Virus question

Discussion in 'Mac Basics and Help' started by gogoshire, May 9, 2005.

  1. macrumors newbie

    Joined:
    Apr 29, 2005
    #1
    Macs are famous for being almost impervious to viruses, right?

    I downloaded a couple of zip files of programs.

    I've scanned the downloads with Norton (Norton says no problems found in compressed files), but...

    I'm afraid.

    Is this enough? When I open a zip file, I'm eventually going to also have to install a .dmg or an .exe file, right?

    Am I safe? Or is there something else I can do to be safe?

    Thanks for your help!
     
  2. macrumors 65816

    buryyourbrideau

    Joined:
    Mar 1, 2005
    Location:
    Chicago
    #2
    it is totally safe. yes you will have to install. but no .exe files. im pretty sure that apples do not use exe files. i have never had a prob with my comp with all the P2P file sharing i have done. :)
     
  3. macrumors G4

    Applespider

    Joined:
    Jan 20, 2004
    Location:
    looking through rose-tinted spectacles...
    #3
    The zip will likely contain a 'dmg' which is a disk image. Your application will be sitting in there as a 'bundle' with a .app extension that you drag to where you want to run it from (usually Applications). Occasionally, it will have an 'install' icon which will install it there for you.

    Aside from the 'proof of concept' Widgets of Doom or a dodgy installer of Office from the P2P networks, there hasn't been any other malware for OS X

    If you're really concerned, you could have a look on versiontracker for the apps you've downloaded and check through the comments for any reviews that suggest odd behaviour after installation.

    Enjoy your new software...
     
  4. macrumors 68000

    Eniregnat

    Joined:
    Jan 22, 2003
    Location:
    In your head.
    #4
    Mac executables are generally not in zip format, rather bin, hex, sit, .dmg, etc. No exe's to worry about unless your emulating a x86 and running some form of Windows.

    Best advice, watch your sources. Don't install what you don't need if it is suspect.

    Mac's can get undesirable programs running, and social engineering is still the way most computers are engineered. If you don't know where it is from or don't trust the source, then don't use it.

    Macros if your running VB, Trojans (though I haven't seen any for osX), and Java can still cause problems, but it isn't likely that that has happened. You can still transmit viruses, even if your system isn't affected. For instance if you download an infected .exe and post it on your website hosted through your computer, people could still download the infected file. If you download an attachment and send it off to somebody else, you can still infect them.

    Now for the bad news. Not all compressed files can be scanned well. Not all compressed viruses can be detected. Lastly, the best vector for infection is you.

    In all honesty, your safe, especially if your running Norton. Peer to peer is likely safe for Mac users, though there is a lot of garbage out there on the Windows platform.
     
  5. macrumors 68000

    Eniregnat

    Joined:
    Jan 22, 2003
    Location:
    In your head.
    #5
    Your safe, but a healthy amount of fear is good.

    If you are really worried, email the expanded program to your self through Hotmail or someother service that offers free virus check.

    Look, if Symantac isn't really selling a product to you, it is likely that you don't need it.

    Try this. It will check your computer for it's security level. Most PC's fail. It dosn't do a virus check. I can't find a free Mac virus check online, which means there isn't a market for it.

    You can search a virus database here for OS 10 virusus. You won't find any. Part of the reason is how the OS is constructed. There is now way to reliably generate 2 simultainous buffer overflows.
     
  6. macrumors G4

    Applespider

    Joined:
    Jan 20, 2004
    Location:
    looking through rose-tinted spectacles...
    #6
    Interesting. It's insisting that my port 80 is open but my sharing services have nothing checked, and my firewall isn't telling me that it's open. My router doesn't have it forwarded either... hmm, I wonder whether this is worth investigating further...
     
  7. macrumors 603

    rainman::|:|

    Joined:
    Feb 2, 2002
    Location:
    iowa
    #7
    You will know if you have something to worry about, the day a virus for OS X is released, it'll make serious headlines. Relax.

    Altho you're smarter than most PC users for even knowing that viruses can hide in compressed files!
     
  8. Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #8
    It reported all my ports as closed/stealth except for PING. But most of them reported back as closed and not as stealth, which seems strange. One of the other online checks reported these as being in stealth mode. I wonder if it is getting a response (to know my ports are closed, rather than stealth, and that your 80 is open), from the router and not the computer?

    EDIT: After reading Mitthrawnuruodo's post, I should probably add, if my idea is right, what kind of router I have. AEBS.
     
  9. Moderator emeritus

    Mitthrawnuruodo

    Joined:
    Mar 10, 2004
    Location:
    Bergen, Norway
    #9
    Have you updated to Tiger...? When I ran the check I got the green OK (Stealth) on ALL ports... the only open thing was ICMP Ping...
     
  10. macrumors G4

    Applespider

    Joined:
    Jan 20, 2004
    Location:
    looking through rose-tinted spectacles...
    #10
    Yes. I'm on Tiger and I went into Advanced and checked all those 'stealth' boxes etc (all 3 of them basically) but it's only telling me that my ports are closed, not stealthed

    EDIT: A restart (since I can't recall if I restarted my Mac after making the Advanced changes to the firewall) has resulted in me having a few ports stealthed (up from none) but port 80 still showing as open along with the PING
     
  11. thread starter macrumors newbie

    Joined:
    Apr 29, 2005
    #11
    Thanks for all the answers, everyone.

    I think that since the programs I downloaded are .zip, they are probably PC versions and not Mac anyway!

    At least now I know I don't need to be so worried.

    Thanks Eniregnat for telling me about that great Symantec scan site. I'm all good except for my Ping being open... What does that mean, anyway? Isn't it some sort of firewall thing? Do I want it closed? If so, how can I close it?
     
  12. macrumors 68040

    plinden

    Joined:
    Apr 8, 2004
    #12
    Great! For PCs it's an ActiveX download, so you have to use MSIE - a security risk to check for security risks? And it tells me I don't have a virus checker installed although I do. It's just not Norton anitvirus.
     
  13. macrumors regular

    Kerry Sanders

    Joined:
    Apr 25, 2005
    Location:
    Hayden, AL
    #13
    That is not necessarily the case. I downloaded a new widget today that was in .zip format. :)
     

Share This Page