The best spyware/malware detection and removal solution in 2014?

I have had this problem as well. It started in the last week. Yesterday, I clicked on a bookmark for a mainstream news site and was taken to an on-line retailer I've never heard of. The day before I got a suspicious email from a bank. I am using an iMac, OSX Mountain Lion 10.8.5.

Today (01/05/14) there was an article on CNN about a Yahoo "exploit kit" malware that has begun to show up on computers. I posted a question asking whether macs are vulnerable, and your question came up under the "More Like This" side panel.

99.99% of malware is completely hidden from sight. Malware authors aren't interested in having their exploits detected by suspicious users. While malware can't be entirely ruled out in your case, you are probably experiencing some kind of software or hardware problem (maybe the GPU.)

Using a constantly on AV program runs the risk of slowing down your Mac, or creating other issues. In addition, no AV program can identify an infection that hasn't yet been catalogued, and most AV programs use heuristics--in plain talk they are making educated guesses, which often lead to false positives. You may still want to run some kind of AV. The best bet out there is probably Sophos, or VirusBarrier Express (scans only manually and makes no system modifications. MacKeeper is total garbage. Although it does now use a respectable AV program, Avira, you could run that without buying the whole package.

ClamXav is a decent program run by a developer with considerable integrity, but it has fallen way behind in its detection rate. And MacScan is pathetic at identifying malware. But is the best at finding known keyloggers. And as far as I know, most if not all of those will have needed to be installed with physical access to the Mac.

Here's a good read on this subject.

http://www.thesafemac.com/mmg-antivirus/

judahman wrote:

Lately I keep get odd little blips on my Mac screen when I open apps and or use various browsers. I uspect that spyware or some other malware somehow has been installed on my machine. I have since installed highly recommended always-on security apps like Avast and Avira and Kasperski for live filtering (thinking that what one does not catch another will) along run-only-on-command apps like BitDefender and ClamX (each catches items the other misses).

None of the A-V apps that you have mentioned are designed to find Spyware. The only one that does is MacScan which is known to have false alarms (make sure whatever it finds is actually what it says) and terrible at detecting any form of OS X malware. That's because any Spyware on your Mac must be installed using physical access to your computer or you approved shared access to it over your network. The only "Spyware" available for Macs is commercial or hack software installed for some purpose, not malware.

Chances are, whatever you have found so far is Windows only malware.

Lourufmom wrote:

I have had this problem as well. It started in the last week. Yesterday, I clicked on a bookmark for a mainstream news site and was taken to an on-line retailer I've never heard of.

You may have accidently installed an extension on your browser that is causing this. See When I try to visit a web site, I get redirected to a different site!.

The day before I got a suspicious email from a bank.

That's probably a phishing attempt. All of us get those, sometimes ever day.

Today (01/05/14) there was an article on CNN about a Yahoo "exploit kit" malware that has begun to show up on computers. I posted a question asking whether macs are vulnerable, and your question came up under the "More Like This" side panel.

Had not heard about that one, more than 99 out of 100 are Windows only. Mac market share still isn't at a level to make OS X exploitation worth the time and money to exploit. If I find more info I'll let you know.

I read your links and found them helpful. I'll be working through them tomorrow when I have access to another computer.

I turned off the "allow extensions" in Safari Preferences. This might also help me with the local newspaper that redirects to car dealership ads.

This phishing attempt made me suspicious because it appeared to be from our bank. I double deleted it and did not open it. I'll just monitor this.

Thanks.

Lourufmom wrote:

This phishing attempt made me suspicious because it appeared to be from our bank. I double deleted it and did not open it.

There is no currently known malware that can impact OS X by simply reading an e-mail. You would have to click a link or open an attachment for anything to happen.

To check any Hyperlink in a message, hover your cursor over the underlined link and a "tooltip" will show up giving you the actual URL that you will be taken to if you click on it. As long as the last two fields match the bank's web site, it's legit (e.g. wellsfargo.com) but watch out for spelling changes (e.g. we11sf@rgo.com). Whenever you concerned that a bank notice may not be quite right, log onto the bank site manually or give them a phone call to check out the details of your e-mail.

Well, I've give you about two responses which I suspect is about all you are going to get with such sketchy information. Blips? The only thing you have asked is for is a Spyware/Malware detection and removal solution to remove blips and I've told you that there isn't such a thing. Surely you have some additional indications of issues.

There have been a couple of independent reviews of malware detectors if you care to look them over:

Security Spread.

TheSafeMac Mac anti-virus testing, part 2.

How about running EtreCheck and posting the results so we can learn a bit about what you have installed.

If you want to continue to receive help from me, please refrain from such inflammatory statements and ignore whatever is of no help to you. We have hosts in the forum who will enforce any rules that need to be of concern here.

Hi. I'm not posting any of this to inflame.

If I'm reading this right you have Avast, Avira, Kapersky, BitDefender and ClamX installed all at the same time?

Back in the day I'm sure I read that it was a bad idea to have too many AV packages installed together - could be wrong tho.

Can you be more descriptive about the blips?

gumsie wrote:

If I'm reading this right you have Avast, Avira, Kapersky, BitDefender and ClamX installed all at the same time?

Back in the day I'm sure I read that it was a bad idea to have too many AV packages installed together

That still holds true to some extent in two areas.

Some A-V software will detect the signature database of others as being an infection. That has mostly gone away now by encrypting the database, but we still see it once in a while. It can be worked around by excluding competing databases from being watched or scanned.

Having real time / on access detections turned on with more than one package will often cause issues in who gets to scan a new file first. It gets especially bad when downloaded large files as each will try to grab the current segment without waiting for the entire download to finish. As long as only one scanner is active at any one time, there should not be any issues in having multiple packages installed. I personally have five, but none are active except when used for testing.

In reality then probably not an issue.

Be interested to find out about this root level detection/removal that's being asked about.

judahman wrote:

Lately I keep get odd little blips on my Mac screen when I open apps and or use various browsers. I uspect that spyware or some other malware somehow has been installed on my machine.

The second statement doesn't logically follow the first.

If you're having trouble, please describe it in more detail. "Little blips" is vague.

Whatever problem exists will only be exacerbated by installing "anti-virus" junk. Get rid of the "highly recommended always-on security apps like Avast and Avira and Kasperski" and fix the problem. Your Mac cannot function as designed with that worthless garbage installed.

MadMacs0 wrote:

How about running EtreCheck and posting the results so we can learn a bit about what you have installed.

Start with that.

There is no software that can remove all spyware. If you suspect that someone has had physical access to your machine, they may have installed any number of legit things that would help them spy on you, and wouldn't be detected by any security software. They could even have used built-in functionality provided by your system to do that.

If you suspect your machine has been hacked by someone with physical access, there is only one possible response: nuke and pave. (Or, in other words, erase the hard drive and install a fresh system.) See:

How to reinstall Mac OS X from scratch

To secure your computer from such attacks in the future, you should turn on FileVault, use a firmware password and make sure your user account password is extremely secure. Even this would not protect you against modification of your hardware, although that's not something that is going to happen realistically speaking.

Regarding protection against malware, that's not too difficult. See my Mac Malware Guide.

Finally, note that the symptoms you have described would seem to me to be more indicative of a hardware issue than with malware. Nothing you have described is at all suspicious as a symptom of malware.