News:

Welcome Back to the MenWithFibro Forums
It does not matter the name, We all have the same symptoms.
We are THE ORIGINAL
"MenWithFibro"

Main Menu

ShoutBox! For quick short shout outs to other members. For introductions, questions or comments please post in the proper sections of the forum.

2023 Nov 18 19:10:11
ronr: Sorry folks but we have to move again.  Finances is the major reason and but the new hosting service is kicking back tons of errors and things just aren't work well!  I cleaned out the shoutbox just so that the changes messages will stand out better!

2023 Nov 18 19:06:32
ronr: Facebook does not allow nearly the amount of privacy and they search for people and groups thatdon't follow their guidelines.

2023 Nov 13 19:25:44
ronr: This link is an invitation for those that would like to follow us! https://discord.gg/WYfQM3TW

2023 Nov 13 19:25:04
ronr: Discord is new to most of us but there is a GREAT DEAL of privacy there.  You need to be invited to even see our page.  Download of the app is easy and there are plenty of directions

Macbook pro woe....

Started by looneylane, September 02, 2015, 02:33:00 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

looneylane

Ok my MacBook pro has begun to not only run slow it locks up constantly now. I suspect malware or some such thing but do not know for sure. I loaded utorrent and its gotten worse. Anyone here mac savvy who knows how to diagnose as I have run Sophos anti virus with no hits?

foxgrove

Oh brother!!!  Before I get into what is possible, take a look here and see if you are infected or not: http://www.reedcorner.net/mmg-infected/

Apple has been very lax on it's security due to it's low footprint in the computing world, mostly depending on the fact that it's a Linux derivative.  Unfortunately, there is a new severe hardware flaw found a couple of months ago called the Dark Jedi attack that might be causing your issue.  Here's the skinny on it from one of the experts:

Chris Williams for the Register warns: Mac fans! Don't run any old guff from the web: Malware now spotted exploiting OS X root bug. While several security bloggers have avoided publicizing  the Register article includes a pointer to the Esser article including original PoC code. Well, I suppose we can assume that security through obscurity was never going to save anyone's Mac in this case. :(   
https://macviruscom.wordpress.com/


Here's the technical details:
http://www.zdnet.com/article/symantec-confirms-existence-of-unpatched-rootkit-apple-mac-security-flaw/
http://www.theregister.co.uk/2015/06/01/apple_suspend_bug_0day/

There's another one called Thunderstrike and it's newest big brother, Thunderstrike 2 that attack the hardware vulnerabilities in the Thunderport of your computer.  It's another one that I have no idea if there is software out there to detect it or not... https://nakedsecurity.sophos.com/2015/01/09/thunderstrike-new-mac-ueberrootkit-could-own-your-apple-forever%E2%80%8F/

There are a few basic sources for Apple malware that I have found: 
http://www.reedcorner.net/mmg/ (best)
https://nakedsecurity.sophos.com
https://macviruscom.wordpress.com/

As to getting rid of it... is the Sophos version you have the boot disc?  If not, you should download and create it asap: https://www.sophos.com/en-us/support/knowledgebase/52011.aspx

I also found http://rkhunter.sourceforge.net/ which purports to dig out rootkits... Well worth trying it out.
Where God leads, His hand always provides
...so keep Calm and code on....

Foxgrove

Tay


Looney I had UTorrent already, but got a message to update.  It caused me heaps of problems, even with my anti virus as well.  Might be a bug in it!!

I was able to finally delete it from my computer.  I have all my clients work on this computer, and always back up, but....it really gave me a scare.

Good luck and hope it clears soon.

Tay

looneylane

I have all my research and assignments on it so I am trying to upload them to dropbox to keep them safe but it keeps locking up. Thanks Fox will check them out!  :biggrin: :biggrin: Thanks Tay working on saving my files right now so I don't have to fight to redo it all.

foxgrove

#4
At this point, if you have a copy of Hirens boot CD, boot your system from it and dump all your data.  If not, I can coach you how to create one if you'd like.  It allows you to run Windows from a CD/DVD so it's a clean environment.  If you want to give it a try, drop me a PM and we'll go from there.

PS.. If you ever get update notices, a more secure method is to go to the website through your browser instead of clicking the OK button and download the newer version or update directly from the company's website.  Clicking on a box that seems to be from the program has now become a dangerous thing to do.  I know what a pain that makes upkeep but it's seeming to become the new have-to scheme if you want to avoid malware.

Sad ain't it!!!

Where God leads, His hand always provides
...so keep Calm and code on....

Foxgrove

SMF spam blocked by CleanTalk