MacMedics Macintosh Service, Consulting, & Sales For Baltimore, Washington DC, & Philadelphia Blog

Macintosh Consulting, Service, & Support

Archive for the ‘MacSecurity’ tag

ALERT: MacDefender/MacGuard Mac OS X Security Update 2011-003 Is Now Available

without comments

Update 5/31/11 18:43: Early Twitter reports indicate that OS X security update designed to target MacDefender missed finding MacGuard. Be aware that there could still be malware on your Mac if you were infected prior to the new update. Also, it is now being reported by zdnet.com, that MacDefender/MacGuard is now spreading via Facebook.

Security Update 2011-003 is now available and addresses the
following:

File Quarantine

Available for: Mac OS X v10.6.7, Mac OS X Server v10.6.7

Impact: Definition added

Description: The OSX.MacDefender.A definition has been added to the
malware check within File Quarantine. Information on File Quarantine
is available in this Knowledge Base article:
http://support.apple.com/kb/HT3662

File Quarantine

Available for: Mac OS X v10.6.7, Mac OS X Server v10.6.7

Impact: Automatically update the known malware definitions

Description: The system will check daily for updates to the File
Quarantine malware definition list. An opt-out capability is provided
via the “Automatically update safe downloads list” checkbox in
Security Preferences. Additional information is available in this
Knowledge Base article: http://support.apple.com/kb/HT4651

Malware removal

Available for: Mac OS X v10.6.7, Mac OS X Server v10.6.7

Impact: Remove the MacDefender malware if detected

Description: The installation process for this update will search
for and remove known variants of the MacDefender malware. If a known
variant was detected and removed, the user will be notified via an
alert after the update is installed. Additional information is
available in this Knowledge Base article:
http://support.apple.com/kb/HT4651

Update 9/27/11: Thanks Microsoft! Botnet that hosted MacDefender scareware/malware shut down thanks to Microsoft. http://t.co/LNpIXZWx

Sign Up for Our Newsletter:


Email: (required)
First Name 
Last Name 

MacMedics Offers Free Removal Of MacDefender Malware In Baltimore & Washington DC Offices

without comments

Update 5/31/11:While our competitors look to cash in on MacDefender/MacGuard malware scare by charging between $49 and $99 to remove the malware, MacMedics continues to offer FREE removal of the malware in either Millersville or Lanham offices! You do NOT have to be an existing MacMedics client to take advantage of this free service, just stop by and we’ll remove it for you. Can’t make it in to see us? We can arrange to access your machine remotely and remove it that way. Or, If you’re a WISP member, the remote service is included in your service plan, or you can join and we’ll take care of it for you. See http://www.macmedics.com/wisp for more info.

Update 5/25/11: Apple has posted a Knowledge Base article on how to remove this malware: http://support.apple.com/kb/ht4650

MacMedics Offers Free Removal Of MacDefender Malware In Baltimore & Washington DC Offices.

Stop by MacMedics Baltimore or MacMedics Washington for a free removal of MacDefender, MacProtector, and MacSecurity malware.

As always, NO APPOINTMENTS are ever necessary to stop by and visit. Most Macintosh service we perform in our lab is set up as a drop-off service. In this case we can remove this malware from your Macintosh computer while you wait. For FREE.

On the grand scale of things concerning malware and virus threats against the Macintosh platform, this threat is pretty small. However, if you don’t understand how to remove this malware safely, we’ll take care of getting it off your Mac free of charge. You do not need to be an exiting MacMedics client to have this service performed, just stop by.

If you are trying to learn how to remove MacDefender malware then please see our previous post on how to remove MacDefender from your Mac AND from your Time Machine backup system.

We also welcome former clients of Apple Specialist, macUpgrades of Bethesda, Maryland to MacMedics. See our special webpage for more information on our purchase of that long time Macintosh focused service and sales organization here.

Update 9/27/11: Thanks Microsoft! Botnet that hosted MacDefender scareware/malware shut down thanks to Microsoft. http://t.co/LNpIXZWx

Written by Dana Stibolt

May 20th, 2011 at 4:01 pm

How To Remove MacDefender From Your Time Machine Backup

without comments

Update 5/28/11: MacMedics Offers Free Removal Of MacDefender Malware In Baltimore & Washington DC Offices. If you’ve picked up a copy of MacProtector, MacDefender, MacSecurity, or now MacGuard, just stop by either or Millersville or Lanham offices, and we’ll remove this malware off of your Macintosh computer for free. No appointments are needed, just stop by. See this link for more details.

Update 5/25/11: ALERT!: Turn OFF Safari’s “Open ‘safe’ files after downloading” option. A new MacDefender malware variant, MacGuard (Mac Guard) has appeared, and this version doesn’t require that you enter your Mac’s administrator password prior to Installation. It will install by it’s self, but it can’t do that if you have the “Open ‘safe” files after downloading” option turned off. The default for Safari is for that to be ON. See Intego’s website for more info: http://is.gd/Zq7BQd

Apple has posted a Knowledge Base article on how to remove this malware: http://support.apple.com/kb/ht4650

How To Remove MacDefender From Your Time Machine Backup

Lots of folks have posted info on how to remove MacDefender from your computer, but I have not seen a mention of also removing it from Time Machine. It’s not that big of a deal, but better to ensure it’s gone for good.

If you are just learning about MacDefender and have found your way to this page, be sure to check out the Mac Security Blog for more details on this malware.

Also MacDefender also goes by the name MacProtector and MacSecurity. The screen shots shown here show the MacProtector variety of the Mac malware.

I’ll re-cap how to get it off your Mac and how to stop the application from running as there is no way to quit it normally.

1. Remove the MacDefender application from your applications folder:

2. Launch Activity Monitor (you can search for it in Spotlight if you don’t know where to find it). Quit the process for MacDefender:

3. Once you’ve done those two items, then enter Time Machine and remove all backups of the application from your Time Machine backup. You can do so by right clicking or control clicking on the MacDefender application while selecting “Delete all backups of…”:

Sign Up for Our Newsletter:


Email: (required)
First Name 
Last Name