woensdag 12 maart 2008

Virus and antivirus on MacOSX

Is there a need for AntiVirus software on the Mac?

It is commonly said that there are no virusses affecting the Mac, This is true in a way, but virusses for MacOsx exist.
Most of them are old virusses, and won't do any harm to your system, but nevertheless new virusses are popping up. Although still innocent, it could become a problem in the future.
Apparently more and more hackers try to prove some instability in the MacOS environment.

Today, a Mac affected by (or malfunctioning due to) a virus is still very rare, but i tried the famous ClamXav anyway.
ClamXav is een AV programm that uses the ClamAv engine to search your computer for virusses. ClamXav has a GUI wich makes it easy to use.
This particular software one of the most famous available for the mac, and its free.
It is known to be a fast and accurate piece of software to protect your computer from virusses.

I have installed ClamXav and did a systemscan on my Mac. For being a fast scanner, it took me more than 2 hours to scan my computer, and it slowed down the entire system, but no mac virusses were found, ofcourse, wich is still a good feeling.
(The scan did find a trojan in an old deleted email)

---my scan results ---

Started scanning
Please note, large files will take a long time to scan.

/Users/******/Library/Caches/Java/cache/javapi/v1.0/jar/count.jar-21edef6a-635fcef5.zip: Java.Classloader FOUND
/Users/******/Library/Caches/Java/cache/javapi/v1.0/jar/count.jar-2cf0bf70-5123d8f1.zip: Java.Classloader FOUND
/Users/******/Library/Mail/POP-********/INBOX.mbox/Messages/11812.emlx: Trojan.Dropper-3172 FOUND
The above file looks like it may be part of an email mailbox, please think carefully about what to do with this file. If it has been quarantined, you may end up losing some email. I suggest you leave this file where it is (or move it back if it's been quarantined) and delete suspicious messages from within your email client.
----------- SCAN SUMMARY -----------
Known viruses: 228651
Engine version: 0.92
Scanned directories: 6287
Scanned files: 65202
Infected files: 3
Data scanned: 63272.87 MB
Time: 8248.216 sec (137 m 28 s)

ClamXav v1.1.0 - ClamAV 0.92/6218/Wed Mar 12 20:07:21 2008 - ClamXav

One or more infected files were found, but were left where they are. You can either deal with them yourself, or scan again with the preferences set to move them into a different folder.


I deleted the 3 corrupted files manually, so my system 'should' be clean now..
Hopefully, virusses will stay away from the mac forever, but this would be a fantasie.
And if you haven't already done so, it is very advisable to download and install the latest security update for MacOsx, you can find it on the apple website

anyone has any info on botnets using macs as a zombie?

some related stuff:
forum topic virus on mac - dutch
info about clamAv and clamXav on oreillysite
download clamxav

or you can always use a hammer...
Please leave your comments.
