An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
How to test for Malware?
#27029 10/09/13 10:24 AM
Joined: Aug 2009
OP Offline

Joined: Aug 2009
I got a call last night from a quite elderly neighbor that is fairly certain he has a computer virus, or at least malware of some sort. Apparently the genesis of his concern relates to email (he has both Yahoo and Gmail accounts). I suppose he could have picked up some critter via Flash or been spoofed in some way…

What I would like to do is to run some app, test, or such that actually indicates what, if any, cretans exist on his machine (and to relieve his anxiety).

I haven't yet seen the machine, or know the detail what exactly prompted him to come to the conclusion he did. That, I'll know later today.

For starters, I'm thinking of installing & running ClamXav.

But, what do you suggest as my first step?



Harv
27" i7 iMac (10.13.6), iPhone Xs Max (12.1)

Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: How to test for Malware?
Pendragon #27030 10/09/13 10:55 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
> But, what do you suggest as my first step?

Finding out and posting the precise symptoms that have led him to believe his Mac has got a virus.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: How to test for Malware?
Pendragon #27031 10/09/13 03:25 PM
Joined: Aug 2009
Likes: 1
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 1
I'm with Artie, because a good symptom description could point toward the cause of the problem (not necessarily malware related), and suggest a specific anti-malware utility if indicated.

Likewise, installing & running ClamXav won't hurt, but as I don't know what's included in its signature database (it's searchable, but a simple listing of Mac OS X malware included—86 items at a recent count—is notoriously hard to find), I can't say anything about efficacy.

That said, does your neighbor maintain backups for his critical data? Is his software (Mac OS X, apps etc.) up to date? If not, that could be a problem when dealing with a real malware issue.


alternaut moderator
Re: How to test for Malware?
alternaut #27032 10/09/13 04:04 PM
Joined: Aug 2009
OP Offline

Joined: Aug 2009
Many thanks guys. I'll update this thread after my visit later today.


Harv
27" i7 iMac (10.13.6), iPhone Xs Max (12.1)

Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: How to test for Malware?
Pendragon #27034 10/10/13 01:30 PM
Joined: Aug 2009
OP Offline

Joined: Aug 2009
Yesterday, I visited my elderly neighbor and his 21” iMac, 3.06, C2D, 4 GB RAM, 10.6.8…

What my neighbor feared was a virus, was only a plethora of spam. He will be on travel for the next 10 days, so there is a bit of time before my next visit.

1. While he does not have a virus, he does have MacKeeper installed (and the genesis of his spam?). As I understand it, it is malware and should be removed. To wit, there seem to be many opinions on the web re the best technique for doing so. But from my trusted colleagues who have actually done so, what do you recommend?

2. He uses Yahoo (POP) -> Apple Mail for his email. Assuming that it is easily done, can I/should I convert his POP to IMAP? If so, how?

2. On my next visit, I hope to update his operating system (he hasn’t updated anything in over 3 years). It may be worth noting that he mainly uses his computer for email and surfing. What OS do you recommend?

TIA


Harv
27" i7 iMac (10.13.6), iPhone Xs Max (12.1)

Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: How to test for Malware?
Pendragon #27035 10/10/13 07:54 PM
Joined: Aug 2009
Likes: 16
Moderator
Online
Moderator

Joined: Aug 2009
Likes: 16
Mackeeper is apparently about as easy to get rid of as burning napalm but you will find the official Mackeeper removal instructions here. the Apple discussions thread on it is here, and the MacExpert Guide version is here. Good luck on that project!

Yahoo Mail IMAP setup information can be found here.

As to what OS, IMO he would be better served by a version that is currently supported and likely to remain so for the next few years. Mountain Lion comes to my mind, but then I am a chronic early adopter which colors my opinion. I am awaiting Maverick with bated breath.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: How to test for Malware?
joemikeb #27040 10/11/13 10:44 AM
Joined: Aug 2009
OP Offline

Joined: Aug 2009
Thanks for the links & suggestions, joemikeb.

Presently, my plan of attack:
1. Remove MacKeeper
2. Upgrade the system to Mt. Lion, run DiskWarrior and do some general cleanup.
3. As the user has vision problems, change the settings/preferences so that most everything is larger (especially text).
4. After my neighbor has used Mt. Lion for a few weeks and I have a verified backup of his email (addresses, Inbox, Sent folder, etc.), I'll consider migrating his POP account to IMAP. [I am absolutely terrified that I'll mess that up. And he loves it so. It is how he connects with the world.]


Harv
27" i7 iMac (10.13.6), iPhone Xs Max (12.1)

Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: How to test for Malware?
Pendragon #27042 10/11/13 11:53 AM
Joined: Aug 2009
Likes: 16
Moderator
Online
Moderator

Joined: Aug 2009
Likes: 16
Sounds like a good plan to me.

There are several features to aid visually impaired persons found in System Preferences > Accessibility. You might go over them with your friend. He may love them or they may drive him crazy but at least he will know they are there.

Switching to IMAP is not that hard, but I seem to recall you have to have a PAID yahoo mail account to use it, but I can't verify that.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: How to test for Malware?
Pendragon #27046 10/11/13 07:06 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
we get that a lot, users checking in machines that they think have a virus. very important to get symptoms when checking those in. "can't go to thisurl.com", "home page has change", "mail is crashing", silly things like that.

and yes, nuke mackeeper on sight.


I work for the Department of Redundancy Department

Moderated by  alternaut, dianne, MacManiac 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.042s Queries: 32 (0.036s) Memory: 0.6123 MB (Peak: 0.6995 MB) Data Comp: Zlib Server Time: 2024-03-28 18:19:41 UTC
Valid HTML 5 and Valid CSS