 |
 |
did I thwart this attack?
|
|
|
|
|
Dedicated MacNNer
Join Date: May 2005
Status:
Offline
|
|
I suspected that I downloaded one of the mac trojans that exist. I think I thwarted the attack, but I wanted to be sure:
A disk image downloaded and mounted, and then the typical installer screen popped up. I quit the installer screen before I was prompted for anything. I did not enter in a password.
I checked for any unusual processes running...nothing found.
I checked the console and searched for the time when this occurred. There was no mention of an Installer. I just see .dotmacsyncclient, applelaunchd, and a 'connection failed' error for Safari.
I checked these both before and after a restart of my computer. Currently I am running a VirusBarrier X5 scan with definitions from 05/05/09. It is at 56% and nothing found yet.
Is there anything else I should check?
|
|
PB12 / 1.5 / 80 / 1.25 / SD
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Mar 2003
Location: Virginia
Status:
Offline
|
|
Do you expect the virus to be named "EvilVirusDoingBadThingsToYourMac.app"? I'd name a virus something that looks like it belongs.
I'd recommend installing Little Snitch or another two-way firewall and monitor outgoing connections...
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
Wouldn't you want to run the virus scan with more recent definitions than last month's?
|
|
|
| |
|
|
|
|
|
|
|
Moderator  Join Date: Dec 2000
Location: Polwaristan
Status:
Offline
|
|
Your first mistake was allowing the DMG to auto-mount.
|
|
|
| |
|
|
|
|
|
|
|
Clinically Insane
Join Date: Nov 1999
Location: 888500128, C3, 2nd soft.
Status:
Offline
|
|
Originally Posted by warra 
A disk image downloaded and mounted, and then the typical installer screen popped up. I quit the installer screen before I was prompted for anything. I did not enter in a password.
End of story.
Everyone lives happily ever after.
|
|
|
| |
|
|
|
|
|
|
|
Professional Poster
Join Date: Jan 2002
Location: London, UK
Status:
Offline
|
|
Turn off Open "safe" files after downloading and its equivalent in every browser you use. The world's most stupid, yet still active by default, option.
|
|
|
| |
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: May 2005
Status:
Offline
|
|
Originally Posted by CharlesS
Wouldn't you want to run the virus scan with more recent definitions than last month's?
I just downloaded the trial edition of VirusBarrier. it wouldn't let me install the latest definitions.
I turned off that option in Safari, and did the same for Firefox.
Thanks everyone.
|
|
PB12 / 1.5 / 80 / 1.25 / SD
|
| |
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: May 2005
Status:
Offline
|
|
could something like this affect the iphone (2.2)? of course...no disk images, but any trojans or viruses?
|
|
PB12 / 1.5 / 80 / 1.25 / SD
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
