First, a Russian company called Kaspersky has released a website that will check your computer for Flashback and offers a tool for removal. Early word on the street suggests that these items may be a bit hinkey:
- The Kaspersky detection site www.flashbackcheck.com. requires that you input a unique hardware code called the UUID for your Mac. The checker does not actually check the files on your computer. Rather, it compares your UUID to a master list of UUIDs that they have compiled. Two things about this: Your UUID is part of your personal information. I don't think it is a good idea to give it to an unknown website. Also, people are reporting that even though their computer has come up clean using Test4Flashback and/or the Terminal commands, the Kaspersky checker is saying that the computer is infected.
- The Kaspersky removal tool is unverified from a source that was almost unheard of 2 weeks ago. Personally, I wouldn't trust it. [UPDATE 4/12/12: Kaspersky has pulled their Flashback removal tool because it messes up all sorts of system settings when run.]
- Kaspersky sells anti-virus software. If they say you are infected then they will try to sell you their software. That makes me nervous.
Lastly, I got a question from someone about Flashback on a Mac running Mac OS X 10.4 Tiger. The Test4Flashback tool requires at least 10.5 Leopard. If your Mac is still running Mac OS X 10.4 or 10.5 then you most likely have a Mac with a Power PC processor rather than an Intel processor. Flashback's coding requires an Intel processor so PPC Macs aren't susceptible to Flashback. You can check to see if your Mac is Intel or PPC by looking at the Processor listing on the About this Mac box from the Apple Menu.
I'll send out further updates as needed and when Apple releases their tool.