Accidental install of malware/spyware

Similar Messages

• Do I need to have any type of anti-virus or malware, spyware protection for my Macbook Pro?

  My Macbook is a year old. When I bought it, I was told by several people that I would not need any type of anti-virus software or anything to protect my computer because Mac did not get infected that often. However, I have had people today tell me that I do need protection for my computer. My Mac runs about as good as the day I got it, but I really don't want anything to happen to it. If I need to get an anti-virus, or malware/spyware software, what programs would y'all recomend? I am just looking for information. Thanks!

  1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
  If you find this comment too long or too technical, read only sections 5, 6, and 10.
  OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disable, sandboxing, system library randomization, and address space layout randomization that may also guard against other kinds of exploits.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user, but internally Apple calls it "XProtect." The malware recognition database is automatically checked for updates once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets.
  It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  3. Starting with OS X 10.7.5, there has been a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't necessarily been tested by Apple, but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. That may not mean much if the developer lives in a country with a weak legal system (see below.)
  Gatekeeper doesn't depend on a database of known malware. It has, however, the same limitations as XProtect, and in addition the following:
  It can easily be disabled or overridden by the user.
  A malware attacker could get control of a code-signing certificate under false pretenses, or could simply ignore the consequences of distributing codesigned malware.
  An App Store developer could find a way to bypass Apple's oversight, or the oversight could fail due to human error.
  For the reasons given above, App Store products, and other applications recognized by Gatekeeper as signed, are safer than others, but they can't be considered absolutely safe. "Sandboxed" applications may prompt for access to private data, such as your contacts, or for access to the network. Think before granting that access. OS X security is based on user input. Never click through any request for authorization without thinking.
  4. Starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background when you update the OS. It checks for, and removes, malware that may have evaded the other protections via a Java exploit (see below.) MRT also runs when you install or update the Apple-supplied Java runtime (but not the Oracle runtime.) Like XProtect, MRT is presumably effective against known attacks, but maybe not against unknown attacks. It notifies you if it finds malware, but otherwise there's no user interface to MRT.
  5. XProtect, Gatekeeper, and MRT reduce the risk of malware attack, but they're not absolute protection. The first and best line of defense is always your own intelligence. With the possible exception of Java exploits, all known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
  That means, in practice, that you never use software that comes from an untrustworthy source, or that does something inherently untrustworthy. How do you know what is trustworthy?
  Any website that prompts you to install a “codec,” “plug-in,” "player," "extractor," or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
  A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  Pirated copies or "cracks" of commercial software, no matter where they come from, are unsafe.
  Software of any kind downloaded from a BitTorrent or from a Usenet binary newsgroup is unsafe.
  Software that purports to help you do something that's illegal or that infringes copyright, such as saving streamed audio or video for reuse without permission, is unsafe. All YouTube "downloaders" are in this category, though not all are necessarily harmful.
  Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. If it comes from any other source, it's unsafe.
  Even signed applications, no matter what the source, should not be trusted if they do something unexpected, such as asking for permission to access your contacts, your location, or the Internet for no obvious reason.
  6. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was always a bad idea, and Java's developers have proven themselves incapable of implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style virus affecting OS X. Merely loading a page with malicious Java content could be harmful.
  Fortunately, client-side Java on the Web is obsolete and mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice. Forget about playing games or other non-essential uses of Java.
  Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a task on a specific site, enable Java only for that site in Safari. Never enable Java for a public website that carries third-party advertising. Use it only on well-known, login-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
  Follow the above guidelines, and you’ll be as safe from malware as you can practically be. The rest of this comment concerns what you should not do to protect yourself from malware.
  7. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, if they do any good at all. Any database of known threats is always going to be out of date. Most of the danger is from unknown threats. If you need to be able to detect Windows malware in your files, use the free software  ClamXav— nothing else.
  Why shouldn't you use commercial "anti-virus" products?
  Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
  In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
  8. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
  A Windows malware attachment in email is usually easy to recognize. The file name will often be targeted at people who aren't very bright; for example:
  ♥♥♥♥♥♥♥♥♥♥♥♥♥♥!!!!!!!H0TBABEZ4U!!!!!!!.AVI♥♥♥♥♥♥♥♥♥♥♥♥♥♥.exe
  ClamXav may be able to tell you which particular virus or trojan it is, but do you care? In practice, there's seldom a reason to use ClamXav unless a network administrator requires you to run an anti-virus application.
  9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.
  10. As a Mac user you don't have to live in fear that your computer is going to be infected every time you install an application, read email, or visit a web page. But neither should you have the false idea that you will always be safe, no matter what you do. The greatest harm done by security software is precisely its selling point: it makes people feel safe. They may then feel safe enough to take risks from which the software doesn't protect them. Nothing can lessen the need for safe computing practices.

