Re: Adware warning!
Hello, Imaging or backing up and restoring isn’t going to change until the user changes their behaviour. Think before you click. As for root access with VoiceOver, in the terminal you can use the sudo command and make changes to the system. Gena On 24 Apr 2015, at 00:39, M. Taylor mk...@ucla.edu wrote: Hello Christine, I am so sorry that you had to experience such a, what for many of us, would be a scary thing. You know, a month or so ago, a friend of mine purchased a new MacBook Air. I don't know what she did between the Friday when I set it up and the following Tuesday but when next I saw it, there was no doubt but that she had been hacked/compromised. I don't remember the particulars but a quick Google search confirmed it. Now even though many hate to hear this, I'll tell you that, for my money, the only way to really be certain that you have a clean secure system is to (1) restore from a known good backup such as one would have using SuperDuper or (2) wiping the drive clean and performing a fresh install. As far as I am concerned, once your system has been compromised, there are no other options. So many times I see both Windows and Mac users take less drastic steps to redeem their systems only to have the same problems crop up a few weeks or sometimes months later. This is just my opinion, of course, as I do not want to start a heated debate. Mark From: macvisionaries@googlegroups.com [mailto:macvisionaries@googlegroups.com] On Behalf Of Christine Grassman Sent: Thursday, April 23, 2015 3:55 PM To: macvisionaries@googlegroups.com Subject: Adware warning! I want you all to know about something I just experienced. I was on Twitter within Safari and a “critical service warning” popped up, informing me that a malicious virus had been detected and had attacked my system, and that “we have shut down all of your critical systems to protect any further damage.” The warning went on to give this number: 888 553-4193 and directed me to give a number starting with Mac and ending with several digits. My BS detector was on full alert. I called Apple and told them what was going on. I was informed that this occurs several times a day at least, and that it usually involves adware. When a screen sharing session link was sent, Safari could not find the server, nor could Google Chrome. I was then told to open the MacBook in safe mode, and I thought I could use VoiceOver in safe mode, but it would not come on, and command F5 would not bring it up. The tech support rep handed me over to someone who had more VoiceOver experience. He had me shut down and restart normally, then sent me the ability to screen share by using my apple ID, which made the screen sharing like an application, which enabled me to go to adwaremedic.com, download adware medic, and run it. This problem appears to be resolved, but I wanted you all to be aware of this incident, as well as to inquire: Isn’t there a way to use VoiceOver in safe mode? Thank you . . . and be careful out there. I was told people have been known to give their credit card numbers to these people thinking they are getting their computers fixed. Christine -- You received this message because you are subscribed to the Google Groups MacVisionaries group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com. Visit this group at http://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups MacVisionaries group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com. Visit this group at http://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups MacVisionaries group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com. Visit this group at http://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout.
Re: Adware warning!
Good to know. My parents just got fooled. They say that there was some popup that said their flash was out of date and to download an updater. Well, they went ahead and did that but it wasn't the real Flash updater. So now every time they click a link it opens a new browser tab to some other malware download stuff, pops up giant ads and other annoyances. This included the obligatory call this number for help which they did but at least they stopped before actually handing over their credit card number. The tipoff to them was that the 'tech support company' wasn't actually Apple. I think they had wanted $150 to 'fix' their machine. From what I read, under the hood the malware actually uses some unix tricks to attach itself to the browsers process (Safari, Chrome or Firefox) and intercept all the requests so they can modify the links on the fly. Pretty sneaky. From this Apple article it sounds like you can sometimes wipe it out just by doing a major OS upgrade: https://support.apple.com/en-us/HT202225 They were on OSX 10.8 so I had them start downloading/installing 10.10 last night and it was still going earlier today. If that doesn't work I'll run through the steps here to try and kill of the badness: https://support.apple.com/en-us/HT203987 They apparently got MacKeeper installed which is not a good thing. I found this recent article talking about how Malware does it's thing on OSX and that we're going to find more of it migrating from Windows: http://www.howtogeek.com/210589/mac-os-x-isn’t-safe-anymore-the-crapware-malware-epidemic-has-begun/ I'll keep adwaremedic.com in mind if my other attempts fail. Thanks for the timely info. CB On 4/23/15 6:54 PM, Christine Grassman wrote: I want you all to know about something I just experienced. I was on Twitter within Safari and a “critical service warning” popped up, informing me that a malicious virus had been detected and had attacked my system, and that “we have shut down all of your critical systems to protect any further damage.” The warning went on to give this number: 888 553-4193 and directed me to give a number starting with Mac and ending with several digits. My BS detector was on full alert. I called Apple and told them what was going on. I was informed that this occurs several times a day at least, and that it usually involves adware. When a screen sharing session link was sent, Safari could not find the server, nor could Google Chrome. I was then told to open the MacBook in safe mode, and I thought I could use VoiceOver in safe mode, but it would not come on, and command F5 would not bring it up. The tech support rep handed me over to someone who had more VoiceOver experience. He had me shut down and restart normally, then sent me the ability to screen share by using my apple ID, which made the screen sharing like an application, which enabled me to go to adwaremedic.com http://adwaremedic.com, download adware medic, and run it. This problem appears to be resolved, but I wanted you all to be aware of this incident, as well as to inquire: Isn’t there a way to use VoiceOver in safe mode? Thank you . . . and be careful out there. I was told people have been known to give their credit card numbers to these people thinking they are getting their computers fixed. Christine -- You received this message because you are subscribed to the Google Groups MacVisionaries group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com mailto:macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com mailto:macvisionaries@googlegroups.com. Visit this group at http://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout. -- ¯\_(ツ)_/¯ -- You received this message because you are subscribed to the Google Groups MacVisionaries group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com. Visit this group at http://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout.
