Some ISPs monitor for what they consider to be suspicious network packets coming from all their various customers' IP addresses. Such things usually are very Windows-oriented, and tend to have a higher false positive rate when the customer is using a Mac. It may simply be nothing at all.
However, it couldn't hurt to do a scan. I would not recommend iAntivirus, though. Get a copy of ClamXav:
Also, I would highly recommend reading my Mac Malware Guide:
(Note that my pages contain links to other pages that promote my services, and this should not be taken as an endorsement of my services by Apple.)
Information on DNSChanger can be found here:
I believe ClamXav will get rid of it for you, and it's free.
1. DNSchangrs work only on windows XP they do what they say changer the DNS servers address on YOUR PC - Hijack your Web browser and point you at shadow sites, there aim is to steal your credit card and bank details.
They are often disguised in **** downloads *(that's the Trojan bit and they change the DNS numbers by running an secret .exe script)
That .exe script will NOT work within OSx period.
2. This year there Has been several versions of the SAME Trojan discovered in the wild directly targeting OSx.
Provided you are running the latest 10.6 or 10.7 - Apple has provided a builtin security and removal tool that is updated daily in the background that hunts down and searches for these Trojans using identifiers, notifies You and removes them automatically !
3. It might look legit but scammers are devious.
4. If you want to use added anti virus (remembering that there are NO viruses but several Trojans) look at something simple and preferably FREE or at least from a reputable company that understands Mac such as Integro.
Norton does bad things itself !
Also you might want to monitor ALL internet traffic to and from your machine.
There is a little app that does this VERY WELL called
Visit this web site for details
These are specific Mac Products !
As I said I think that e-mail is a scam its self.
1- Not quite true. There actually is a DNS Changer Trojan for Macs, called RSPlug. It hasn't been seen AFAIK for a while, though.
2- Apple's AV software built into Mac OS X 10.6-10.7 is not an active scanner. It will not "hunt down" or remove malware, it only prevents new malware from being installed at the time it is first opened after downloading, and only if it was downloaded using Quarantine-aware software.
All this is described in greater detail in mu guide.
My isp has sent an email indicating I have a 2 trojans and a dnschanger resulting in spam being sent out?
How are you coming with this?
SecureMac, makers of MacScan provided a free DNSChanger removal tool here. It hasn't been updated since 2008, so I don't know if it finds all versions.
Hi, thank you for the suggestions. So far it seems clamxav has found about 30 Trojans.
Do these need to be manually removed or quarantined?
As long as none of them were labled "OSX" Trojans, move them directly to the trash. If any are OSX let us know.
If you also found any emails (not attachments) that were marked as infected, DO NOT move them either to quarantine or the trash. Let me know and I'll tell you what to do with those.