• Which malware spyware removal I can use for professional aims(I mean to clean viruses of my customers)!

  hi,
  I know there is good anti malware spyware softwares in the markt .
  I am going to start computer service for homes .so I wonder if my customers computer is infected with malware or spyware which product I have to use to clean its computer from malware and spyware in a short time
  (because i tried bitdefender with quick scan it could not find anything and with system scan it found 46 malwares, but it took 2 hours of a time and in the end the computer had stiil problems and was not cleaned from malwares).
  now I like to ask expertise people which software I acn use for this purpose and I want to use on every customer computer of mijn. but I want it not to be very expensive and also a little faster than 2 hours.
  thanks
  johan
  h.david

  Well David the best way to stop these issues is to never let them happen.
  Hook people up with a fresh install of Windows with certified drivers and create a backup for them.
  Firefox is a great browser with ad-block plus and many other useful extensions for everyone.
  It is very hard to fix these issues once they take over your machine and educate them about what not to click on like false flash player updates.

• I have macbook pro and am on OS X Yosemite 10.10.2 . I am having lot of warning message on my browser that my computer is infected with malware/spyware and use mackeeper. How do I solve this issue . This is happening more on chrome and Safari browser

  I have macbook pro and am on OS X Yosemite 10.10.2 . I am having lot of warning message on my browser that my computer is infected with malware/spyware and use mackeeper. How do I solve this issue . This is happening more on chrome and Safari browser

