11 Replies Latest reply: Sep 6, 2013 11:12 PM by MadMacs0
tony1993 Level 1 (0 points)

Hi there

 

I got an email telling me that my mac had malware - i'm not sure how to check for it - can anyone help ??

  • etresoft Level 7 (27,786 points)

    Run Software Update.

  • Linc Davis Level 10 (192,265 points)

    Who sent this email? What did it tell you to do?

  • MrHoffman Level 6 (14,762 points)

    And in general, don't believe everything you read.

     

    Various email being forwarded around in recent years is expressly written to cause the reader to download and install malware.  There are various ways that this social engineering works, whether by getting you to run an included tool, or go to a web site to install a tool, or otherwise.

     

    Various web sites too are designed to convince you to install something - a video player or CODEC is a common choice - that's actually malware.  In general, don't.

     

    Rule of thumb: If you didn't go looking for (whatever) yourself, then do not install (whatever).

     

    And yes, run Software Update regularly; that keeps OS X current.  Also keep all of your local add-on software current.  In particular, keep your Adobe Flash Player current; there was an Adobe update a few days ago.  (Or you can choose to remove Flash Player, if you're not using it.)  To get the current Flash Player, go directly to the Adobe web site, and download the update from there.

  • tony1993 Level 1 (0 points)

    Thanks for your responses,however I'm sure I have something on my computer- I keep getting redirected to other websites, unknown to me .

     

    Are there any system checks that i can make to ensure i haven't been infected.

     

    I've been doing some research and apparantly it is a growing issue on macs.

    I am running version 10.6.2- not too sure what to do.

     

    Thanks so much

  • MrHoffman Level 6 (14,762 points)

    In simplest terms:

     

    Run Software Update.

     

    To run software update:

     

     > Software Update

     

    This will bring you to 10.6.8, and will load the updated Java, and will load a variety of other security patches and updates that have arrived since 10.6.2 shipped.

     

    Then enable automatic software updates, and follow a practice of more quickly installing updates:

     

    System Preferences.app > Software Update > Scheduled Check > (at least Weekly, maybe Daily)

     

    Then visit the Adobe web site, and download and install the current Adobe Flash Player software, and enable automatic updates within that tool; there's a System Preferences.app entry for Flash Player in recent versions of that tool, but I don't recall the details of enabling automatic updates off-hand.  Or use the Adobe-provided deinstallation tool to wholly remove the Flash Player package from your system.

     

    If you have been downloading and authenticating random other stuff (and if moving to 10.6.8 and invoking the tools that remove the most recent round of malware cruft doesn't resolve the issues), then create an external backup or two using your installation DVD and the Disk Utility tool, wipe your curent disk, and reinstall OS X, and migrate in your data from the old copy.  Or (given I can infer you're not particularly familiar with this stuff) work with somebody that's more familiar with avoiding and removing malware and with securing an OS X system.

  • WZZZ Level 6 (12,845 points)

    Besides running Software Update, scan your Mac for the DNSChanger Trojan using the tool from SecureMac.com.

     

    Also, switch DNS servers to OpenDNS. They are patched against DNS poisoning, which would redirect you to sites in the fashion you have described. They will also likely be faster than the ones you are currently using.

     

    In System Preferences>Network, enter these numbers in Advanced>DNS for the interface you use, e.g. Airport or Ethernet and hit Apply.

     

    208.67.222.222

     

    208.67.222.220

     

    Then go here to check it is working,

     

    http://www.opendns.com/welcome/

  • SarahJ82 Level 1 (0 points)

    So I'm seeking some advice on my situation.  Running MacBook on OS 10.5.8. Just ran software update so I'm all up to speed there.  I don't have a malware scanning program or virus scan or anything.  I tried Apples suggestions for removing malware by going into Activity Monitor, but none of their suggested malware app names are there. 

     

    The reason I'm doing all this is because none of my browsers will open common sites like google, gmail, or Facebook. They will load other sites, but usually only the first page. 

     

    Help?  Please? 

  • MrHoffman Level 6 (14,762 points)

    1: You're on a very old version of OS X, and an upgrade to 10.6 or 10.7 would usually be appropriate, if your particular Mac supports that.  If your hardware is running 10.5, it's probably too old to run 10.8; the current version.  Apple has fixed a whole lot since 10.5, and has added anti-malware features.

     

    2: When troubleshooting, please avoid assumptions, such as your very obvious assumption of malware.  Assumptions lead you astray.  Rather, please gather some details and some data.  Please check logs.  Please test a theory or a change.  Work toward a resolution.   Sure, this might be malware.  Or not.

     

    This misbehavior might be something else entirely and not malware, like an old and tired Mac that's got a software or hardware problem.  What you are reporting here could be a network problem with your Mac network hardware, could be an unrelated hardware or software problem or corruption, or with your local connection or WiFi, or with your ISP, too.  Depending on exactly what's going on, some sort of WiFi interference might be possible cause.  Or yes, this could be malware.

     

    If this weirdness is effecting multiple web browsers, then a network error or corruption seems feasible; something common to those tools.

     

    To start with, ensure you have a complete and full external backup of all of your data.  Whether this Mac is failing or whether it's infested with some malware, having a backup of your data can be a central part of the recovery.  I'd usually use an external USB disk and your installer DVD here, and make an external (and bootable) copy of your disk.

     

    Sorting this out will probably be an iterative process; various tests and checks.

     

    Create a wholly new user login ( > System Preferences... > Users and Groups > + to add a new and separate login) and log into that.  See if you have the same issues in that login.

     

    Are you having network issues with other network-using tools?  Mail, for instance?

     

    Are you having similar issues with other computers on the same (WiFi?) network?

     

    Is there anything interesting or relevant being logged in the Console.app tool?  (Applications > Utilities)  This tool can and usually will be filled with cryptic and variously nasty-looking messages in the best of cases, so don't read too much into what some of the messages are starting.

  • WZZZ Level 6 (12,845 points)

    See my post just above for entering the numbers for OpenDNS. See if that makes a difference.

  • jeremy288 Level 1 (0 points)

    Wow, no-one on here will simply answer the question.... the post says "i am concerned, how do i scan for bad things" ... it does not say "please tell me how to do everything except what i asked... can you guys read?

     

     

    So to answer the question, there are many antivirus tools for mac and many of the main well known AV companies now make products for macs, so download and do a full sweep with a trusted tool.

     

    I have the same problem as you with some websites being re-directed so today i will do a full scan with ClamAv.

     

    I hope this helps.

  • MadMacs0 Level 5 (4,722 points)

    I just noticed this posting is from May 2012, so I'll withdraw my post.