Malware detection

Hi Jack,

From the MacScan site: MacScan detects, isolates, and removes as well as notifing you of any spyware applications that may be active. MacScan also audits and protects your system from remote administrative programs that may have inadvertently been left on or installed.

If you do not open e-mail from sources you are not familiar with, then your system is vulnerable from that aspect. MacScan scans the drive and eradicates malware BEFORE it can do any damage.

Search these forums for MacScan.. read for yourself.

MacWorld.com is a great site to find reviews for software:
http://www.macworld.com/search.html?cx=003198751674731024891%3Aovffo1orlum&q=mac scan&sa=search&client=idg-cse&cof=FORID%3A11







Carolyn 🙂

Many of those, especially the ones that pop up in your browser, are scams. The innocuous ones just want your $$; the real nasties want your $$ and will also infect your computer!

I don't know if you're aware of the difference between viruses and trojans.

Viruses get onto a computer, usually via email or attachments, and send themselves to other computers, usually via your address book, +without any action on your part+. That's why PC users are so terrified of them.

But there aren't any viruses -- none, zip, zero, zilch -- known for Macs. Your Mac can, of course, get PC viruses and pass them on to PC users if you forward the infected item, without harming your Mac. Thus many Mac users run anti-virus software. A free one, that gets good reviews here, is ClamXav, available from VersionTracker.

Trojans, on the other hand, +do require some action on your part+. Many appear with torrent apps, or pirated software (a bit of poetic justice?). But you have to supply your Administrator's password to load and/or run them.

So first, avoid torrents, P2P apps, etc.; and don't steal software.

Second, don't download or run anything from a source you don't have good reason to trust.

Third, be sure your browser's security is set. For Safari, in Preferences, be sure Warn when visiting a fraudulent web site is checked. On Firefox, Preferences, Security, check the first three options.

You really shouldn't be too worried on a Mac. If you do have a questionable file, you can scan it with ClamXav before you open it.

http://www.clamxav.com/

No viruses that can attack OS X have so far been detected 'in the wild', i.e. in anything other than laboratory conditions.

It is possible, however, to pass on a Windows virus to another Windows user, for example through an email attachment. To prevent this all you need is the free anti-virus utility ClamXav, which you can download from:

http://www.clamxav.com/

However, the appearance of Trojans and other malware that can possibly infect a Mac seems to be growing, but is a completely different issue to viruses.

If you allow a Trojan to be installed, the user's DNS records can be modified, redirecting incoming internet traffic through the attacker's servers, where it can be hijacked and injected with malicious websites and pornographic advertisements. The trojan also installs a watchdog process that ensures the victim's (that's you!) DNS records stay modified on a minute-by-minute basis.

SecureMac has introduced a free Trojan Detection Tool for Mac OS X. It's available here:

http://macscan.securemac.com/

The DNSChanger Removal Tool detects and removes spyware targeting Mac OS X and allows users to check to see if the trojan has been installed on their computer; if it has, the software helps to identify and remove the offending file. After a system reboot, the users' DNS records will be repaired.

(Note that a 30 day trial version of MacScan can be downloaded free of charge from:

http://macscan.securemac.com/buy/

and this can perform a complete scan of your entire hard disk. After 30 days the cost is $29.99. The full version permits you to scan selected files and folders only, as well as the entire hard disk.)

A white paper has recently been published on the subject of Trojans by SubRosaSoft, available here:

http://www.macforensicslab.com/ProductsAndServices/index.php?mainpage=document_general_info&cPath=11&productsid=174

Also, beware of MacSweeper:

MacSweeper is malware that misleads users by exaggerating reports about spyware, adware or viruses on their computer. It is the first known "rogue" application for the Mac OS X operating system. The software was discovered by F-Secure, a Finland based computer security software company on January 17, 2008

http://en.wikipedia.org/wiki/MacSweeper

On June 23, 2008 this news reached Mac users:

http://www.theregister.co.uk/2008/06/23/mac_trojan/

More information on Mac security can be found here:

http://macscan.securemac.com/

The MacScan application can be downloaded from here:

http://macscan.securemac.com/buy/

You can download a 30 day trail copy which enables you to do a full scan of your hard disk. After that it costs $29.95.

More on Trojans on the Mac here:

http://www.technewsworld.com/story/63574.html?welcome=1214487119

The latest news on the subject, from July 25, 2008, is:

Attack code that exploits flaws in the net's addressing system are starting to circulate online, say security experts.

The code could be a boon to phishing gangs who redirect web users to fake bank sites and steal login details.

In light of the news net firms are being urged to apply a fix for the loop-hole before attacks by hi-tech criminals become widespread.

Net security groups say there is anecdotal evidence that small scale attacks are already happening.

Further details here: http://news.bbc.co.uk/2/hi/technology/7525206.stm

A further recent development is the Koobface malware that can be picked up from Facebook (already a notorious site for malware), as reported here on December 9, 2008:

http://news.bbc.co.uk/newsbeat/hi/technology/newsid_7773000/7773340.stm

There may be other ways of guarding against Trojans, viruses and general malware affecting the Mac, and alternatives will probably appear in the future. In the meantime the advice is: be careful where you go on the web and what you download!