Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

virus/spyware concerns...

N

nicksmith

macrumors newbie
Original poster
Feb 6, 2009
1
0
hey folks...

im pretty new to mac and the os. i use a mac book pro, spend a bit of time online mostly researching, reading, seeking designs and what not, no porn, and very occasional torrent downloads, so nothing too shady. my pute has been acting a little strangely at times, mostly resolved and my peace of mind restored with a reboot. the other day however all programs closed down one at a time and software updates was initiated without my permission. the computer has naturally slowed a bit since purchase 11 months ago, but i think beyond what i expected considering the specs i added at purchase. what program should i use to run a scan on my mac? viruses are a threat for the mac nowadays right? is there a chance my slower performance is related ot virus/spyware? disk utilities to clean up grime in computer back alleys?

thanks for having me in.
n ' k
 
Welcome, but please actually search, oh, say, Google, before posting here. :)

Because there are no viruses.

And there is no spyware.

There are trojans, but you cannot get them unless you install something when you don't explicitly know what it is and where it came from.

There are torrents now with trojans attached to them. Come clean: Did you install iWork '09 or CS4?
 
As Tallest Skil (and Forum Rules) says, search before posting. Using MRoogle to search the forums will many times reveal threads related to your question that the standard forum search misses. You'll find all the answers, comments, suggestions, recommendations and opinions you can stand by looking in those.

From the Forum FAQ:
To start a new thread:
1. Browse or search the forums to see if there is already a thread on the topic. If so, post there instead of creating a new thread.
Click to expand...
 
1. Don't download software via torrents. Unless you are 100% of the source (i.e., *unix .iso images)

2. Don't run in admin mode for daily tasks. System Preferences>Accounts and make a new admin account. Log into the new account and make your account a Standard Account. Also add passwords to each account. You will have to enter a username/password each time you install software, but this has the potential to stop a virus/trojan from infecting you.

3. Enable Firewall (optional). Some says a router firewall is enough to protect you. I like having both, just in case. So I enable "Allow only essential services" under System Preferences>Security>Firewall

4. Run LittleSnitch (optional). Shows you incoming and outgoing connections from your computer.

There is no need for virus protection if you follow those four steps, refrain from surfing shady sites.




nicksmith said:
my pute has been acting a little strangely at times, mostly resolved and my peace of mind restored with a reboot. the other day however all programs closed down one at a time and software updates was initiated without my permission.
Click to expand...

Software updates are, I believe, checked on a weekly basis. It also automatically downloads important updates so all you have to do is install the update.
 
MarkMS said:
2. Don't run in admin mode for daily tasks. System Preferences>Accounts and make a new admin account. Log into the new account and make your account a Standard Account. Also add passwords to each account. You will have to enter a username/password each time you install software, but this has the potential to stop a virus/trojan from infecting you.
Click to expand...

Why does this matter? I am the only user on my mac and I am obviously the admin. So my account is on all the time.
 
Roofy. said:
Why does this matter? I am the only user on my mac and I am obviously the admin. So my account is on all the time.
Click to expand...

A few years ago (2006?), someone started to spread a file that supposedly contained exclusive Leopard screenshots. Turned out it was some sort of worm known as OSX.Leap.A. When people would open the file and double-click the pictures, the admin dialog would pop up. Why would you need admin privileges to see a picture? Anyway, long story short ... non-admin users were more protected. Within admin accounts, the worm was able to run without the user knowing what just happened.

It's not about whether you are the only one on the machine or not. It's to keep malicious software from installing or running itself in the background without you knowing. And the password is to keep the software from bruteforcing its way through. First thing they will check for is whether or not you have a password. If there is no password, then there's no point in going through all this trouble.
 
Roofy. said:
Why does this matter? I am the only user on my mac and I am obviously the admin. So my account is on all the time.
Click to expand...

OS X is Unix-like at it's base. Previously, there was an account known as 'root' which has god access to the machine. It can do anything and everything. It can delete all userspace, it can delete the OS, it can install any application, good, bad or malignant.

You want to use a user account for normal use, and only switch to admin/root when you need it. When you try to install something, you will be prompted for the username and password of the actual admin account. This actually helps keep the OS safe from viruses and worms, but not Trojans.
 
millerj123 said:
You want to use a user account for normal use, and only switch to admin/root when you need it. When you try to install something, you will be prompted for the username and password of the actual admin account. This actually helps keep the OS safe from viruses and worms, but not Trojans.
Click to expand...

