is there an apple/mac approved virus scan product? i need to do one

There is not an official Apple-approved anti-virus program. A good one is the free program, ClamXAV from the Mac App Store. Does the best job with the least hinderance.

No, there is not. OS X has its own protection built-in and updated by Apple when you install system updates. You do not need to install any protection yourself. Browser malware is not a virus.

Helpful Links Regarding Malware Problems

If you are having an immediate problem with ads popping up see The Safe Mac » Adware Removal Guide, remove adware that displays pop-up ads and graphics on your Mac, and AdwareMedic. If you require anti-virus protection Thomas Reed recommends using ClamXAV. (Thank you to Thomas Reed for this recommendation.) You might consider adding this Safari extensions: Adblock Plus 1.8.9.

Open Safari, select Preferences from the Safari menu. Click on Extensions icon in the toolbar. Disable all Extensions. If this stops your problem, then re-enable them one by one until the problem returns. Now remove that extension as it is causing the problem.

The following comes from user stevejobsfan0123. I have made minor changes to adapt to this presentation.

Fix Some Browser Pop-ups That Take Over Safari.

Common pop-ups include a message saying the government has seized your computer and you must pay to have it released (often called "Moneypak"), or a phony message saying that your computer has been infected, and you need to call a tech support number (sometimes claiming to be Apple) to get it resolved. First, understand that these pop-ups are not caused by a virus and your computer has not been affected. This "hijack" is limited to your web browser. Also understand that these messages are scams, so do not pay any money, call the listed number, or provide any personal information. This article will outline the solution to dismiss the pop-up.

Quit Safari

Usually, these pop-ups will not go away by either clicking "OK" or "Cancel." Furthermore, several menus in the menu bar may become disabled and show in gray, including the option to quit Safari. You will likely have to force quit Safari. To do this, press Command + option + esc, select Safari, and press Force Quit.

Relaunch Safari

If you relaunch Safari, the page will reopen. To prevent this from happening, hold down the 'Shift' key while opening Safari. This will prevent windows from the last time Safari was running from reopening.

This will not work in all cases. The shift key must be held at the right time, and in some cases, even if done correctly, the window reappears. In these circumstances, after force quitting Safari, turn off Wi-Fi or disconnect Ethernet, depending on how you connect to the Internet. Then relaunch Safari normally. It will try to reload the malicious webpage, but without a connection, it won't be able to. Navigate away from that page by entering a different URL, i.e. www.apple.com, and trying to load it. Now you can reconnect to the Internet, and the page you entered will appear rather than the malicious one.

It may be your router is wide open and other people are using your Internet connection to download movies, etc.

Until recently, most broadband routers/modems came preset with very common user IDs and passwords to enter the configuration pages. All anyone needs to do is get close enough to the strongest wireless signal and put 192.168.0.1 into their browser's URL and see if they get a message to access the router. There's only a few easy presets to try. Once into your router's setting pages, they can see your wireless security code, login to your router and use your bandwidth.

Check the manual for your router. If the defaults are something like this…

Admin ID: (blank)

Password: admin

…then it's incredibly easy for others to steal your bandwidth. If this is correct, enter the router's setup pages via your web browser. Check the manual for the IP address to enter. It will typically be either 192.168.0.1, or 192.168.1.1 . When you get in, turn off the wireless signal first. That will instantly cut access to anyone riding on your bandwidth and will prevent them from seeing what you are about to change.

Make sure the wireless security is set to WPA2. If WEP is all your router supports, replace it. WEP can be broken in seconds. Change the wireless password to something obnoxious, like 3Y6nl3tuGIHn4ObobZ5VkhNP . The longer, the better. Don't use words or names. Passwords like this literally take billions of years to break. Write the new password down or print it out. You'll need it yourself to update all wireless equipment in your home that connects to your router.

Do not turn your wireless signal back on yet. Go to the page where you can set the admin name and password. Change the password to something difficult. Save the changes. Usually, the router will restart after writing the new data to its NVRAM. Enter the router again using your new password. Turn wireless back on. Update your devices to the new password.

If you forget your admin password at some point, there's always a way to reset the router back to factory condition. You can never truly lock yourself out of your own router.

What device are you plugging your Ethernet cable into? That is, brand and model. Such as a LinkSys WRT1200AC. Others here can then download a PDF manual and see what kind of settings you can access. If you have broadband of either kind (cable or DSL), you have a modem that doubles as a router. Or at least it's likely. Few companies use straight modems anymore (no router capability).

No way to know until you answer some of Kappy's or my questions/suggestions. Can't help any further without information.

http://www.thesafemac.com/mmg/

It may be possible that you are included in a BOTNET or the like and are sending whatever.

I use Intego security software which I purchased from Apple. Previously had Norton which I also purchased from Apple - but did not like.

As any security software will tell you - it will find out if you have a know problem. Each update adds additional know problems/.

The following site is a security listing of latest scams and may be of help to you... http://scamicide.com/

notcloudy wrote:

It may be possible that you are included in a BOTNET or the like and are sending whatever.

There are no currently known functional botnets on the Mac. There are Macs that are still infected with old, non-functional botnet malware, caught several years ago. However, the command & control servers used by such malware have been taken down by now, thus the botnets are no longer active.

The problems being described here are not caused by a botnet, unless it's a brand new unknown botnet, in which case no anti-virus software will detect it anyway.

thomas_r. wrote:There are no currently known functional botnets on the Mac. There are Macs that are still infected with old, non-functional botnet malware, caught several years ago. However, the command & control servers used by such malware have been taken down by now, thus the botnets are no longer active.

The problems being described here are not caused by a botnet, unless it's a brand new unknown botnet, in which case no anti-virus software will detect it anyway.

If a scan shows no existing malware - than it can be new malware not reported yet - that is when you open a discussion with your security software company to try and find the source.

Something is using the OP's internet connection either old and tweaked or shiny new - he needs to find it.

notcloudy wrote:

Something is using the OP's internet connection either old and tweaked or shiny new - he needs to find it.

Neither of the problems reported by mac reporter are likely to be caused by malware. Looking for solutions in that direction is unlikely to help. It's far more likely that her web host is triggering on some kind of false positive, and that there's something perfectly ordinary going on with the unexplained bandwidth usage. But we won't be able to get to the bottom of that without responses containing information that has been requested on both of her topics posted here.