I got a call last night from a quite elderly neighbor that is fairly certain he has a computer virus, or at least malware of some sort. Apparently the genesis of his concern relates to email (he has both Yahoo and Gmail accounts). I suppose he could have picked up some critter via Flash or been spoofed in some way…

What I would like to do is to run some app, test, or such that actually indicates what, if any, cretans exist on his machine (and to relieve his anxiety).

I haven't yet seen the machine, or know the detail what exactly prompted him to come to the conclusion he did. That, I'll know later today.

For starters, I'm thinking of installing & running ClamXav.

But, what do you suggest as my first step?

> But, what do you suggest as my first step?

Finding out and posting the precise symptoms that have led him to believe his Mac has got a virus.

I'm with Artie, because a good symptom description could point toward the cause of the problem (not necessarily malware related), and suggest a specific anti-malware utility if indicated.

Likewise, installing & running ClamXav won't hurt, but as I don't know what's included in its signature database (it's searchable, but a simple listing of Mac OS X malware included—86 items at a recent count—is notoriously hard to find), I can't say anything about efficacy.

That said, does your neighbor maintain backups for his critical data? Is his software (Mac OS X, apps etc.) up to date? If not, that could be a problem when dealing with a real malware issue.

Many thanks guys. I'll update this thread after my visit later today.

Yesterday, I visited my elderly neighbor and his 21” iMac, 3.06, C2D, 4 GB RAM, 10.6.8…

What my neighbor feared was a virus, was only a plethora of spam. He will be on travel for the next 10 days, so there is a bit of time before my next visit.

1. While he does not have a virus, he does have MacKeeper installed (and the genesis of his spam?). As I understand it, it is malware and should be removed. To wit, there seem to be many opinions on the web re the best technique for doing so. But from my trusted colleagues who have actually done so, what do you recommend?

2. He uses Yahoo (POP) -> Apple Mail for his email. Assuming that it is easily done, can I/should I convert his POP to IMAP? If so, how?

2. On my next visit, I hope to update his operating system (he hasn’t updated anything in over 3 years). It may be worth noting that he mainly uses his computer for email and surfing. What OS do you recommend?

TIA

Mackeeper is apparently about as easy to get rid of as burning napalm but you will find the official Mackeeper removal instructions here. the Apple discussions thread on it is here, and the MacExpert Guide version is here. Good luck on that project!

Yahoo Mail IMAP setup information can be found here.

As to what OS, IMO he would be better served by a version that is currently supported and likely to remain so for the next few years. Mountain Lion comes to my mind, but then I am a chronic early adopter which colors my opinion. I am awaiting Maverick with bated breath.

Thanks for the links & suggestions, joemikeb.

Presently, my plan of attack:
1. Remove MacKeeper
2. Upgrade the system to Mt. Lion, run DiskWarrior and do some general cleanup.
3. As the user has vision problems, change the settings/preferences so that most everything is larger (especially text).
4. After my neighbor has used Mt. Lion for a few weeks and I have a verified backup of his email (addresses, Inbox, Sent folder, etc.), I'll consider migrating his POP account to IMAP. [I am absolutely terrified that I'll mess that up. And he loves it so. It is how he connects with the world.]

Sounds like a good plan to me.

There are several features to aid visually impaired persons found in System Preferences > Accessibility. You might go over them with your friend. He may love them or they may drive him crazy but at least he will know they are there.

Switching to IMAP is not that hard, but I seem to recall you have to have a PAID yahoo mail account to use it, but I can't verify that.

we get that a lot, users checking in machines that they think have a virus. very important to get symptoms when checking those in. "can't go to thisurl.com", "home page has change", "mail is crashing", silly things like that.

and yes, nuke mackeeper on sight.