Thank you Julie, That is good feedback from someone who has experienced this. I will have to give this some serious thought now !
On 25 Feb 2014, at 10:35 pm, Julie Bedford <jew...@iinet.net.au> wrote: > Stephen, > Just jumping in here. I have the latest Virus Barrier which has so far > caused me a pain and now I am unable to open Safari at all. > I am not sure if I uninstall Virus Barrier it will make any difference. I > would personally not recommend this program. I am on OS 10.7.5 > > Jewels > On 25/02/2014, at 9:54 PM, Stephen Chape wrote: > >> Flaming amazing isn’t it. >> You pay for the reputed good quality product. >> Then find that the free one does more (or so it seems). >> Do you have the latest version of Virus Barrier Severin ? >> >> On 25 Feb 2014, at 2:21 pm, Severin Crisp <sevcr...@westnet.com.au> wrote: >> >>> Following Reg’s comments I downloaded ClamXav and checked my hard drive, >>> which is protected by Intego Virus Barrier etc. Lo and behold, a list of >>> about 15 nasties came up, all Windows like and all related to unopened >>> attachments on filed emails. >>> Thanks Reg, a bit of housekeeping called for! >>> Severin Crisp >>> On 25 Feb 2014, at 9:22 am, Reg Whitely <rwhit...@internode.on.net> wrote: >>> >>>> Hi all >>>> >>>> I've renamed this email to reflect its discussion contents. >>>> >>>> After a considerable length of time (especially as the MBP went to sleep >>>> overnight and interrupted the scan, this is what my clamXav found today: >>>> three files quarantined. >>>> >>>> One is a .dmg from my Downloads folder. Don't know what it was for but >>>> ClamXav identified it as Osx.Trojan.Genieo >>>> The second is a Windows-type .exe file (Win.Trojan.6968321) from my >>>> Library/App Support/Wine/ folder which does "heaven-knows-what". >>>> The third was in my Mail inbox. an .emlx file, identified as >>>> Heuristics.Phishing.Email.SpoofedDomain >>>> >>>> The log suggests the last time I scanned was Jan 8th 2014, where I recall >>>> a similar number were found, including .exe files from my TomTom Home >>>> folder, presumably downloaded when I last updated my TomTom gps. >>>> >>>> What does this all suggest? I'm not sure really. >>>> >>>> The .dmg trojan is a little worrying. You can read about it here >>>> http://www.protectmac.com/support/malware.html (my Google search) and >>>> clicking on the Osx.Trojan.Genieo link. Quote in part: >>>> "OSX.Genieo is an Adware Trojan that pretends to be a Flash Player update. >>>> The software uses the (legitimate) Genieo* engine to customise the user's >>>> web browser to display adware, redirect Internet searches that the user >>>> has made via Google and Yahoo and gather and report analytical information >>>> about the user's computer and Internet usage. While browsing the Internet >>>> users will see a Flash Player alert on websites containing the threat, the >>>> alerts are triggered by JavaScript within the web page." >>>> >>>> The Trojan.6968321 is .exe so cannot affect OS X but I can't find out much >>>> more about it, searching the web. >>>> >>>> The Mail Heuristics.Phishing.Email.SpoofedDomain >>>> https://discussions.apple.com/thread/3916707 generates interesting >>>> discussion here https://discussions.apple.com/thread/3916707, with a >>>> caution of the risk of clamXav shifting things out of Mail folders, >>>> however as this is a message, I see no problem deleting it. >>>> >>>> Here are the details of the scan, for your interest. >>>> >>>> Regards, Reg >>>> >>>> ----------- SCAN SUMMARY ----------- >>>> Known viruses: 3131695 >>>> Engine version: 0.97.5 >>>> Scanned directories: 150953 >>>> Scanned files: 523033 >>>> Infected files: 3 >>>> Total errors: 109 >>>> Data scanned: 246386.79 MB >>>> Data read: 379118.09 MB (ratio 0.65:1) >>>> Time: 44540.014 sec (742 m 20 s) >>>> >>>> One or more infected files were found and were moved into your quarantine >>>> folder. >>>> >>>> Filename Infection Name Status >>>> igPT0upO.dmg.part Osx.Trojan.Genieo Quarantined >>>> reader_sl.exe Win.Trojan.6968321 Quarantined >>>> 35571.emlx Heuristics.Phishing.Email.SpoofedDomain Quarantined >>>> >>>> /Users/Reg/Downloads/igPT0upO.dmg.part: moved to >>>> '/Users/Reg/Documents/ClamXav Qurarantine Files/igPT0upO.dmg.part' >>>> >>>> /Users/Reg/Library/Application >>>> Support/Wine/prefixes/QuestAtlantis/drive_c/Program Files/Adobe/Reader >>>> 9.0/Reader/reader_sl.exe: moved to '/Users/Reg/Documents/ClamXav >>>> Qurarantine Files/reader_sl.exe' >>>> >>>> /Users/Reg/Library/Mail/V2/pop-rwhit...@internode.on.net@mail.internode.on.net/INBOX.mbox/5C79EA5D-E978-473A-A3EE-FEE97ACB8CD2/Data/5/3/Messages/35571.emlx: >>>> moved to '/Users/Reg/Documents/ClamXav Qurarantine Files/35571.emlx' >>>> On 24 Feb 2014, at 7:52 pm, Reg Whitely <rwhit...@internode.on.net> wrote: >>>> >>>>> Hi all >>>>> >>>>> I cannot comment on Virus Barrier but have used ClamXav for many years >>>>> http://www.clamxav.com/ as good quality free virus protection, and I >>>>> think it is great. Indeed I wold recommend it. >>>>> >>>>> It's not set on my MacBook Pro to automatically check and scan for >>>>> viruses etc but when I release it to do its thing it does it well, as far >>>>> as I'm concerned. Generally it will locate random .exe files that have >>>>> been downloaded from such trustworthy folk as TomTom (my sat nav crew) >>>>> but sometimes it finds other things. I'll let it loose tonight and tell >>>>> you what it finds; maybe interesting after our recent trip to Hong Kong >>>>> and China. >>>>> >>>>> Regards, Reg >>>>> >>>>> On 24 Feb 2014, at 4:53 pm, Ronda Brown <ro...@mac.com> wrote: >>>> >>>> Reg Whitely >>>> >>>> Home: 08 9921 7272 >>>> Mob: 04 8899 7313 >>>> Email: rwhit...@internode.on.net >>>> >>>> -- The WA Macintosh User Group Mailing List -- >>>> Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> >>>> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> >>>> Settings & Unsubscribe - >>>> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug> >>> >>> ____________________________________________________ >>> >>> Assoc Prof R Severin Crisp, FAIP, FIP, CPhys >>> 15 Thomas St, Mount Clarence, Albany, 6330, Western Australia >>> ph (08) 9842 1950 ( Int'l +61 8 9842 1950) >>> mail to: sevcr...@westnet.com.au >>> ____________________________________________________ >>> >>> >>> >>> -- The WA Macintosh User Group Mailing List -- >>> Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> >>> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> >>> Settings & Unsubscribe - >>> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug> >> >> >> Regards, >> Stephen Chape >> >> Mac by choice >> Windows because my employer knew no better >> >> -- The WA Macintosh User Group Mailing List -- >> Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> >> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> >> Settings & Unsubscribe - >> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug> > > -- The WA Macintosh User Group Mailing List -- > Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> > Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> > Settings & Unsubscribe - > <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug> Regards, Stephen Chape Mac by choice Windows because my employer knew no better
-- The WA Macintosh User Group Mailing List -- Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> Settings & Unsubscribe - <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>