Antivirus software exclusions for DFS and Hyper-V

Similar Messages

• I would like to update the latest Adobe Flash as mine is outdated, but it says it can't install as my antivirus software is preventing it and I need to allow it.  My problem is I don't know what my antivirus software is or how to find it on my Mac to

  I would like to update the latest Adobe Flash as mine is outdated, but it says it can't install as my antivirus software is preventing it and I need to allow it.  My problem is I don't know what my antivirus software is or how to find it on my Mac OS X 10.9.5 to adjust the settings.  Help

  We don't know what it is either.

• Where would someone turn if they think they may be interested in apple/mac software development for systems and applications?

  Where would someone turn if they think they may be interested in apple/mac software development for systems and applications? I do have some experience with industrial machine control programming. Not that it directly applies, however I have been involved in some types of programming.

  You might start by reading this: http://www.guardian.co.uk/technology/gamesblog/2009/feb/10/gameculture-apple
  I would check out the refurbished section of the online Apple Store before buying a used one from Craislist. They go quickly so you have to check often. It will be more than sufficent for you to work with.
  There are more than a few such books, go to a book store near you and browse them yourself to see which one works for you.
  For items 3 and 4 wait until you are ready for a commercial app and then seek help from a lawyer and an accountant.

• Why i got a software update for s4 and pad2 when i have a 5c?

  Why i got a software update for s4 and pad2 when i have a 5c?
  <Edited by Host>

  Because there is only one update for all iPads and iPhones if you learn to read. And watch your language or no one will bother helping potty mouth little children like you.
  Pete

• I'm trying to update my software to iTunes 10.5.2.  I click on the install button, click the Accept button, the software checks for updates, and then I am back at the original download screen.  I can't seem to get past this loop.  Any suggestions?

  I'm trying to update my software to iTunes 10.5.2.  I click on the install button, click the Accept button, the software checks for updates, and then I am back at the original download screen.  I can't seem to get past this loop.  Any suggestions?

  If I go through the setup that you suggested, won't I screw up the existing software on my system?
  No. The iTunes installer will first uninstall the existing version of iTunes and then put in the new one. (That's actually also what happens when you use Apple Software Update to install a new version ... it just doesn't show the uninstall phase like the iTunes64Setup.exe or iTunesSetup.exe does.)

