Recent News - How does ESET Cybersecurity for Mac protect against the MacDefender malware?


2011-06-09

  SINGAPORE - June 9, 2011 - The MacDefender malware, which also goes by various names including MacProtector, MacSecurity, and MacGuard, appeared on the scene earlier this month. It pretends to be legitimate antivirus software, while posting fake alerts, and opening up pornographic Web pages in an attempt to get users to enter in their credit card information to clean up their computer.

ESET Cybersecurity for Mac (also known as ESET NOD32 Antivirus 4 - Standard Edition for Mac OS X) does detect and block the MacDefender malware and its variants. ESET has confirmed reports of this malware infection using the names such as "MacDefender", "MacGuard", "MacShield", "MacSecurity", "MacProtector", "Apple Security Center" or other similar names. ESET detects this malware as variants of OSX/AdWare.MacDefender.

ESET is also the first & only company in the world with ICSA certification for Mac OS X. As the industry leader of VirusBulletin100 awards, ESET provides you with real-time protection against existing and tomorrow's threats. To download a free 30-day trial of ESET's Cybersecurity for Mac (Home Edition), visit http://www.eset.com.sg/download/free_trial_download/. To learn more, please click here.
 


There are several variants of this malware and one example displays the following window:



Fig. 1-1
Click the image to view larger in new window


If you suspect that your computer is infected with the "MacDefender" malware (popups, slow or abnormal behavior), follow the steps below.

Remove the malware

1. Quit the browser that you are using by clicking the red x in the top left corner of the window.
   
2. Delete the install package of "MacDefender" (or the other name variants) in your Downloads folder (or the default folder set by your browser).
   
 



Fig. 1-2

   
3. Click Go on your menu bar and then click Utilities.
   
4. Double-click Activity Monitor from the Utilities window.
   
 

Fig. 1-3
Click the image to view larger in new window
   
5. Make sure All Processes is selected in the drop-down menu at the top right corner of the window.
   
6. Select the malware by clicking the name "MacDefender" (or the other name variants) in the Process Name column.
   
7. Click Quit Process and click Force Quit if prompted.
   
8. Quit Activity Monitor by clicking the red x in the top left corner of the window.
9.
Open your Mac OS X Applications folder by clicking Finder Applications.
   
10. Find "MacDefender.app" (or the other name variants) and drag it to the Trash and enter your administrator password if prompted.

- For the MacShield variant, find "mdDownloader.app" and drag it to the Trash.
- For other variants, locate "downISh.app", "spavid.app" or "ashield" and drag them to the Trash.
   
11. Empty the Trash by holding down the command key, right-click the Trash and and click Secure Empty Trash.
   



Search for and remove other files

1.
Open a new Finder window by clicking Finder .
   
2. Under Places on the left-hand Sidebar, click your username.
   
3. Double-click the Library folder and then double-click the Preferences folder.
   
4. Look for com.aplle.md.plist and move it to the Trash.
   
5. Empty the Trash by holding down the command key, right-click the Trash and and click Secure Empty Trash.
   
6. Use Spotlight (the white field at the top right-hand corner of the window) to search for the following terms and move any associated files to the Trash: "MacDefender", "MacSecurity", "MacProtector" or "Apple Security Center".
   


For more information, visit the following Apple support article: How to avoid or remove Mac Defender malware.


About ESET

ESET develops software solutions that deliver instant, comprehensive protection against evolving computer security threats. ESET pioneered and continues to lead the industry in proactive threat detection. ESET NOD32 Antivirus, its flagship product, consistently achieves the highest accolades in all types of comparative testing and is the foundational product that builds out the ESET product line to include ESET Smart Security. ESET Smart Security is an integrated antivirus, antispyware, antispam and personal firewall solution that combines accuracy, speed and an extremely small system footprint to create the most effective security solution in the industry. Both products have an extremely efficient code base that eliminates the unnecessary large size found in some solutions. This means faster scanning that doesn’t slow down computers or networks. Sold in more than 160 countries, ESET has worldwide production headquarters in Bratislava, SK and worldwide distribution headquarters in San Diego, U.S. ESET also has offices in Bristol, U.K.; Buenos Aires, AR; Prague, CZ; and is globally represented by an extensive partner network. For more information, visit our local office at http://www.eset.com.sg.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. Headquartered in Hong Kong, the Company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which includes Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

Version 2 Singapore Pte Ltd is the local office of Version 2 Limited.
For more information, please visit http://www.version-2.com.sg/ or call (65) 6296-4268.

Previous News Next News

Return to the previous page