because a line break is included. Press return. A folder named ".install" should open. If it does, move that folder to the Trash. Log out or restart the computer. Empty the Trash.

    The comments that are being made in this thread about the need for "anti-virus" software could not be further from the truth. That kind of software has never protected you and will never protect you from the consequences of downloading illegal material from illegal websites, and then blithely clicking through prompts to install unknown software. If you do things like that, you will continue to be what you are now: meat on the table for Internet criminals. If "DrWeb" makes you feel free to behave that way, then it's making you less safe, not more so.

    I've been an active Internet user since long before "XProtect", and I've never used any kind of anti-virus software. Yet somehow I've managed to avoid being infected. Anyone of normal intelligence can, and must, avoid that danger the same way I do.

  • by WZZZ,

    WZZZ WZZZ Mar 27, 2014 7:18 AM in response to grazgar
    Level 6 (13,112 points)
    Mac OS X
    Mar 27, 2014 7:18 AM in response to grazgar

    You have gotten a knee-jerk anti-A-V purist response aimed at what Thomas and I wrote.

     

    Of course, no A-V will protect you against writing blank checks to any site you choose to visit and download from, as you appear to have done, but it may be a useful tool, limited as it is, nevertheless.

     

    You can be the most conscientious and alert practitioner of safe practices on the Internet, but increasingly, even so called "safe" sites, not just the usual obvious places to pick up malware, are being compromised and hacked in various ways, either directly or through the advertising they run.

Previous Page 2 of 3 last Next