The du command (disk usage) is capable of printing out a list of all the files on your Mac. Redirecting its output, you basically have a giant log of all of your files at any given time. If you do this on a regular basis, and compare the old with the new, you suddenly can see what has changed (ie: where is a virus?).
So, do this, I whipped up a little shell script. Note that I am not great with scripts, but I have tested this, and it works for me (on at least 10.4). Make a script called duscript.sh, and save it in your Home directory. This is the script:
#!/bin/sh
cd /
du > ~/duLog-`date +%Y%m%d` &
Make sure to make the file executable by typing chmod +x duscript.sh. Then, add the file to cron. I used CronniX to do this.
In CronniX, choose File: Open System Crontab. Then, click the New button in the main window. Click the Expert tab. In the below textboxes, set it to run however often you want. I have mine to run every day, at 6 PM. For Day, Day of Week, and Month, I have it set to *, and for hour, 18. You can set it to run however often you want. Then click the Browse button and select your script.
That should do it for you. The script will run in the background on your specified terms, and it will give you logs to work with if (heaven forbid) you need to clean up from a virus.
[robg adds: While this works, it will generate very large files. In a test on my G5, I wound up with a file that was nearly 20MB in size and took about 15 minutes to execute. Comparing two such files won't be very pleasant, even using FileMerge or diff.
However, given the recent activities in the malware/trojan area, I think that discussing ways to track changes to your system is an important one. Read the rest of the hint for my thoughts on one alternative method of tracking such changes...
Instead of simply logging every file on your system, you can create a log that shows only modified (as in changed, or brand new) files. Here's the basic idea in a script:
#!/bin/sh
cd /
sudo find . -type f -mtime -1 > ~/Desktop/ModFiles-`date +%Y%m%d`.txt
The above command will search from the top-level directory down (find .), looking for files (-type f) that have been modified in the last day (-mtime -1). It then writes that list of files out to a datestamped file on your desktop. The end result is a much smaller file, and one that doesn't need to be compared with anything. Instead, you can just scan it for suspicious activity.
However, the above is still far from perfect. There are many directories (the Mail messages folders, cache folders) that you could skip, as these change very often and probably won't ever contain any damaging code. Modifying the command to exclude these directories should be possible, but I haven't spent any time on doing so.
So how about it? What are some other options for tracking changed files on your Mac?]