Re: Adware warning!
So far, I only install software from Apple although when Microsoft Office comes out I'll be getting it. I'll investigate virus anti software in due course. However, I only go to safe websites and touch wood, have not had any problems to date but you don't know what is round the corner. Just be careful where you browse etc. Kawal. On 24 Apr 2015, at 01:02, Joe Quinn jdawg1...@gmail.com wrote: That's why I just got booth programs now, will test accessibility when i get to the mac. Sent from my iPhone On Apr 23, 2015, at 6:59 PM, Sabahattin Gucukoglu listse...@me.com wrote: The Adware menace has, unfortunately, spread to the Mac, yes. The good news is that, right now, there are fairly few strains of the stuff, and AdwareMedic is a very good bet on its removal. Antivirus software typically doesn’t identify adware because, while obnoxious in the extreme, it isn’t actually malicious—at least, not in the sense of actually being harmful to your computer. The bad news is that, like Windows users, you are no longer insulated by obscurity against your own misjudgement. Install software only from reputable sources; do not download from any site other than that which officially distributes the software. In general this means that you do not download from any repository, such as a download site, but get the software directly from the project’s own web page, typically the page of the author. Naturally, if you trust Apple, one obvious way to seal things tight is only to install from the Mac App Store, or only to install Apple-signed software. In any event, do not install software merely because you were asked to do so by any message coming from within your web browser. In case of doubt, ask questions. -- You received this message because you are subscribed to the Google Groups MacVisionaries group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com. Visit this group at http://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups MacVisionaries group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com. Visit this group at http://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups MacVisionaries group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com. Visit this group at http://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout.
Re: Adware warning!
I asked the Apple tech support rep about whether I should install anything else besides adware Medic and he did not seem to think I needed anything more. I do have to say that no one I know personally who has a Mac has antivirus software, and precious few have had issues. I will look into this though. Thanks. Christine -- You received this message because you are subscribed to the Google Groups MacVisionaries group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com. Visit this group at http://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout.
RE: Adware warning!
Hello Christine, I am so sorry that you had to experience such a, what for many of us, would be a scary thing. You know, a month or so ago, a friend of mine purchased a new MacBook Air. I don't know what she did between the Friday when I set it up and the following Tuesday but when next I saw it, there was no doubt but that she had been hacked/compromised. I don't remember the particulars but a quick Google search confirmed it. Now even though many hate to hear this, I'll tell you that, for my money, the only way to really be certain that you have a clean secure system is to (1) restore from a known good backup such as one would have using SuperDuper or (2) wiping the drive clean and performing a fresh install. As far as I am concerned, once your system has been compromised, there are no other options. So many times I see both Windows and Mac users take less drastic steps to redeem their systems only to have the same problems crop up a few weeks or sometimes months later. This is just my opinion, of course, as I do not want to start a heated debate. Mark From: macvisionaries@googlegroups.com [mailto:macvisionaries@googlegroups.com] On Behalf Of Christine Grassman Sent: Thursday, April 23, 2015 3:55 PM To: macvisionaries@googlegroups.com Subject: Adware warning! I want you all to know about something I just experienced. I was on Twitter within Safari and a “critical service warning” popped up, informing me that a malicious virus had been detected and had attacked my system, and that “we have shut down all of your critical systems to protect any further damage.” The warning went on to give this number: 888 553-4193 and directed me to give a number starting with Mac and ending with several digits. My BS detector was on full alert. I called Apple and told them what was going on. I was informed that this occurs several times a day at least, and that it usually involves adware. When a screen sharing session link was sent, Safari could not find the server, nor could Google Chrome. I was then told to open the MacBook in safe mode, and I thought I could use VoiceOver in safe mode, but it would not come on, and command F5 would not bring it up. The tech support rep handed me over to someone who had more VoiceOver experience. He had me shut down and restart normally, then sent me the ability to screen share by using my apple ID, which made the screen sharing like an application, which enabled me to go to adwaremedic.com, download adware medic, and run it. This problem appears to be resolved, but I wanted you all to be aware of this incident, as well as to inquire: Isn’t there a way to use VoiceOver in safe mode? Thank you . . . and be careful out there. I was told people have been known to give their credit card numbers to these people thinking they are getting their computers fixed. Christine -- You received this message because you are subscribed to the Google Groups MacVisionaries group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com. Visit this group at http://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups MacVisionaries group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com. Visit this group at http://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout.