It's also to keep you from accidentally (or otherwise) doing something stupid and destructive!
 
millerj123 said:
I didn't realize it was certified. When did that happen?
Click to expand...
From: http://www.apple.com/macosx/technology/unix.html

Picture 12.jpg

And from: http://en.wikipedia.org/wiki/OS_X
Leopard is an Open Brand UNIX 03 registered product on the Intel platform. It is also the first BSD-based OS to receive UNIX 03 certification.[68][69]
Click to expand...

millerj123 said:
OS X is Unix-like at it's base.
Click to expand...
Mac OS X is Unix. See above.
Previously, there was an account known as 'root' which has god access to the machine.
Click to expand...
There still is. Root is different from an administrator account. Being logged in as an administrator, while still capable of doing a great many things, is still not the same as logging in as root.

From: http://en.wikipedia.org/wiki/Superuser#Unix_and_Unix-like
Many operating systems, such as Mac OS X and some Linux distributions, allow administrator accounts which provide greater access while shielding the user from most of the pitfalls of full root access.
Click to expand...
 
MarkMS said:
A few years ago (2006?), someone started to spread a file that supposedly contained exclusive Leopard screenshots. Turned out it was some sort of worm known as OSX.Leap.A. When people would open the file and double-click the pictures, the admin dialog would pop up. Why would you need admin privileges to see a picture? Anyway, long story short ... non-admin users were more protected. Within admin accounts, the worm was able to run without the user knowing what just happened.
Click to expand...

Common sense would have prevented that. Leopard also has that "are you sure you want to open application xxx, which was downloaded from the internet on date xx/xx/xx", which would alert the user to the images actually being an application.
 
If your computer acts strange, run a scan with the free www.iantivirus.com
If you want to be 100% virus free, as the others suggested, don't download torrents and suspicious codecs (aka google the codec's name before downloading). Otherwise, if you still want to download torrents and do more shady things you can use a free av such as iAntivirus with real time protection. But that won't make your computer 100% safe either because there can always be new trojans.

Oh and for porn find popular and safe websites like YP, PT or MP (it's up to you to figure out their names).

:apple:
 
millerj123 said:
So, has outdated conventional wisdom changed, or should the OP run as admin?
Click to expand...

As the sole user, I run as Admin, and still get all the cautions and authentication requirements, so running as a regular user really isn't going to alter my protection, really.

I think the CW is still true for servers and managed environments, but the way even an Admin user is seen in the Mac OS environment makes it pretty pointless to run as a regular user. Besides, if that were the case, I think Apple would have had the setup on a new install a little different, prompting to creation of separate Admin and common accounts.
 
Ive had this Malware warning a month ago but i just ignored it when a pop up came. I still go on that site too. Should i be worried or not?
 
khamla said:
Ive had this Malware warning a month ago but i just ignored it when a pop up came. I still go on that site too. Should i be worried or not?
Click to expand...
If you didn't install anything and enter your admin password, you don't need to worry. However, if I visit a site and discover it is trying to spread malware, I leave it and never return. A little common sense and caution goes a long way toward protecting yourself.
 
MarkMS said:
1. Don't download software via torrents. Unless you are 100% of the source (i.e., *unix .iso images)

2. Don't run in admin mode for daily tasks. System Preferences>Accounts and make a new admin account. Log into the new account and make your account a Standard Account. Also add passwords to each account. You will have to enter a username/password each time you install software, but this has the potential to stop a virus/trojan from infecting you.

3. Enable Firewall (optional). Some says a router firewall is enough to protect you. I like having both, just in case. So I enable "Allow only essential services" under System Preferences>Security>Firewall

4. Run LittleSnitch (optional). Shows you incoming and outgoing connections from your computer.

There is no need for virus protection if you follow those four steps, refrain from surfing shady sites.






Software updates are, I believe, checked on a weekly basis. It also automatically downloads important updates so all you have to do is install the update.
Click to expand...

Is this "allow only essential services" going to prevent all my other programs (i.e. firefox) from checking for updates?
 
msw123307 said:
Is this "allow only essential services" going to prevent all my other programs (i.e. firefox) from checking for updates?
Click to expand...

No, you'll still be able to do all your updates. If you see it interfering, just use the "Set access for specific services and applications" and add the particular application.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back