  There is no need to download anything to solve this problem. You may have installed a variant of the "VSearch" ad-injection malware. Follow Apple Support's instructions to remove it.
  If you have trouble following those instructions, see below.
  Malware is always changing to get around the defenses against it. This procedure works as of now, as far as I know. It may not work in the future. Anyone finding this comment a few days or more after it was posted should look for a more recent discussion, or start a new one.
  The VSearch malware tries to hide itself by varying the names of the files it installs. To remove it, you must first identify the naming pattern.
  Triple-click the line below on this page to select it, then copy the text to the Clipboard by pressing the key combination  command-C:
  /Library/LaunchDaemons
  In the Finder, select
            Go ▹ Go to Folder...
  from the menu bar and paste into the box that opens by pressing command-V. You won't see what you pasted because a line break is included. Press return.
  A folder named "LaunchDaemons" may open. Look inside it for two files with names of the form
            com.something.daemon.plist
  and
             com.something.helper.plist
  Here something is a variable string of characters, which can be different in each case. So far it has always been a string of letters without punctuation, such as "cloud," "dot," "highway," "submarine," or "trusteddownloads." Sometimes it's a meaningless string such as "e8dec5ae7fc75c28" rather than a word. Sometimes the string is "apple," and then you must be especially careful not to delete the wrong files, because many built-in OS X files have similar names.
  If you find these files, leave the LaunchDaemons folder open, and open the following folder in the same way:
  /Library/LaunchAgents
  In this folder, there may be a file named
            com.something.agent.plist
  where the string something is the same as before.
  If you feel confident that you've identified the above files, back up all data, then drag just those three files—nothing else—to the Trash. You may be prompted for your administrator login password. Close the Finder windows and restart the computer.
  Don't delete the "LaunchAgents" or "LaunchDaemons" folder or anything else inside either one.
  The malware is now permanently inactivated, as long as you never reinstall it. You can stop here if you like, or you can remove two remaining components for the sake of completeness.
  Open this folder:
  /Library/Application Support
  If it has a subfolder named just
             something
  where something is the same string you saw before, drag that subfolder to the Trash and close the window.
  Don't delete the "Application Support" folder or anything else inside it.
  Finally, in this folder:
  /System/Library/Frameworks
  there may an item named exactly
              v.framework
  It's actually a folder, though it has a different icon than usual. This item always has the above name; it doesn't vary. Drag it to the Trash and close the window.
  Don't delete the "Frameworks" folder or anything else inside it.
  If you didn't find the files or you're not sure about the identification, post what you found.
  If in doubt, or if you have no backups, change nothing at all.
  The trouble may have started when you downloaded and ran an application called "MPlayerX." That's the name of a legitimate free movie player, but the name is also used fraudulently to distribute VSearch. If there is an item with that name in the Applications folder, delete it, and if you wish, replace it with the genuine article from mplayerx.org.
  This trojan is often found on illegal websites that traffic in pirated content such as movies. If you, or anyone else who uses the computer, visit such sites and follow prompts to install software, you can expect more of the same, and worse, to follow. Never install any software that you downloaded from a bittorrent, or that was downloaded by someone else from an unknown source.
  In the Security & Privacy pane of System Preferences, select the General tab. The radio button marked Anywhere  should not be selected. If it is, click the lock icon to unlock the settings, then select one of the other buttons. After that, don't ignore a warning that you are about to run or install an application from an unknown developer.
  Then, still in System Preferences, open the App Store or Software Update pane and check the box marked
            Install system data files and security updates (OS X 10.10 or later)
  or
            Download updates automatically (OS X 10.9 or earlier)
  if it's not already checked.

• I had all my software, including my 'Adobe Creative Suite 4 Design Premium' removed from my MacPro (OSX 10.10.2) by a Computer technician after I had inadvertently installed some malware. Now I can't reinstall my CS4 because the installer software wants m

  I had all my software, including my ‘Adobe Creative Suite 4 Design Premium’ removed from my MacPro (OSX 10.10.2) by a Computer technician after I had inadvertently installed some malware.
  Now I can’t reinstall my CS4 because the installer software wants me to identify the product from which I am upgrading, but mine isn’t on the list. The old product from which I am upgrading is called ‘Adobe Design Collection’. Furthermore, it has 4 serial numbers (one each for Photoshop, InDesign, Acrobat and Illustrator), not just one, as the installer requires.
  I know this can be done, as I have had it working for a long time. Am I doing something wrong now?

  Contact support be web chat and have them generate a working temporary serial/ challenge code for the install.
  Mylenium

• My Macbookpro has turned into microsoft windows and lost all data, how do I recover it with my windows 7 still inside? I accidentally install directly, Help please...

  My Macbookpro has turned into microsoft windows and lost all data, how do I recover it with my windows 7 still inside? I accidentally install directly, Help please...

  ok turn it off manually and turn it back on while holding the apple logo bottor or the function botton this will give you  an option to choose if you want to startup with osx ow windows. let me know if this works
  <Email Edited By Host>

• OS X wouldn't install after accidentally installing Windows over it

  My sister attempted to install Windows XP on her Macbook Pro using boot camp but some how accidentally installed Windows over OS X. I used Disk Utility to erase the drive and reformat it back to "Mac OS Extended (Journaled)" but I get the following error when trying to install OS X:
  +"Install Failed+
  +Mac OS X could not be installed on your computer+
  +The Installer cannot prepare the volume for installation. You may need to prepare your disk using Disk Utility.+
  +Click Restart to restart your computer and try installing again."+
  Am I doing something wrong? Is there a problem setting or hardware wise?

