As a Mac user (shut it), what in your opinion is the best free spyware/malware cleanup program out there?
I'm not having any problems, but you can't be too sure.
Shut it down and restart it in a bath of hot water. This will cleanse the circuits of spyware.
Then delete the Win32 folder.
Should I use detergent? Or bleach?
Quote from: LMNO on March 11, 2010, 04:49:54 PM
As a Mac user (shut it), what in your opinion is the best free spyware/malware cleanup program out there?
I'm not having any problems, but you can't be too sure.
I've never used any.
Eventually, someone is sure to write malware for Macs, though.
Quote from: LMNO on March 11, 2010, 05:14:49 PM
Should I use detergent? Or bleach?
Half and half. One glass for you, one glass for the computer.
I'm sorry, but the "Mac" malware has proven to be incredibly tenacious.
No patches or bugs fixes are available at this time.
Serious answer: ClamAV (http://www.clamav.net/).
Silly answer: The best cure for a Mac is Debian (http://www.debian.org/).
Yeah, ClamAV but actual viruses for OS X are insanely rare right now.
Do you think your machine has been infected or are you just doing this as a precaution?
IIRC there are 2 OSX viruses, both proof-of-concept stuff. And I think the security holes that let them install got fixed anyway. It's still polite to run ClamAV, keeps you from accidentally forwarding nasty stuff. 80% of all windows vulnerabilities last year were in either Adobe Flash or Adobe Acrobat Reader. If you e-mail PDF files you should virus scan the things first.
Also, Adobe: Named after shit bricks for a reason.
ClamAV and just about any other virusscanner will eat up your memory and CPU cycles and make everything slower than it needs to be.
When on a platform where malware is very rare, basically the only things you need to look out for are cross platform things. These being Flash and PDF.
For PDF, simply de-install or reconfigure your PDF plugin to not automatically show PDFs in the browser window like a webpage, but instead offer a download dialog so you can save them and open them then. Because this changes an automatic action into something that you need to actively do, it will make you safer because you will only download and open a PDF if you were expecting a PDF (if it automatically opens, it can do so inviisbly and then execute all sorts of evil shit)
For Flash, use Firefox with NoScript.
Resident antivirus is silly. ClamAV doesn't have to run in resident mode, you can just run it when you download a file. LiveCD + ClamAV scan once a month is my standard process, even on my Linux box (well, there it's more like once a year, but still).
For PDF, don't use adobe reader & don't turn on Javascript in PDFs.
You're right, it's been a while since I had ClamAV. I didnt run it resident either. It was just incredibly slow when I did run it :)
Quote from: Triple Zero on March 11, 2010, 10:46:03 PM
ClamAV and just about any other virusscanner will eat up your memory and CPU cycles and make everything slower than it needs to be.
...
For Flash, use Firefox with NoScript.
^ This.
As far as e-mail attachments go, most popular e-mail services scan attachments on their own these days AFAIK.
Quote from: Triple Zero on March 11, 2010, 10:46:03 PM
ClamAV and just about any other virusscanner will eat up your memory and CPU cycles and make everything slower than it needs to be.
When on a platform where malware is very rare, basically the only things you need to look out for are cross platform things. These being Flash and PDF.
For PDF, simply de-install or reconfigure your PDF plugin to not automatically show PDFs in the browser window like a webpage, but instead offer a download dialog so you can save them and open them then. Because this changes an automatic action into something that you need to actively do, it will make you safer because you will only download and open a PDF if you were expecting a PDF (if it automatically opens, it can do so inviisbly and then execute all sorts of evil shit)
For Flash, use Firefox with NoScript.
Wouldn't flashblock make more sense for dealing with flash holes?
Not 100% familiar with Flashblock, but Noscript would also block any malignant javascript code (2 birds, 1 stone).
Yes, NoScript provides better protection than Flashblock. It is specifically designed and updated to close any holes in the Firefox/JavaScript/Flash/etc conglomerate. It's designed to make your browser more secure.