Run antivirus on T mode

Discussion in 'macOS' started by PreetinderBajwa, Aug 10, 2009.

  1. PreetinderBajwa macrumors regular

    Joined:
    May 30, 2009
    Location:
    HK
    #1
    Hi!

    I have 2 MBPs. One has Intego suite and other other will get Norton Internet Security for Mac in next 30 minutes.

    The intego one has a suspect malware. Instead of uninstalling the Intego and installing the Norton, I was wondering if I could install Norton on the clean Machine and then boot Intego machine by pressing T like in transfer mode when you set up a new mac.

    Once the HD of Intego Machine is visible, could I run the norton from the other machine on the HD of the intego by right clicking it and say scan for virus etc....

    Thanks
     
  2. spinnerlys Guest

    spinnerlys

    Joined:
    Sep 7, 2008
    Location:
    forlod bygningen
    #2
    Why do you need anti-virus software?

    Especially Norton, which is known to frack up systems more than they were before?

    There are no Mac OS X viruses, just some malware and trojans, which could only be installed by you. They are found via pirated copies of iWork and Photoshop, and some installer on porn sites, which promises the need for this codec if you wanna jack off.
    But there are also trojan/malware free free (yes double free) porn sites our there.
     
  3. PreetinderBajwa thread starter macrumors regular

    Joined:
    May 30, 2009
    Location:
    HK
    #3
    Still doesn't solve the problem

    Hi !

    Thanks for advise about safe porn sites and not safe porn sites. I should have mentioned in my original post that please focus on the question !

    My question is about a function that i think could be a possibility that would allow me to retain the current settings etc on my suspect machine and use the clean machine to run the scan and verify the suspicion or kill the suspicion.

    I wonder why you presume that there has to be piracy and porn before there can be problems. They are the most common modes but not the only modes.

    I would be happy to receive views about can the technically asked step could be successfully performed or not, other views comments are not needed. Not everyone who has a virus gets it from the only 2 sources covered above.

    Thanks
     
  4. jzuena macrumors 6502a

    jzuena

    Joined:
    Feb 21, 2007
    Location:
    Lexington, MA, USA
    #4
    Are you talking about putting the Mac you suspect has malware into target disk mode and mounting its drive as an external drive to the clean Mac? That should work and allow you to scan its disk if you connect the two machines via Firewire. There are other less resource-intensive (and free) anti-malware applications available for the Mac that you could also try first before spending money on Norton.
     
  5. spinnerlys Guest

    spinnerlys

    Joined:
    Sep 7, 2008
    Location:
    forlod bygningen
    #5
    Sorry if I came of as presumptuous, I just wanted you to make aware, that there may be no need for such protection. And I may have typed to fast, before actual thinking could kick in.

    But as the poster above me already asked, did you wanted to boot into Target Disk Mode (TDM)?
    If yes, you can scan the Mac booted in TDM just as you would an external HDD.

    Why do you suspect malware?
     
  6. PreetinderBajwa thread starter macrumors regular

    Joined:
    May 30, 2009
    Location:
    HK
    #6
    Thanks everyone,

    I will try that.

    Here is the reason why I asked about the Target Disk Mode !

    http://forums.macrumors.com/showthread.php?t=762662

    Spinnerly, no problem. I am already having nightmares thinking about how the hell did this happen and then anyone posting a sermon was just like making it worse.

    The frustration is that the supposed malware is actually a legit software company (so what if its Russian) selling the employee snooping program for a 100 bucks. and the software is apparently designed to be stealthy !

    Now, my MBP is a personal laptop and has nothing to do with my company they are 100% windows and I have a separate laptop with Windows given to me for work.

    Once you read the other post from me you'll probably understand the pains I have gone through to figure out what's going on or its all a false alarm !

    cheers
     
  7. PreetinderBajwa thread starter macrumors regular

    Joined:
    May 30, 2009
    Location:
    HK
    #7
    Good advise

    Thanks jzuena,

    I bought Norton on my way home after trying Iantivirus, clamXav, sophos and a couple of others and no Joy.

