Repeated AVG threats found for OSX/InstallCore.O

Discussion in 'OS X El Capitan (10.11)' started by mkrishnan, Mar 3, 2016.

  1. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #1
    Hi,

    I'm getting recurrent threat warnings from AVG about OSX/InstallCore.O, which are from reputable software package contents (e.g. Skype in the example). I'm having a hard time understanding if this is legitimate, and not finding clarity from searches I've done. Is this because Skype used InstallCore to install? I understood InstsallCore is a non-viral adware/malware, so otherwise I don't know how it got into those package contents. Any help would be lovely!
     

    Attached Files:

  2. chrfr macrumors 603

    Joined:
    Jul 11, 2009
    #2
    Did you install Skype after downloading an installer from macupdate.com? Their installers often include adware now, which may show up as Installcore.
     
  3. old-wiz macrumors G3

    Joined:
    Mar 26, 2008
    Location:
    West Suburban Boston Ma
    #3
    MacUpdate is no longer a reputable download site.
     
  4. mkrishnan thread starter Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #4
    @old-wiz Yes, I've noticed that. Thank you both for the suggestion. I don't think it's that. I'm doing a full scan, which is still running, but other apps that have been flagged for the same issue include Xcode of all things. I think the issue is due to this setting - "Use enhanced scanning to identify even more PUAs". I don't remember selecting it, but their help says it is off by default. Its flagged >200 issues on my MBP's drive so far, and given that it didn't flag any a few weeks ago... I'll update if that's what it is (especially because I searched and didn't find anything about this, and I don't know how / why that option got selected).
     

    Attached Files:

  5. \-V-/ Suspended

    \-V-/

    Joined:
    May 3, 2012
    #5
    MacUpdate will download spyware to your computer if you are not logged into your account. This is a widely known issue that's pissing many people off.

    Also, AVG is crap.
     
  6. mkrishnan thread starter Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #6
    The issue is with the PUA settings in AVG (and @\-V-/ your point is taken -- I turned these settings off for now, but perhaps I need to change AV software). Many of the apps identified came from Apple's App Store. None of them came from MacUpdate, which I don't use (i did, back in the day, 10 years ago, but not now).
     
  7. \-V-/ Suspended

    \-V-/

    Joined:
    May 3, 2012
    #7
    https://www.malwarebytes.org/antimalware/mac/

    This one works well. It's a simple scanner with updated definitions for actual threats.


    Most anti-virus software for Mac is garbage. They bog the system down, give you false positives, cause kernel panics, etc..
     
  8. bobob@mac macrumors newbie

    Joined:
    Mar 16, 2016
    #8
    Hi

    I am having the exact same problem as this - both Skype and Xcode have been flagged as containing this threat. Did you find a resolution ??

    Best regards

    Bob
     
  9. simon lefisch macrumors 6502a

    simon lefisch

    Joined:
    Sep 29, 2014
    #9
    ClamXav is pretty good. Unfortunate you have to pay now, but ran well when I was using it back when it was free. Download from the site, not from the App Store.
     
  10. beachmusic macrumors regular

    beachmusic

    Joined:
    Jan 12, 2013
    Location:
    St. George Island
    #10
    I believe Avira might be a little more robust for you. And it's free.

    Edit to add: https://www.avira.com/
     

Share This Page