MacMedics Macintosh Service, Consulting, & Sales For Baltimore, Washington DC, & Philadelphia Blog

Macintosh Consulting, Service, & Support

Archive for the ‘MacDefender’ tag

Ensure Your Mac Is Configured To Protect You From Known Virus And Malware Threats

without comments

Did you know that both Lion (10.7) and Snow Leopard (10.6) will protect you from known virus and malware threats?

All you have to do is to ensure that the checkbox in System Preferences under Security & Privacy is checked.

Here’s what it should look like in Lion (10.7):

Here’s what if should look like in Snow Leopard (10.6):

See this link from Apple for more info: http://support.apple.com/kb/HT4651

There is a new threat that has surfaced that will try to fool you into installing the Flash Player. Read more about this from this blog. Apple has not yet included a built-in defense for this issue yet, so the best way to combat this threat is to download Flash directly from Adobe’s website, should you need it. Also, if any software you download from the Internet asks you for your password, you should be 100% certain you know what you downloaded, where you downloaded it from, and what it is.

The Mac Observer made a nice little application that checks your Mac’s Xprotect definitions status and allows for a manual update of the virus and malware definitions: http://www.macobserver.com/tmo/article/safe_download_version_adds_manual_definitions_update/

Written by Dana Stibolt

September 27th, 2011 at 9:09 am

Apple Releases Mac OS X 10.6.8 Supplemental Update To Address Known Issues

without comments

Update 7/26/11: If you have already installed 10.6.8 and you’d like to fix the issues with it, then you need this version of the update.

If you’d like to upgrade from 10.6.7 to 10.6.8 then you need this version of the update.

If you’re running 10.6.6 or any previous version of 10.6, you need this version of the update.

If you’ve already applied the v1.1 update of 10.6.8 (Delta or Combo), then you don’t need to apply the 10.6.8 Supplemental Update, as it’s built into v1.1 update.

About Mac OS X 10.6.8 Supplemental Update:

The Mac OS X 10.6.8 Supplemental Update is recommended for all users running Mac OS X Snow Leopard 10.6.8 and resolves issues with:

-Transferring personal data, settings, and compatible applications from a Mac running Mac OS X Snow Leopard to a new Mac running Mac OS X Lion.

-Certain network printers that pause print jobs immediately and fail to complete.

-System audio that stops working when using HDMI or optical audio out.

You can manually download the update installer. This is a useful option when you need to update multiple computers but only want to download the update once. These versions of the standalone installers are available from Apple Support Downloads.

What’s included?

-Enhancements to the Mac App Store to get your Mac ready to upgrade to Mac OS X Lion.

-Resolves an issue that may cause Preview to unexpectedly quit.

-Improves support for IPv6.

-Improves VPN reliability.

-Identifies and removes known variants of MacDefender malware.

-Corrects timezone data in iCal for Lisbon-Portugal.

-Adds the ability to use Kerberos authentication to a web proxy server.

-Fixes an issue when saving documents from Xcode or TextEdit when using an NFS home directory.

-Fixes an issue when importing certain media files into Final Cut Pro.

-Includes RAW image compatibility for additional digital cameras.

Mac OS X v10.6.8 also includes fixes provided in the Mac OS X v10.6.7 Snow Leopard Font Update:

-Addresses an issue in which some OpenType fonts don’t display correctly in certain applications.
Resolves issues printing from Preview.

-Addresses an issue with PDF files not opening in third-party PDF viewing applications.

-Resolves invalid font errors when printing to PostScript printers.

Update 9/27/11: Thanks Microsoft! Botnet that hosted MacDefender scareware/malware shut down thanks to Microsoft. http://t.co/LNpIXZWx

ALERT: MacDefender/MacGuard Mac OS X Security Update 2011-003 Is Now Available

without comments

Update 5/31/11 18:43: Early Twitter reports indicate that OS X security update designed to target MacDefender missed finding MacGuard. Be aware that there could still be malware on your Mac if you were infected prior to the new update. Also, it is now being reported by zdnet.com, that MacDefender/MacGuard is now spreading via Facebook.