Re: Adware warning!
The Adware menace has, unfortunately, spread to the Mac, yes. The good news is that, right now, there are fairly few strains of the stuff, and AdwareMedic is a very good bet on its removal. Antivirus software typically doesn’t identify adware because, while obnoxious in the extreme, it isn’t actually malicious—at least, not in the sense of actually being harmful to your computer. The bad news is that, like Windows users, you are no longer insulated by obscurity against your own misjudgement. Install software only from reputable sources; do not download from any site other than that which officially distributes the software. In general this means that you do not download from any repository, such as a download site, but get the software directly from the project’s own web page, typically the page of the author. Naturally, if you trust Apple, one obvious way to seal things tight is only to install from the Mac App Store, or only to install Apple-signed software. In any event, do not install software merely because you were asked to do so by any message coming from within your web browser. In case of doubt, ask questions. -- You received this message because you are subscribed to the Google Groups MacVisionaries group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com. Visit this group at http://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout.
Re: Adware warning!
First, I know of kno way to use Voice Over at the true route level of the drive itself. Second, I just cannot halp asking. Do you have any sort of anti virus protection on board your system? IF not, for my part, I urge you to consider it. What you get is, of course, up to you: and, there will be quite a few recommendations from the folks here: but, for my part, ClamXAV can't be beat for accessibility, eas of use, and completeness of protection. Sincerely, The Constantly Barefooted Ray Still a happy Mac, Verizon Wireless iPhone 6+ and Apple TV user! Sent from my Mac, the only computer with full accessibility for the blind built-in On Apr 23, 2015, at 5:54 PM, Christine Grassman cgrassman1...@gmail.com wrote: I want you all to know about something I just experienced. I was on Twitter within Safari and a “critical service warning” popped up, informing me that a malicious virus had been detected and had attacked my system, and that “we have shut down all of your critical systems to protect any further damage.” The warning went on to give this number: 888 553-4193 and directed me to give a number starting with Mac and ending with several digits. My BS detector was on full alert. I called Apple and told them what was going on. I was informed that this occurs several times a day at least, and that it usually involves adware. When a screen sharing session link was sent, Safari could not find the server, nor could Google Chrome. I was then told to open the MacBook in safe mode, and I thought I could use VoiceOver in safe mode, but it would not come on, and command F5 would not bring it up. The tech support rep handed me over to someone who had more VoiceOver experience. He had me shut down and restart normally, then sent me the ability to screen share by using my apple ID, which made the screen sharing like an application, which enabled me to go to adwaremedic.com http://adwaremedic.com/, download adware medic, and run it. This problem appears to be resolved, but I wanted you all to be aware of this incident, as well as to inquire: Isn’t there a way to use VoiceOver in safe mode? Thank you . . . and be careful out there. I was told people have been known to give their credit card numbers to these people thinking they are getting their computers fixed. Christine -- You received this message because you are subscribed to the Google Groups MacVisionaries group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com mailto:macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com mailto:macvisionaries@googlegroups.com. Visit this group at http://groups.google.com/group/macvisionaries http://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups MacVisionaries group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com. Visit this group at http://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout.
Re: Adware warning!
That's why I just got booth programs now, will test accessibility when i get to the mac. Sent from my iPhone On Apr 23, 2015, at 6:59 PM, Sabahattin Gucukoglu listse...@me.com wrote: The Adware menace has, unfortunately, spread to the Mac, yes. The good news is that, right now, there are fairly few strains of the stuff, and AdwareMedic is a very good bet on its removal. Antivirus software typically doesn’t identify adware because, while obnoxious in the extreme, it isn’t actually malicious—at least, not in the sense of actually being harmful to your computer. The bad news is that, like Windows users, you are no longer insulated by obscurity against your own misjudgement. Install software only from reputable sources; do not download from any site other than that which officially distributes the software. In general this means that you do not download from any repository, such as a download site, but get the software directly from the project’s own web page, typically the page of the author. Naturally, if you trust Apple, one obvious way to seal things tight is only to install from the Mac App Store, or only to install Apple-signed software. In any event, do not install software merely because you were asked to do so by any message coming from within your web browser. In case of doubt, ask questions. -- You received this message because you are subscribed to the Google Groups MacVisionaries group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com. Visit this group at http://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups MacVisionaries group. To unsubscribe from this group and stop receiving emails from it, send an email to macvisionaries+unsubscr...@googlegroups.com. To post to this group, send email to macvisionaries@googlegroups.com. Visit this group at http://groups.google.com/group/macvisionaries. For more options, visit https://groups.google.com/d/optout.
