Friday, August 17, 2012

Fighting Viruses and Malware on Mac computers

In April of this year I realized that my hiatus in the fight against computer viruses and malware had come to an end.  For four lovely years I didn't pore over websites describing the effects of the latest worms or trojans.  I didn't run any lengthy scans or poke around editing the registry of a PC.  It was nice while it lasted, but that time has passed.  Mac owners now need to pay attention to the evils of viruses and malware.

My "wake-up call" came in the form of MacKeeper popup windows like the screen prints below.  (Rest assured that these images are NOT linked to a MacKeeper site and therefore pose no danger.)
If you see popups like these, close them immediately.

If you see MacKeeper advertisements on a website, close your browser window and avoid that site in the future.

Do not install Mackeeper, advised the Apple Support Forum on March 23, 2012.


MacKeeper popup screens appeared on my husband's MacBook several times a day.  My husband also reported that he spent way too much time watching the colorful spinning wheel (the Apple equivalent of the hourglass on PCs).

Theory #1, or going down the garden path

The computer is just too old.  Thinking there wasn't much point in spending a lot of money to fix a four-year old computer with an expired warranty, I bought my husband a new MacBook Pro.  However, the new MacBook Pro did not bring the expected improvements.  Even with its newer architecture and four times the RAM of the old machine, this new one was only marginally faster. Worse yet, the popups persisted and watching the spinning wheel was still a major part of everyday use.  That's when I realized that something funky was going on.

I also realized I had spent a huge pile of money in the Apple store for no good reason!  Despite the fact that I had unpacked and used the new computer (see More Adventures with Migration Assistant), I marched it back to the store and returned it.  Did you know that Apple will give you a full refund -- no restocking fees! -- if you return a computer within 14 days of purchase? 

Theory #2, or waking up to reality

The computer has a virus.  By now I was convinced that I had transferred some sort of virus or malware from the old computer to the new one.  That would explain spinning wheel syndrome and the tendency for the old MacBook to get slower and slower until it was rebooted - sometimes more than once a day.

As I read more and more technology sites, I learned that the reason Macs didn't get viruses in the past had nothing to do with their physical construction or the Mac operating system.  Hackers just were not motivated to write nasty, disruptive programs for such a small portion of the computer market.  Now that more than 10% of computer users have Macs, the appeal to hackers is growing.

Nothing proves that fact more than the rampant Flashback, a trojan reported in April 2012 to have infected over 600,000 Macs globally, half of those in the US alone! 

Mac Flashback Malware: What It Is and How to Get Rid of It (FAQ) -  CNet, April 5, 2012
Widespread Virus Proves Macs Are No Longer Safe From Hackers -  New York Times, April 6, 2012

Apple has been recommending anti-virus software for quite a while.  In 2008 Apple published a technical note on their support forum recommending "widespread use of multiple anti-virus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult."  This statement was picked up by all the major technology media as well as mainstream news publishers like the Washington Post.

Apple Suggests Mac Users Install Antivirus Software - CNet, December 1, 2008
Apple:  Mac Users Should Get Antivirus Software - Washington Post, December 1, 2008

By the way, if you still need to obtain and install an antivirus program for your Mac, the article below is an excellent resource.

Antivirus Utilities and Recommendations for OS X - CNet, January 13, 2011.

The antivirus program that caught my eye was Sophos Antivirus, "an enterprise-level virus scanner that was just released as a free home version."  It runs in the background without hogging system resources.  It scans files prior to download and notifies you if it finds any danger. 

Solution: antivirus and adblocker software 

Getting back to my own computer issues, I downloaded and ran Sophos Antivirus. It found and quarantined three malware files that I promptly deleted.

Interestingly, MacKeeper was not one of the quarantined files.  That fact sent me off to do additional internet reading.  I learned that MacKeeper is indeed considered malware because it chews up system resources, doesn't do what it advertises, and is nearly impossible to get rid of.  In the article below, the Apple Support Forum says "MacKeeper can be regarded as highly invasive malware that can de-stablize your operating system." 

Do not install Mackeeper, Apple Support Forum, March 23, 2012.

Thankfully, I concluded that my husband's MacBook wasn't infected with MacKeeper.  Sophos Antivirus hadn't identified it, and it didn't appear on the hard drive as an installed application.  So far, so good, but I still needed to get rid of the MacKeeper popup nuisance.  That challenge inspired still more internet reading, this time about the elimination of popups. 

On the Apple Support Forum I discovered adblockers  -- programs will prevent popup advertisements and will also suppress some sidebar ads.  Glimmerblocker is an adblocker specifically for Mac OS X.  Apple also has an Adblock extension for Safari.  I downloaded and installed those as well.

I am happy to report that my husband's MacBook ran somewhat better after I added Sophos Antivirus, Glimmerblocker and the Adblock extension for Safari.  It took quite a bit of research, but in the end my solution did indeed prevent the MacKeeper popups and alleviated the spinning wheel syndrome. 

The computer's improved functioning would allow me a little more time to figure out what to do next.  After all, it was still a four year old computer.  Could I persuade my husband to use it for another year?  Should I add some RAM or do a hardware analysis in the meantime?  What would Apple's new line of MacBooks would be like? Actually, Apple would be making those announcements in a few more months.

Yes, dear readers, the saga will continue...

Related posts:
Migration Assistant Misery, September 5, 2009
More Adventures with Migration Assistant, April 9, 2012 

© 2012, Linda Mason Hood
Truffles, Turtles & Tunes Copyright Statement