Virus? How do you manually delete a file that may or may not be on the system?

Discussion in 'Mac Apps and Mac App Store' started by lolrt, Feb 22, 2011.

  1. lolrt macrumors newbie

    Joined:
    Feb 22, 2011
    #1
    How do you manually delete a file that may or may not be on the system without having to manually search for an unknown number of potential possibilities?

    I am asking this question in relation to Windows malware that includes a Java downloader component.

    Boonana used a Java downloader and it was cross platform. It was not particularly dangerous to Macs as the downloaded payload required authentication. But, it is not something you would want on your system.

    Malware writers could modify the payload downloaded by other Windows malware that uses a Java downloader to include Mac payloads. This could be done simply by modifying the contents at the download location and leaving the name unchanged. This would be a method to convert the malware to being cross platform on the fly.

    These potentially convertible Windows malware are also something you most likely do not want on your system. Especially, in the event that the payload includes privilege escalation as then it would not require authentication (priv esc very rare in OS X but still possible).

    I want to know whether it would be more efficient to manually search for all the possibilities or if it would be easier to find some app that would be able to locate this type of Windows malware and help remove it from the system?

    If using an app is more pragmatic, then any suggestion would be highly appreciated.
     
  2. Apple OC macrumors 68040

    Apple OC

    Joined:
    Oct 14, 2010
    Location:
    Hogtown
  3. lolrt thread starter macrumors newbie

    Joined:
    Feb 22, 2011
    #3
    Awesome suggestion! Thanks!
     
  4. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #4
    Some important reading for others who find this thread, searching for virus information as it relates to Macs:
     
  5. lolrt thread starter macrumors newbie

    Joined:
    Feb 22, 2011
    #5
    Thanks for that link GGJstudios!

    But, I think it is wiser to keep your system free of Windows malware that may become cross platform rather than take the risk of doing nothing until some scenario presented in my first post occurs.

    I have decided to take a pragmatic and balanced approach. I am going to run weekly on-demand scans with an antivirus program, such as ClamXav.

    On-demand scans only use resources when running a scan and I can set the AV software to run automatically at a time when my computer use is usually not demanding. This largely negates the argument against using AV software on a Mac due to the cost in computer resources if you use AV software that does not have mandatory on-access scanning.
     
  6. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #6
    As I mentioned, I posted the link primarily for others who would find this thread in a search. One thing to consider: there's no way for you to get Windows malware on your Mac, unless you first get it from a Windows computer. If you're routinely sharing files with Windows users, it's a good idea to make sure they're running their own AV, to protect them from the greater threat of malware from sources other than your Mac.
     
  7. munkery macrumors 68020

    munkery

    Joined:
    Dec 18, 2006
    #7
    Great thread, lolrt!

    I have decided to add the following to my Mac Security Suggestions list because of this thread:

    #?) Perform weekly on-demand scan with antivirus software, such as ClamXav or VirusBarrier Express, to ensure that your system does not contain any Windows malware (Java downloader trojans) that could possibly become cross platform.

    The two AV software solutions that are suggested do not run with elevated privileges and do not have mandatory on-access scanning. Client side software that runs with elevated privileges is less secure. Mandatory on-access scanning chronically uses system resources. On-demand scans only use resources when performing a scan.
     
  8. lolrt thread starter macrumors newbie

    Joined:
    Feb 22, 2011
    #8
    How am I going to make sure everybody that uses Windows I interact with is diligent in relation to malware. All the time, I send/receive emails with others in my work setting that I do not really know. I do not want to nag everyone about making sure they are using AV software.

    I think a more secure approach is to do as much as possible to keep myself secure without being dependent on the diligence of others in relation running AV software.
     
  9. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #9
    That's understandable if you share files with a large number of users that aren't in a well-defined group. My suggestion applies best to a defined group, such as users within a company or department, where there should be a corporate standard for AV protection, or members of your family, etc. I support a large number of clients, but one of my requirements is that they all have AV protection. However, I realize that not everyone can place such demands on everyone they share files with.
     
  10. munkery macrumors 68020

    munkery

    Joined:
    Dec 18, 2006
    #10
    Oh No! I think I have been pwned into suggesting the use of AV software on a Mac.

    lolrt is an anagram for TROLL!
     
  11. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #11
    LOL! You fell for it! :D
     
  12. munkery macrumors 68020

    munkery

    Joined:
    Dec 18, 2006
    #12
    It appears you fell for it as well, as least, implicitly.
     
  13. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #13
    There is nothing in my posts that suggest installing AV software on a Mac. That's my story, and I'm sticking to it! :D

    It wasn't me! It was the one-armed man!
     

Share This Page