    I know Norton is clumsy and resource hungry, I abandoned windows a few years ago only because of Norton and the mess it created with Vista.

    But I also knew that its usually a trust worthy software to find problems. So when the problem feels real I just went to one company that I know is into this business to make money but atleast has a decent chance of catching a problem should there be any. The rest of the companies I've tried as you'll see in my other post.

    Thanks once again. Much appreciated

    Preetinder
     
  8. chrono1081 macrumors 604

    chrono1081

    Joined:
    Jan 26, 2008
    Location:
    Isla Nublar
    #8
    Oh please don't ruin your system with Norton. Its TERRIBLE!

    Trust me I use it all the time because our work uses Symantec and Norton (same company, almost same product).

    Not only does it bog the system down but it flat out doesn't work. People who know nothing about computers will tell you it works because "They've had it for years and never had a virus".

    In reality its because it can't FIND the virus. For example, the computer infront of me is infected with that stupid sasser worm. Symantec can't find anything wrong with the computer (even though lsass.exe process is running in a users profile!), All files are set to show yet windows still cannot see the executable I am looking for in the user profiles, but when I plug the drive into a linux machine OH LOOK! lsass.exe in user profiles where it shouldn't be.

    This is just one of the many instances where Norton/Symantec either A. Cant find anything or B. Sees it but does nothing to remove it. Please don't waste your money on such a broken product. There are many free and better alternatives.
     
  9. PreetinderBajwa thread starter macrumors regular

    Joined:
    May 30, 2009
    Location:
    HK
    #9
    Follow up question

    Thanks Chrono181,

    You are right Norton sucks big time. Ran all night and didn't find anything. Sophos is finding viruses that are missed by Intego and Norton and IAntiVirus and ClamXav et al.

    It does seem to have a more useable firewall, Norton confidential everything else suck. I can show you screen shot of safari where safari ID'ed the site as phishing but Norton safe site bar is "no reaction" suggesting no fraud found !

    New question, I have taken a time machine backup, another backup using an utility called IBackup and am also selecting particular folders (Document, Library, Music, Pictures, Zinio - digital magazines) and copying them over to a disk.

    Tonight I will reinstal (wipe and intall) OSX. I want to ask everyone this :
    When I am getting the data back either through any one of the backups I have taken above, how can I make sure I don't get the damn spyware back ?
    I am wondring that I would need to install all applications/programme again manually because just simply restoring the applications folder is the highest risk ?

    The spyware is called DutyWatch 1.3a and is briefly listed on MacScan website under the Last tab at the top.
     
  10. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #10
    Do you have any idea how that was installed? another person in your house/office using the mac, or downloading shareware/freeware apps. Generally to install most programs that require access to the ~/Library folder you are prompted to allow access.

    If you're not sure, then I'd only restore your documents and some applications that you feel are ok, not the entire application folder. Besides, not all programs will function correctly if you just restore the application folder. For instance Adobe photoshop installs bits and pieces of itself all over the computer and you'd have be sure to restore those areas as well.

    I personally come from the frame of mind of starting off clean when wiping the computer, particularly when trying to recover from a problem. That way I know I'm not reintroducing the problem with the restore. So I just restore my data, e.g., documents, pdfs etc and reinstall my apps.
     
  11. Richard1028 macrumors 68000

    Joined:
    Jan 8, 2009
    #11
    :D

    Norton is a virus.

    Seriously, I'd rather put up with trojans and the like rather than install that thing.
     
  12. TheSpaz macrumors 604

    TheSpaz

    Joined:
    Jun 20, 2005
  13. EmperorDarius macrumors 6502a

    Joined:
    Jan 2, 2009
    #13
    Wait. Shouldn't you wait for the MacScan reply first?
     

Share This Page