  Welcome to Apple Discussions:
  In addition to formatting, you need to be sure the disk is partitioned GUID for an Intel machine.
  Boot into Leopard DVD and run disk utility again and repartition it and format it at the same time. Because of the bootcamp issue, you might be better making two partitions first and then making one to be sure that the entire disk has a single GUID/HFS+ partition/format scheme.

• How do you remove malware/spyware on MacBook Pro?

  Hi, I think I might have picked up malware/spyware when I had a spoofing/phishing incident while trying to purchase an item online. I ended up noticing that when I go to other websites such as Ebay, when I attempt to make a purchase, I am redirected to a page that gives me a warning that I am not in a safe site and there is a button that redirects me to "Return to Safety". It seems that my ability to make any purchase is blocked. How do I remove this malware/spyware on my MacBook Pro? I have a 2011 edition with OS X 10.9.5 with a processor 2 Ghz Intel Core i7. I also started noticing that when I go to certain websites, i.e. Ebay, the layout looks very different from what I'm used to. I also noticed that my computer is running really slow, it takes a lot longer to load pages. I am really concerned that I picked up some really bad stuff that could be very dangerous.  I cleared my caches and went ahead and changed my passwords to my various accounts online but other than that what else can I do to protect myself? Is there a way to identify and isolate where the problem is? and what I can do to remove it? Thanks soooo much.

  It is a phishing scam pop-up.
  Helpful Links Regarding Malware Problems
  If you are having an immediate problem with ads popping up see The Safe Mac » Adware Removal Guide, remove adware that displays pop-up ads and graphics on your Mac, and AdwareMedic. If you require anti-virus protection Thomas Reed recommends using ClamXAV. (Thank you to Thomas Reed for this recommendation.) You might consider adding this Safari extensions: Adblock Plus 1.8.9.
  Open Safari, select Preferences from the Safari menu. Click on Extensions icon in the toolbar. Disable all Extensions. If this stops your problem, then re-enable them one by one until the problem returns. Now remove that extension as it is causing the problem.
  The following comes from user stevejobsfan0123. I have made minor changes to adapt to this presentation.
  Fix Some Browser Pop-ups That Take Over Safari.
  Common pop-ups include a message saying the government has seized your computer and you must pay to have it released (often called "Moneypak"), or a phony message saying that your computer has been infected, and you need to call a tech support number (sometimes claiming to be Apple) to get it resolved. First, understand that these pop-ups are not caused by a virus and your computer has not been affected. This "hijack" is limited to your web browser. Also understand that these messages are scams, so do not pay any money, call the listed number, or provide any personal information. This article will outline the solution to dismiss the pop-up.
  Quit Safari
  Usually, these pop-ups will not go away by either clicking "OK" or "Cancel." Furthermore, several menus in the menu bar may become disabled and show in gray, including the option to quit Safari. You will likely have to force quit Safari. To do this, press Command + option + esc, select Safari, and press Force Quit.
  Relaunch Safari
  If you relaunch Safari, the page will reopen. To prevent this from happening, hold down the 'Shift' key while opening Safari. This will prevent windows from the last time Safari was running from reopening.
  This will not work in all cases. The shift key must be held at the right time, and in some cases, even if done correctly, the window reappears. In these circumstances, after force quitting Safari, turn off Wi-Fi or disconnect Ethernet, depending on how you connect to the Internet. Then relaunch Safari normally. It will try to reload the malicious webpage, but without a connection, it won't be able to. Navigate away from that page by entering a different URL, i.e. www.apple.com, and trying to load it. Now you can reconnect to the Internet, and the page you entered will appear rather than the malicious one.

• Accidentally installed Partition Structure Hotfix twice

  I accidentally installed the Partition Structure Hotfix (http://support.lenovo.com/us/en/downloads/ds033035) twice (once before a OneKey Recovery, and once after), and now OneKey Recovery won't work. I also get a notification from Intel Rapid Start Technology Manager saying, "Your system does not appear to have Intel Rapid Start Technology enabled."
  Can you help me undo this?

