So I'm clip-cloppin' around some Chinese/Hong Kong sites for a business venture & pick-up one of the nastiest little bugs I've ever encountered. I'm talkin' about it digging into the root, the whole schmear. Hijacking sites, redirecting, couldn't even use Chrome. Used AVG, Spyware Doctor, Malwarebytes, Super Spyware, the works. After a herculean tussle I discovered a real honey. Hitman Pro.
http://download.cnet.com/Hitman-Pro-3-32-bit/3000-2239_4-10895604.html

I'm telling ya this thing saved my ars. If anyone ever gets a virus or knows someone who can't get rid of a nefarious element, this is the ticket.

Major recommendation from this camp. :ThmbUp: :ThmbUp:
________________________________________________

Brought to you by The Beast in Me by Nick Lowe written for JohnnyC. It helped me stay calm through the storm of this sinister trojan.

hlQ3RumReqU

You need a computer from the produce company.

To say that there is no malware (or viruses) for the Apple platform is demonstrably untrue.

I don't hear much about such problems on the Mac forums .....



You DON'T have a virus on your Mac!
If you want to know why this is true, read on.

A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability.

From Symantec:
Quote:
What is the difference between viruses, worms, and Trojans?

What is a virus?
A computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user. A virus must meet two criteria:
It must execute itself. It often places its own code in the path of execution of another program.
It must replicate itself. For example, it may replace other executable files with a copy of the virus infected file. Viruses can infect desktop computers and network servers alike.
What is a Trojan horse?
Trojan horses are impostors—files that claim to be something desirable but, in fact, are malicious. A very important distinction between Trojan horse programs and true viruses is that they do not replicate themselves. Trojan horses contain malicious code that when triggered cause loss, or even theft, of data. For a Trojan horse to spread, you must invite these programs onto your computers; for example, by opening an email attachment or downloading and running a file from the Internet.

What is a worm?
Worms are programs that replicate themselves from system to system without the use of a host file. This is in contrast to viruses, which requires the spreading of an infected host file. Although worms generally exist inside of other files, often Word or Excel documents, there is a difference between how worms and viruses use the host file. Usually the worm will release a document that already has the "worm" macro inside the document. The entire document will travel from computer to computer, so the entire document should be considered the worm.

What is a virus hoax?
Virus hoaxes are messages, almost always sent by email, that amount to little more than chain letters. Following are some of the common phrases that are used in these hoaxes:
If you receive an email titled [email virus hoax name here], do not open it!
Delete it immediately!
It contains the [hoax name] virus.
It will delete everything on your hard drive and [extreme and improbable danger specified here].
This virus was announced today by [reputable organization name here].
Forward this warning to everyone you know!
Most virus hoax warnings do not deviate far from this pattern. If you are unsure if a virus warning is legitimate or a hoax, additional information is available at the Symantec Security Response online database.
Another type of hoax is referred to as scareware. It's a bogus virus warning that pops up when visiting some websites, and looks something like this. If you take a close look, you'll see the popup refers to a Windows system, which obviously doesn't relate to Mac OS X. It can't harm your Mac at all. Just close the site, clear your browser's cache and cookies, and you'll be fine. Sometimes these scareware sites will generate a never-ending loop of popups, to the point that you must Force Quit your browser. Such scareware sites are usually intended to lure a Windows user into clicking the links to install bogus "antivirus" software, which is typically a trojan. Even if you click the links on a Mac system, it can't install anything, because Windows executable files can't run on Mac OS X.

There are NO viruses in the wild that affect current Mac OS X (Leopard and Snow Leopard), at this time. If this changes, I will update this post. According to noted computer virus expert Paul Ducklin, in order for a virus to be considered in the wild, "it must be spreading as a result of normal day-to-day operations on and between the computers of unsuspecting users." This definition excludes "proof of concept" code that is used in a testing situation under strictly controlled conditions, and which poses zero threat to average computer users.

In the past, there have been a few viruses that ran on older versions of the Mac operating system, but they do not run on Leopard or Snow Leopard. Since no OS, including Mac OS X, is immune to malware threats, this situation could change at any time, but if a new virus is discovered, the news media, forums, blogs, etc. will be instantly buzzing with the news. See update below.*

There are, as of this time, trojans that can affect Mac OS X, but these must be downloaded and installed by the user, which usually involves entering the user's administrator password. Also, Mac OS X will give you a warning when you first launch an app you downloaded from the web. Trojans can easily be avoided by the user exercising common sense and caution when installing applications. A common source of trojans is pirated software, typically downloaded from bit torrent sites.

Having virus protection software on your Mac is pointless, as far as protecting your Mac from viruses, since current antivirus software cannot detect a Mac virus that doesn't yet exist, because they simply don't know what to look for. It is possible to have a virus-infected file reside on your hard drive, but since a Windows virus (like any Windows program) can't run in native Mac OS X, it would be harmless to your Mac and could not spread.