Security Update 2011-003 is now available and addresses the
following:

File Quarantine

Available for: Mac OS X v10.6.7, Mac OS X Server v10.6.7

Impact: Definition added

Description: The OSX.MacDefender.A definition has been added to the
malware check within File Quarantine. Information on File Quarantine
is available in this Knowledge Base article:
http://support.apple.com/kb/HT3662

File Quarantine

Available for: Mac OS X v10.6.7, Mac OS X Server v10.6.7

Impact: Automatically update the known malware definitions

Description: The system will check daily for updates to the File
Quarantine malware definition list. An opt-out capability is provided
via the “Automatically update safe downloads list” checkbox in
Security Preferences. Additional information is available in this
Knowledge Base article: http://support.apple.com/kb/HT4651

Malware removal

Available for: Mac OS X v10.6.7, Mac OS X Server v10.6.7

Impact: Remove the MacDefender malware if detected

Description: The installation process for this update will search
for and remove known variants of the MacDefender malware. If a known
variant was detected and removed, the user will be notified via an
alert after the update is installed. Additional information is
available in this Knowledge Base article:
http://support.apple.com/kb/HT4651

Update 9/27/11: Thanks Microsoft! Botnet that hosted MacDefender scareware/malware shut down thanks to Microsoft. http://t.co/LNpIXZWx

Sign Up for Our Newsletter:


Email: (required)
First Name 
Last Name 

MacMedics Offers Free Removal Of MacDefender Malware In Baltimore & Washington DC Offices

without comments

Update 5/31/11:While our competitors look to cash in on MacDefender/MacGuard malware scare by charging between $49 and $99 to remove the malware, MacMedics continues to offer FREE removal of the malware in either Millersville or Lanham offices! You do NOT have to be an existing MacMedics client to take advantage of this free service, just stop by and we’ll remove it for you. Can’t make it in to see us? We can arrange to access your machine remotely and remove it that way. Or, If you’re a WISP member, the remote service is included in your service plan, or you can join and we’ll take care of it for you. See http://www.macmedics.com/wisp for more info.

Update 5/25/11: Apple has posted a Knowledge Base article on how to remove this malware: http://support.apple.com/kb/ht4650

MacMedics Offers Free Removal Of MacDefender Malware In Baltimore & Washington DC Offices.

Stop by MacMedics Baltimore or MacMedics Washington for a free removal of MacDefender, MacProtector, and MacSecurity malware.

As always, NO APPOINTMENTS are ever necessary to stop by and visit. Most Macintosh service we perform in our lab is set up as a drop-off service. In this case we can remove this malware from your Macintosh computer while you wait. For FREE.

On the grand scale of things concerning malware and virus threats against the Macintosh platform, this threat is pretty small. However, if you don’t understand how to remove this malware safely, we’ll take care of getting it off your Mac free of charge. You do not need to be an exiting MacMedics client to have this service performed, just stop by.

If you are trying to learn how to remove MacDefender malware then please see our previous post on how to remove MacDefender from your Mac AND from your Time Machine backup system.

We also welcome former clients of Apple Specialist, macUpgrades of Bethesda, Maryland to MacMedics. See our special webpage for more information on our purchase of that long time Macintosh focused service and sales organization here.

Update 9/27/11: Thanks Microsoft! Botnet that hosted MacDefender scareware/malware shut down thanks to Microsoft. http://t.co/LNpIXZWx

Written by Dana Stibolt

May 20th, 2011 at 4:01 pm

How To Remove MacDefender From Your Time Machine Backup

without comments

Update 5/28/11: MacMedics Offers Free Removal Of MacDefender Malware In Baltimore & Washington DC Offices. If you’ve picked up a copy of MacProtector, MacDefender, MacSecurity, or now MacGuard, just stop by either or Millersville or Lanham offices, and we’ll remove this malware off of your Macintosh computer for free. No appointments are needed, just stop by. See this link for more details.

Update 5/25/11: ALERT!: Turn OFF Safari’s “Open ‘safe’ files after downloading” option. A new MacDefender malware variant, MacGuard (Mac Guard) has appeared, and this version doesn’t require that you enter your Mac’s administrator password prior to Installation. It will install by it’s self, but it can’t do that if you have the “Open ‘safe” files after downloading” option turned off. The default for Safari is for that to be ON. See Intego’s website for more info: http://is.gd/Zq7BQd

Apple has posted a Knowledge Base article on how to remove this malware: http://support.apple.com/kb/ht4650

How To Remove MacDefender From Your Time Machine Backup

Lots of folks have posted info on how to remove MacDefender from your computer, but I have not seen a mention of also removing it from Time Machine. It’s not that big of a deal, but better to ensure it’s gone for good.

If you are just learning about MacDefender and have found your way to this page, be sure to check out the Mac Security Blog for more details on this malware.

Also MacDefender also goes by the name MacProtector and MacSecurity. The screen shots shown here show the MacProtector variety of the Mac malware.

I’ll re-cap how to get it off your Mac and how to stop the application from running as there is no way to quit it normally.

1. Remove the MacDefender application from your applications folder:

2. Launch Activity Monitor (you can search for it in Spotlight if you don’t know where to find it). Quit the process for MacDefender:

3. Once you’ve done those two items, then enter Time Machine and remove all backups of the application from your Time Machine backup. You can do so by right clicking or control clicking on the MacDefender application while selecting “Delete all backups of…”:

Sign Up for Our Newsletter:


Email: (required)
First Name 
Last Name