virus/spyware concerns...

Discussion in 'Mac Basics and Help' started by nicksmith, Feb 6, 2009.

  1. nicksmith macrumors newbie

    Joined:
    Feb 6, 2009
    #1
    hey folks...

    im pretty new to mac and the os. i use a mac book pro, spend a bit of time online mostly researching, reading, seeking designs and what not, no porn, and very occasional torrent downloads, so nothing too shady. my pute has been acting a little strangely at times, mostly resolved and my peace of mind restored with a reboot. the other day however all programs closed down one at a time and software updates was initiated without my permission. the computer has naturally slowed a bit since purchase 11 months ago, but i think beyond what i expected considering the specs i added at purchase. what program should i use to run a scan on my mac? viruses are a threat for the mac nowadays right? is there a chance my slower performance is related ot virus/spyware? disk utilities to clean up grime in computer back alleys?

    thanks for having me in.
    n ' k
     
  2. Tallest Skil macrumors P6

    Tallest Skil

    Joined:
    Aug 13, 2006
    Location:
    1 Geostationary Tower Plaza
    #2
    Welcome, but please actually search, oh, say, Google, before posting here. :)

    Because there are no viruses.

    And there is no spyware.

    There are trojans, but you cannot get them unless you install something when you don't explicitly know what it is and where it came from.

    There are torrents now with trojans attached to them. Come clean: Did you install iWork '09 or CS4?
     
  3. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #3
    As Tallest Skil (and Forum Rules) says, search before posting. Using MRoogle to search the forums will many times reveal threads related to your question that the standard forum search misses. You'll find all the answers, comments, suggestions, recommendations and opinions you can stand by looking in those.

    From the Forum FAQ:
     
  4. és: macrumors 6502a

    és:

    #4
    You've no worries. There are a couple of pretty harmless trojans that are very rare. One of them (or all of them?) you have to install, give your root password to and then confirm. It's nothing really.
     
  5. MarkMS macrumors 6502a

    Joined:
    Aug 30, 2006
    #5
    1. Don't download software via torrents. Unless you are 100% of the source (i.e., *unix .iso images)

    2. Don't run in admin mode for daily tasks. System Preferences>Accounts and make a new admin account. Log into the new account and make your account a Standard Account. Also add passwords to each account. You will have to enter a username/password each time you install software, but this has the potential to stop a virus/trojan from infecting you.

    3. Enable Firewall (optional). Some says a router firewall is enough to protect you. I like having both, just in case. So I enable "Allow only essential services" under System Preferences>Security>Firewall

    4. Run LittleSnitch (optional). Shows you incoming and outgoing connections from your computer.

    There is no need for virus protection if you follow those four steps, refrain from surfing shady sites.




    Software updates are, I believe, checked on a weekly basis. It also automatically downloads important updates so all you have to do is install the update.
     
  6. Roofy. macrumors 6502a

    Joined:
    Jan 24, 2009
    #7
    Why does this matter? I am the only user on my mac and I am obviously the admin. So my account is on all the time.
     
  7. MarkMS macrumors 6502a

    Joined:
    Aug 30, 2006
    #8
    A few years ago (2006?), someone started to spread a file that supposedly contained exclusive Leopard screenshots. Turned out it was some sort of worm known as OSX.Leap.A. When people would open the file and double-click the pictures, the admin dialog would pop up. Why would you need admin privileges to see a picture? Anyway, long story short ... non-admin users were more protected. Within admin accounts, the worm was able to run without the user knowing what just happened.

    It's not about whether you are the only one on the machine or not. It's to keep malicious software from installing or running itself in the background without you knowing. And the password is to keep the software from bruteforcing its way through. First thing they will check for is whether or not you have a password. If there is no password, then there's no point in going through all this trouble.
     