Some users choose to run antivirus such as ClamXav on their Mac to scan for Windows viruses, so the Mac user can't pass a virus-infected file to a Windows user. However, a more prudent approach is for every Windows user to be protected by their own AV software, to guard against viruses from any source, not just those that might come from a Mac user.

iAntiVirus is one app that makes inaccurate claims about the existence of Mac malware, in order to hype the need for their product. This post will give details.

The bottom line is this: as a Mac user, your chances of being affected by a virus, trojan or other malware are extremely slim, unless you've been careless about where you get software and when you enter your administrator password. Therefore, if you're experiencing a problem or unexpected behavior with your Mac, there's better than a 99.9% chance that it's something other than a virus or other malware.

*Update As has already been stated, any appearance of significant new security threats to Mac OS X will make news headlines:

On Oct. 26, 2010, Mac security site SecureMac posted this security bulletin:
Quote:
SecureMac has discovered a new trojan horse in the wild that affects Mac OS X, including Snow Leopard (OS X 10.6), the latest version of OS X. The trojan horse, trojan.osx.boonana.a, is spreading through social networking sites, including Facebook, disguised as a video.

When a user clicks the infected link, the trojan initially runs as a Java applet, which downloads other files to the computer, including an installer, which launches automatically. When run, the installer modifies system files to bypass the need for passwords, allowing outside access to all files on the system.
New Java-Based Malware Targets Mac OS X, But Threat Level Disputed
As with all trojans, this requires the user to unwittingly invite the infection by deliberate action (in this case, clicking on a fake video link). You cannot be infected by this trojan if you don't click on the appropriate link. You can eliminate this threat by disabling Java in your web browser.
For Safari users, go to Safari > Preferences > Security and under "Web content:" uncheck "Enable Java".
__________________

Thanks for the tip mack...will be interesting to hear how this thing performs in the future.

It's one of the best "on demand" scanner out there. I have Hitman Pro on all my computers.

You need a computer from the produce company.



Esteemed Silicon Carrier for the Apple Corps,

Your powers are absolute. (:Bowing --- bowwowing, even.)



Yours,

Mal Ware, B.S.
Director of Security
Merry Marvel Marching Society

Hey, chalk one up for this idiot and Hitman Pro.

So there I am chatting on Yahoo IM this afternoon on one of my PCs...and up pops a link in the chat box, which I click on AND run the program it asks to run like a TOTAL NOOB IDIOT...what the hell was I thinking?

Anyway, BOOM...I'm infected with a worm on this particular PC, which I realize the moment after I click the RUN button...lol

I run Microsoft Security Essentials, which identifies the threat (no, I wasn't running it real-time, again, like an IDIOT), claims it has quarantined and removed the threat...I run Malwarebytes and it also finds a threat and claims to have removed it...so I reboot...and of course it's back...MS Essentials reports a real time threat...

Then I remember bigmack and his HITMAN PRO....I run that...finds the threats, has me reboot...and BAM...gone....did a full scan in MS Essentials and it found nothing...Malwarebytes finds nothing...I reboot again....scan again...NOTHING...been running MS Essentials in real-time mode and nothing has popped up in the past few hours (note that after MS Essentials CLAIMED to have removed the threat that first time around, almost immediately upon reboot, its real time monitor popped up and declared the threat still alive and well).

So, here's a salute to HITMAN PRO. It really is a malware killer...at least in these two particular cases...

So, here's a salute to HITMAN PRO. It really is a malware killer...at least in these two particular cases...
Good to hear, Miguel.

The thing about those little bastards is they dive into the root system so when you reboot they're as lively as ever.

After my little tango I couldn't help but share it with others to lessen the pain.

Esteemed Silicon Carrier for the Apple Corps,

Your powers are absolute. (:Bowing --- bowwowing, even.)



Yours,

Mal Ware, B.S.
Director of Security
Merry Marvel Marching Society


Siriusly

You need a computer from the produce company.There is definitely malware (virus, trojan, whatever else you want to call them) that affects macs, but just think of it from the economic standpoint of the attacker. The market share for windows machines versus mac os machines is exponentially higher. Which one would your write code to take advantage of?

There are arguments structurally for OS X (or even earlier editions), but don't be fooled into thinking that if you have a mac you are invincible.

There is definitely malware (virus, trojan, whatever else you want to call them) that affects macs, but just think of it from the economic standpoint of the attacker. The market share for windows machines versus mac os machines is exponentially higher. Which one would your write code to take advantage of?

There are arguments structurally for OS X (or even earlier editions), but don't be fooled into thinking that if you have a mac you are invincible.

Whatever path of reasoning you take, at this point in time, OS X is safer than Windows.

http://news.cnet.com/8301-27080_3-10444561-245.html?part=rss&subj=news&tag=2547-1_3-0-20