Click on screenshot to zoom
Danger level 9
Type: Rogue Anti-Spyware

Mac Security

Despite the famous claim that Mac OS are resistant to malware, here comes Mac Security – a fake antispyware program which appeared in early May. This software is distributed using the tactics called “blackhat SEO”. It means that the creators of Mac Security use the most popular search trends in their hacked sites, to make them appear at the top of result list. Therefore, if a user searches for something as simple as “Father’s Day” on Google Images, there might be images appearing in the results, which links the user to a hacked site, no matter whether his operating system is Mac OS X or Windows.

Just like that, the next second the user faces a fake online malware scanner which indicates there are errors in the computer and performs system “scan”. After the scan Mac Security is downloaded automatically whether the user likes it or not. Upon the installation this program performs changes in the operating system so that Mac Security would load every single time the user boots the Mac.

When Mac Security turns on, it fakes a system scan again and insists that there are many malware infected files which need to be fixed. But the rogue does not allow removing the threats, because it wants the user to pay for the license. The Control Center window also indicates the security status as “At Risk”, saying “Unfortunately, your computer is infected”.

Mac Security is a program which is very hard to close unless the user uses Activity Monitor to terminate the process. Otherwise it might be impossible to remove this malware from the computer.

There is a list of fake security notifications which should be ignored as well as the scan results. These messages are as follows:

Virus Found
Infected file detected:
Virus: Spyware
File: Terminal

Unregistered Copy
Sorry, the copy of your program is unregistered. Register to have an ability to cleanup your system.

Virus Found
Infected file detected:
Virus: Malware
File: SelfTest.dist

The system is infected
Your system is infected. It's highly recommended to cleanup your system to protect critical information like credit card numbers, etc.

Even if the user ignores these messages and the scan results, Mac Security has a way to force him into paying for the program. This program is able to launch the web browser automatically and load various pornographic sites. This way Mac Security terrorizes the user trying to make him think that there is no other way out of this situation, except for paying full price for the program. However, nothing good can come out of purchasing this application and the user must remove Mac Security together with all of its related files.

Mac Security Manual Removal

1. If you think you might have difficulties following these instructions from your computer’s screen, print them out.
2. Close Mac Security window by clicking on the red close button at the left top of the screen.
3. Now select Finder by clicking on your desktop. When you do that, click “Go” and choose “Utilities”.
4. Now you should see the “Utilities” folder in your screen. Double-click on the Activity Monitor.
5. When the Activity Monitor is displayed, you can find the MacSecurity process in the li st of programs that are running. Select MacSecurity process and click the “Quit Process” button. Once you are asked whether you really want to terminate the process, click on “Force Quit”. Now close the Activity Monitor.
6. With the Finder still open, click on Go again and now select Applications. When the folder opens, find MacSecurity among the list of programs displayed. Right-click on it and select “Move to Trash” from the menu. Mac OS might ask for your password, so you need to enter it too. MacSecurity will be deleted from the system.
7. From there, you need to click on Apple Menu and choose the System Preferences. When the screen loads, under System category select Accounts. Once that screen opens, you need to click on Login Items button. Yet another screen will open and you will see a list of programs which are set to start automatically. When you find the MacSecurity entry, you need to single-click on it and then click on the minus (-) sign button bellow the list of the programs. This will stop Mac Security from loading every single time to load your computer.
8. Now you need to change your Safari settings so that it would not load Mac Security any more. Open Safari program and click on the menu. Choose “Preferences” from the menu list and another menu will be opened. You should now be on the “General” settings screen. You need to uncheck the box which says “Open “Safe” files after downloading”. Once you do that, close the Preferences screen and Safari program.

After performing these steps, Mac Security should be deleted from your computer.

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.