Remove Malware from your Mac

Malware is something everyone has to deal with, on a preventative level, or even on an active level. It used to be said that less than 1% of Macintoshes got viruses. As malicious technology has advanced that percentage has gone up. While Mac OSX is highly advanced and protected well against malware, it is not invincible. Let’s see what the risks are here in New Jersey, and how we can fight malware on a Mac.

The Numbers

In a recent study done by Sophos 1 out of every 5 Macs is infected with malware. This ratio sounds staggering until you examine its affects on the Macintosh Unix platform. It’s effect is essentially nothing. The malware that infects 20% of Macs is written for Windows. That means your Macintosh may be infected, but isn’t being hurt by them. The majority of these malware types are accumulated from cross contamination over USB devices. There is however a number that New Jersey Mac users should really pay attention to. Sophos estimates that 2.7% of Macs are actually infected with malware written for Macs. There are 4 main malwares written for Mac: Flshplyr, FakeAV, RSPlug, and Jahlav. When Apple discovered this they release supplemental tools to take care of it. Starting with OSX Mountain Lion, also compatible with Lion, Apple added a preference pane setting called Gatekeeper.

Apple Aid

Gatekeeper is the door warden of a Mac to the internet world. Gatekeeper is similar to the Mac feature File Quarantine, but it is much more comprehensive. There are 3 settings for Gatekeeper: Mac App Store, Mac App Store and identified developers, and anywhere. This is a very substantial step in keeping a New Jersey Macintosh clean from malware. Obviously nothing from the Mac App Store has malware, so it is the safest setting. If you download a program like, let’s say, Dropbox, when you try to open it an alert will come up telling you: “Dropbox can’t be opened because it was not downloaded from the Mac App Store.” Dropbox is a great company with a great reputation. You can trust the program. If you want to open it, you’ll have to go to the Gatekeeper setting in the Security preference pane and manually change the selection to Mac App Store and identified developers, temporarily. Mac App Store and identified developers is less safe, but a fairly defensive setting. The setting to allow software from anywhere isn’t very protective, but can sometimes be required to add on special little programs that aren’t Apple sanctioned. You have to be very judicious before running a program that isn’t made by an identified developer.

Removal

There are a few ways of removing malware from a Mac machine, but the best ones involve software. If you don’t have any software on your Mac to help defend it, this may be the only option you have, especially if you don’t currently have internet access. One of the worse malwares for the Macintosh was MACDefender, which disguised itself as an anti-malware program. If you have no supplemental software, but are pretty sure you have malware, you’ll have to track it down on your own. Best way to find malware without software is too think back to the time when problems started occurring and cross reference that with items in your downloads folder. Unless you have specified a different location, all web downloads should end up in your downloads folder. Another place to check is your applications folder. If you downloaded an application that looked legitimate, it would probably be there. If there is an unknown file or non functional program with a date and time close to when your problems occurred, it’s probably the malware. Once you’ve found it, delete it. Chances are it won’t be nearly that easy. Programs can’t completely delete if they are being run. You’ll have to find the process that corresponds to that program. Open Activity Monitor look for something with a similar name to the file you found. If you find a process matching, quit it. If you find a process that looks suspicious, but you aren’t sure, Google it to see if other users have had problems with it. When you’ve quit the processes, make sure the infected files are in the trash, and empty it.

If you have software or can get ahold of some, it is the best method. Sophos puts out a great Mac anti-malware product called Sophos Anti-Virus. There are other great programs like VirusBarrier Express, Avast!, ESET Cybersecurity, and Avira Mac Security. This standard software will scan for malware, report it, quarantine it, and help you delete it.

The majority of New Jersey Macs are safe, but that doesn’t mean you should be careless in how your machine operates. Watch out for malware. Be careful on the internet, update your anti-virus, and keep good backups. Nothing is too-big-to-fail.

by David Molnar

Leave a Comment