  8. millerj123 macrumors 6502a

    Joined:
    Mar 6, 2008
    #9
    OS X is Unix-like at it's base. Previously, there was an account known as 'root' which has god access to the machine. It can do anything and everything. It can delete all userspace, it can delete the OS, it can install any application, good, bad or malignant.

    You want to use a user account for normal use, and only switch to admin/root when you need it. When you try to install something, you will be prompted for the username and password of the actual admin account. This actually helps keep the OS safe from viruses and worms, but not Trojans.
     
  9. notjustjay macrumors 603

    notjustjay

    Joined:
    Sep 19, 2003
    Location:
    Canada, eh?
    #10
    It's also to keep you from accidentally (or otherwise) doing something stupid and destructive!
     
  10. JNB macrumors 604

    JNB

    Joined:
    Oct 7, 2004
    Location:
    In a Hell predominately of my own making
    #11
    Fixed that for you.
     
  11. millerj123 macrumors 6502a

    Joined:
    Mar 6, 2008
    #12
    I didn't realize it was certified. When did that happen?
     
  12. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #13
    From: http://www.apple.com/macosx/technology/unix.html

    Picture 12.jpg

    And from: http://en.wikipedia.org/wiki/OS_X
    Mac OS X is Unix. See above.
    There still is. Root is different from an administrator account. Being logged in as an administrator, while still capable of doing a great many things, is still not the same as logging in as root.

    From: http://en.wikipedia.org/wiki/Superuser#Unix_and_Unix-like
     
  13. Jethryn Freyman macrumors 68020

    Jethryn Freyman

    Joined:
    Aug 9, 2007
    Location:
    Australia
    #14
    Common sense would have prevented that. Leopard also has that "are you sure you want to open application xxx, which was downloaded from the internet on date xx/xx/xx", which would alert the user to the images actually being an application.
     
  14. millerj123 macrumors 6502a

    Joined:
    Mar 6, 2008
    #15
    Thanks, I'd missed all that.

    So, has outdated conventional wisdom changed, or should the OP run as admin?
     
  15. EmperorDarius macrumors 6502a

    Joined:
    Jan 2, 2009
    #16
    If your computer acts strange, run a scan with the free www.iantivirus.com
    If you want to be 100% virus free, as the others suggested, don't download torrents and suspicious codecs (aka google the codec's name before downloading). Otherwise, if you still want to download torrents and do more shady things you can use a free av such as iAntivirus with real time protection. But that won't make your computer 100% safe either because there can always be new trojans.

    Oh and for porn find popular and safe websites like YP, PT or MP (it's up to you to figure out their names).

    :apple:
     
  16. JNB macrumors 604

    JNB

    Joined:
    Oct 7, 2004
    Location:
    In a Hell predominately of my own making
    #17
    As the sole user, I run as Admin, and still get all the cautions and authentication requirements, so running as a regular user really isn't going to alter my protection, really.

    I think the CW is still true for servers and managed environments, but the way even an Admin user is seen in the Mac OS environment makes it pretty pointless to run as a regular user. Besides, if that were the case, I think Apple would have had the setup on a new install a little different, prompting to creation of separate Admin and common accounts.
     
  17. khamla macrumors member

    Joined:
    Oct 24, 2008
    #18
    Ive had this Malware warning a month ago but i just ignored it when a pop up came. I still go on that site too. Should i be worried or not?
     
  18. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #19
    If you didn't install anything and enter your admin password, you don't need to worry. However, if I visit a site and discover it is trying to spread malware, I leave it and never return. A little common sense and caution goes a long way toward protecting yourself.
     
  19. msw123307 macrumors 6502

    Joined:
    Mar 25, 2007
    #20
    Is this "allow only essential services" going to prevent all my other programs (i.e. firefox) from checking for updates?
     
  20. MarkMS macrumors 6502a

    Joined:
    Aug 30, 2006
    #21
    No, you'll still be able to do all your updates. If you see it interfering, just use the "Set access for specific services and applications" and add the particular application.
     

Share This Page