I recieved a message on my MacBookPro: "The last website you visited has infected your Mac with a virus. Press OK to begin the repair process."
The URL for repair is "http://apple.com-officialmessage.com"
Is that a valid URL for virus repair? Or is it a scam of some kind?
Thanks for all advice.
iPhoto '11, Mac OS X (10.6.8)
It's a scam.
Force Quit browser ( command + option + esc keys). Then, Relaunch Safari holding the shift key. Then, turn off Safari extensions (Safari menu > Preferences > Extensions)
Then download and runMalwareBytes. Malwarebytes was developed by one of our own colleagues here in ASC. It gets rave reviews and is about the most proven anti-malware software for Mac.
Don't use any kind of "anti-virus" or "anti-malware" product on a Mac. There is never a need for it, and relying on it for protection makes you more vulnerable to attack, not less.
Your problem is not caused by a "virus." It's a Web scam that only affects the browser, and only temporarily. There are several ways to recover.
1. If you're running Safari 9.1 or later, just close the window or tab. Then go to Step 6.
2. If you're running an older version of Safari, the easiest thing to do is to force quit the browser. Relaunch it by holding down the shift key and clicking its icon in the Dock, the LaunchPad, or the Applications folder.
You will lose the state of other open tabs and windows. Either Step 3, Step 4, or Step 5 may enable you to keep that state information. If those steps don't work, fall back to Step 2.
3. If there is a checkbox in the popup marked
Don't show more alerts from this web page
check it, then close the popup.
4. Press the key combination command-W to close the tab or window. A huge box will pop up. Press the return key and both the box and the page may close. If that doesn't happen, press and hold command-W. You may hear repeating alert sounds. While holding the keys, click the OK button in the popup. A different popup may appear, which you can cancel out of as usual.
5. From the Safari menu bar, select
Safari ▹ Preferences... ▹ Security
and uncheck the box marked Enable JavaScript.
6. After closing the malicious page, select from the menu bar
Safari ▹ Preferences... ▹ Privacy ▹ Remove All Website Data
to get rid of any cookies or other data left by the server. Open the Downloads folder and delete anything you don't recognize.
MalwareBytes is being used by Apple Geniuses at Apple Stores. It is also recommended by Apple Community Hosts here in the forums, as well as by Apple Telephone Support agents. And is recommended by most higher level contributors here.
I have forced the computer to turn off with the keyboard button. When I turn the MacBookPro back on, the same box comes on the screen and the computer is frozen. I see only the message. No menu items can be opened.
I have turned off the computer with the keyboard ON/OFF button. When I turn it back on, the compter is frozen. I cannot use any menu items or change browzers. ??
Shut down by command+control+Power Button on your Mac. Or Shutdown by holding Power Button on your Mac for 5 seconds
MacJack--Force Quit Applications box comes up. But Force Quit does not function. The desktop is frozen.
Malwarebytes is in fact being recommended but that doesn't mean it's going to resolve all issues. It was recommended when it was AdwareMedic prior to being purchased by MBAM and the recommendation simply adhered. Nonetheless, as Linc mentioned, there is no malware on the Mac and therefore the utility won't pick up on it. This, like many other faux infections whilst in Safari, is just a coyly designed web page to freak people out and is generally easy enough to get rid of. Nine out of ten, if Linc posts about it, he's right and his advice should be followed. Not to knock anyone else who's providing effort toward a community resolution, I've just been around enough to see the evidence.
No, of course not. I meant it for assurance there was no presence of a virus. Then, after hearing a false warning statement about, "Never run an anti-malware product on a Mac", I felt forced to debunk it.
Interesting discussion about malware and anti-malware programs----HOWEVER, since my MacBookPro is frozen--the discussion really didn't help.
I have turned the computer off. I will try turning in it back on Sunday evening or Monday. Maybe it will be cured, or maybe not.
Thanks again.
While I am not going to say that there are no true Unix based viruses or that there can't be any in the future, what was stated is actually true, for the most part. You can run AV software on your Mac if you wish. However, the best security you can have on it is updated software. OS X has built in security measures (Gatekeeper and SIP) that, if you're able to bypass, you've long since rendered any 3rd party AV software moot. So, the only thing it's really doing is using system resources while adding a false sense of security. You can still install malware or unwanted applications bundled with a desired app (rogue Flash player, Mackeeper, etc.) all day long - with or without AV. Additionally, I believe the 'more vulnerable' component comes from applications such as Mackeeper and Clean My Mac, etc. that, while not mainstream AV, tend to bring friends along like Genieo and other extensions that, while telling you they're good for your Mac, are actually quite the opposite.
Hi Ian, I understand and agree with you. That's the problem with all AV software, they cannot keep up with the virus definitions. Of course for Mac, there are no known viruses, so AV software at best useless and at worst, a nightmare. However, I'm not talking about AV software here, I'm only talking about malware software and specifically MB. Also, I'm not suggesting keeping it running in the background, but only using it the way Apple uses it.
IanM. wrote:
there is no malware on the Mac and therefore the utility won't pick up on it.
Tell that to folks who got infected with the KeRanger ransomware and had all their files encrypted, just to name the most recent example. Mac malware is rare, but Malwarebytes Anti-Malware for Mac will definitely detect it if it's present. It will also detect other threats, such as adware.
However, all this is moot, because what happened was not caused by malware. It sounds like this is a case of a tech support scam message (which is just a scam website, and not malware) that has revealed a larger issue with the machine itself (inability to start up properly). If the machine is frozen and cannot be used in any way (not just the web browser), jangle2 should probably contact Apple for assistance.
I meant in this instance. I didn't mean to imply that there is no malware on any Mac. Malwarebytes (Adware Medic) is a great utility - and the only 3rd party utility to (ever) be specifically suggested by Apple to help keep your Mac safe. That says a lot for it, in my opinion.
While I am not going to say that there are no true Unix based viruses or that there can't be any in the future, what was stated is actually true, for the most part. You can run AV software on your Mac if you wish. However, the best security you can have on it is updated software. OS X has built in security measures (Gatekeeper and SIP) that, if you're able to bypass, you've long since rendered any 3rd party AV software moot. So, the only thing it's really doing is using system resources while adding a false sense of security.
There is certainly some dodgy advice on these forums, so I could understand why you would think that, but it's not accurate. The biggest plague on the Mac at this point in time is adware, and OS X's built-in technology do next to nothing to stop it. Sometimes the adware is signed with a Developer ID, so Gatekeeper won't flag it unless manually set to the "Mac App Store only" setting. SIP won't stop it, either, because it doesn't require access to any of the folders that SIP covers. Apple has not taken many steps to block adware. The only exception I'm aware of is adding a definition for the DownLite adware to XProtect, but that is because it crossed the line from adware into true malware.
I received a msg. on MacBookPro: Virus Found--Press OK to begin repair.