  I accidentally installed the Partition Structure Hotfix (http://support.lenovo.com/us/en/downloads/ds033035) twice (once before a OneKey Recovery, and once after), and now OneKey Recovery won't work. I also get a notification from Intel Rapid Start Technology Manager saying, "Your system does not appear to have Intel Rapid Start Technology enabled."
  Can you help me undo this?

• Is it worth installing anti malware software on my mac?

  Is it worth installing anti malware software on my Mac?

  The best defense against malware is common sense.
  If you didn't ask for something, don't accept it.
  If browsing web and told to update something, never click yes.  Always
  go to the vendor site for the item in question and verify that there is indeed an update.
  Only download apps directly from a vendor site or from the MacApp Store.
  Never, ever click links in emails unless it is a verification type from a site that you are
  expecting to receive one from.  Always go directly to a site in question.  Phishers
  can be very sophisticated in creating "official" looking emails and even very "official"
  looking webpages that those links lead you to in hopes of extorting important personal
  information.

• I'm using macbook pro 13 inches,i want to format my macbook because i accidentally installed somethings in my mac and now every time i surf the internet will have many advertisement come out.my mac version is 10.9

  I'm using macbook pro 13 inches,i want to format my macbook because i accidentally installed somethings in my mac and now every time i surf the internet will have many advertisement come out.my mac version is 10.9 and i dont have any dvd for format the mac.please help me to solve .

  If for some reason you still wish to reformat your HDD/SSD, this video will be very helpful.
  Mavericks Clean Install Walkthrough

• My 250 Seat License was accidentally installed as a trial version.

  My 250 Seat License was accidentally installed as a trial version.  Now it hangs when trying to activate. It sticks at the sign in screen.

  Hi Travers Toohey,
  Your proxy network can cause this issue but you can try updating AAM as sometimes updating AAM fixes this kind of hangs in Sign in process.
  You can download AAM from this Link
  http://www.adobe.com/support/downloads/thankyou.jsp?ftpID=4774&fileID=4438
  regards,
  Abhijit

• HT1338 My Mac has asked me to install Flashback malware removal tool!??  Should I?

  My Mac has asked me to install Flashback malware removal tool!?!?  Is that OK?  Should I do it?

  If it is Software Update asking you, then yes, you should do it.  It will remove Flashback, if you happen to be infected, and then tighten down security on Java on your machine, to prevent future infections that may use as-yet undiscovered Java vulnerabilities.

• Help!! accidentally install OSX Tiger into my backup harddisk!!

  Help! accidentally install OSX Tiger into my backup harddisk!!
  i lost all my backup files, work, my life! i have 2 HDD and one is suppose to be installed onto and the other one is my backup hdd..
  what happened is i selected onto the wrong hard-disk...
  is there anything i can do to recover back files that i installed over osx?
  any suggestion much appreciated

  Hi Ma'e, Welcome to Apple Discussions.
  Installing OS X should not overwrite your files unless you chose "erase and install". If you chose "Archive and install" look for a folder on the top level of your hard drive called "Previous System".
  If you did an "erase and install", If there is any chance of recovery at all your best bet is Prosoft Data Rescue. There is a free trial to see if it can recover what you need. But don't do another process on that drive until you've downloaded and run it. Also, a service that has been recommended but I cannot personally endorse is DriveSavers.
  -mj
  [email protected]

• Are downloaded photos safe from malware/spyware?

  I'm getting ready to set up a website in which I will download photos from a hosting site to my Macbook. Before now, I trusted everyone/site I downloaded photos/info from. Now, is there any reason for me to be concerned about malware/spyware when downloading photos from this hosting site, which is very reputable? All the photos will be in .jpg format. Most will probably come from PCs, however. I have read some previous posts that malware/spyware is very unlikely on real .jpg-format photos, but I'm just checking.

  What is the site from where you are downloading photos? If they come with malware (I doubt it), it won't affect to your computer because they would come with Windows viruses, so your Mac won't be affected by these files. If you want more information about OS X and malware, see > http://www.thesafemac.com/mmg