• SCCM 2012 Antivirus Exclusions for Servers and Workstations

  Hii,
  Just sharing the antivirus exclusions for Configuration Manager 2012 Servers and workstations as well.
  Please share if anything is missing.
  McAfee Exclusion's for Configuration Manager 2012:
  1. C:\Windows\TEMP\BootImages
  and subfolders.
  2. Directories:
  %allusersprofile%\NTUser.pol
  %systemroot%\system32\GroupPolicy\registry.pol
  %windir%\Security\database\*.chk
  %windir%\Security\database\*.edb
  %windir%\Security\database\*.jrs
  %windir%\Security\database\*.log
  %windir%\Security\database\*.sdb
  %windir%\SoftwareDistribution\Datastore\Datastore.edb
  %windir%\SoftwareDistribution\Datastore\Logs\edb.chk
  %windir%\SoftwareDistribution\Datastore\Logs\edb*.log
  %windir%\SoftwareDistribution\Datastore\Logs\Edbres00001.jrs
  %windir%\SoftwareDistribution\Datastore\Logs\Edbres00002.jrs
  %windir%\SoftwareDistribution\Datastore\Logs\Res1.log
  %windir%\SoftwareDistribution\Datastore\Logs\Res2.log
  %windir%\SoftwareDistribution\Datastore\Logs\tmp.edb
  %programfiles%\Microsoft Configuration Manager\Inboxes\*.*
  %programfiles(x86)%\Microsoft Configuration Manager\Inboxes\*.*
  %systemroot%\system32\GroupPolicy\Machine\registry.pol"
  %systemroot%\system32\GroupPolicy\User\registry.pol"
  \SCCMContentLib
  \SMSPKG
  \SMSPKGC$
  \SMSPKGSIG
  \SMSSIG$
  \Program Files\SMS_CCM\ServiceData
  \Program Files\SMS_CCM\Logs
  \Program Files\Microsoft Configuration Manager\Logs
  \Program Files\Microsoft Configuration Manager\Install.map
  \ConfigurationManager DB
  \SMSPKGSIG
  \SCCMContentLib
  \Sources
  \SCCMImages
  \DatabaseBackup
  \SMSPKGE$
  \SMSPKGSIG
  \SMSSIG$
  3. Processes that will be excluded:
  Configuration Manager 2012 processes that will be excluded are:
  Smsexec.exe
  Ccmexec.exe
  CmRcService.exe
  Sitecomp.exe
  Smswriter.exe
  Smssqlbbkup.exe
  4. SQL Server Exclusion's:
  SQL Server 2012 Processes exclude from virus scanning
  %ProgramFiles%\Microsoft SQL Server\MSSQL11. <InstanceName>\MSSQL\Binn\SQLServr.exe
  %ProgramFiles%\Microsoft SQL Server\MSRS11. <InstanceName>\Reporting Services\ReportServer\Bin\ReportingServicesService.exe
  %ProgramFiles%\Microsoft SQL Server\MSAS11. <InstanceName>\OLAP\Bin\MSMDSrv.exe
  SQL Server data files
  *.mdf
  *.ldf
  *.ndf
  SQL Server backup files
       These files frequently have one of the following file-name extensions:
  *.bak
  *.trn
  Full-Text catalog files
  %Program Files%\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\FTData
  Analysis Services backup files
       C:\Program Files\Microsoft SQL Server\MSSQL.X\OLAP\Backup
       C:\Program Files\Microsoft SQL Server\MSSQL.X\OLAP\Log
  5. IIS Exclusions:
  * .ida
  %systemroot%\IIS Temporary Compressed Files
  %SystemDrive%\inetpub\temp\IIS Temporary Compressed Files
  6. WSUS Exclusions:
  *.cab
  \WSUS\WSUSContent
  \WSUS\UpdateServicesDBFiles
  \SoftwareDistribution\Datastore
  \SoftwareDistribution\Download
  Reference Links:
  https://community.mcafee.com/thread/59504
  http://www.systemcenterblog.nl/2012/05/09/anti-virus-scan-exclusions-for-configuration-manager-2012/
  http://social.technet.microsoft.com/wiki/contents/articles/953.microsoft-anti-virus-exclusion-list.aspx
  http://support.microsoft.com/kb/309422
  http://support.microsoft.com/kb/821749
  http://support.microsoft.com/kb/817442
  http://support.microsoft.com/kb/900638/en-us
  http://technet.microsoft.com/en-us/library/dd939908(WS.10).aspx#av
  McAfee Exclusions for workstations:
  Turn off scanning of Windows Update or Automatic Update related files
  Turn off scanning of the Windows Update or Automatic Update database file (Datastore.edb). This file is located in the following folder:
  %windir%\SoftwareDistribution\Datastore
  Turn off scanning of the log files that are located in the following folder:
  %windir%\SoftwareDistribution\Datastore\Logs
  Specifically, exclude the following files:
  Res*.log
  Edb*.jrs
  Edb.chk
  Tmp.edb
  Turn off scanning of Windows Security files
  Add the following files in the %windir%\Security\Database path of the exclusions list:
  *.edb
  *.sdb
  *.log
  *.chk
  *.jrs
  Turn off scanning of Group Policy related files
  Group Policy user registry information. These files are located in the following folder:
  %allusersprofile%\
  Specifically, exclude the following file:
  NTUser.pol
  Group Policy client settings file. This file is located in the following folder:
  %Systemroot%\System32\GroupPolicy\
  Specifically, exclude the following file: Registry.pol
  For the configuration manager clients the following exclusion will be added:
  %windir%ccmcache
  \SoftwareDistribution\Datastore
  \SoftwareDistribution\Download
  Reference Links:
  http://support.microsoft.com/kb/822158/en-us
  Regards, Syed Fahad Ali

  Thanks for sharing this.. Many people will find this useful.
  http://www.enhansoft.com/

• Apple recommended antivirus protection programs for Mac and IOS

  Recommended antivirus software for windows 8 and mac

  1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
  OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disable, sandboxing, system library randomization, and address space layout randomization that may also guard against other kinds of exploits.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user, but internally Apple calls it "XProtect." The malware recognition database is automatically checked for updates once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets.
  It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  3. Starting with OS X 10.7.5, there has been a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't necessarily been tested by Apple, but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. That may not mean much if the developer lives in a country with a weak legal system (see below.)
  Gatekeeper doesn't depend on a database of known malware. It has, however, the same limitations as XProtect, and in addition the following:
  It can easily be disabled or overridden by the user.
  A malware attacker could get control of a code-signing certificate under false pretenses, or could simply ignore the consequences of distributing codesigned malware.
  An App Store developer could find a way to bypass Apple's oversight, or the oversight could fail due to human error.
  For the reasons given above, App Store products, and other applications recognized by Gatekeeper as signed, are safer than others, but they can't be considered absolutely safe. "Sandboxed" applications may prompt for access to private data, such as your contacts, or for access to the network. Think before granting that access. OS X security is based on user input. Never click through any request for authorization without thinking.
  4. Starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background when you update the OS. It checks for, and removes, malware that may have evaded the other protections via a Java exploit (see below.) MRT also runs when you install or update the Apple-supplied Java runtime (but not the Oracle runtime.) Like XProtect, MRT is presumably effective against known attacks, but maybe not against unknown attacks. It notifies you if it finds malware, but otherwise there's no user interface to MRT.
  5. XProtect, Gatekeeper, and MRT reduce the risk of malware attack, but they're not absolute protection. The first and best line of defense is always your own intelligence. With the possible exception of Java exploits, all known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
  That means, in practice, that you never use software that comes from an untrustworthy source, or that does something inherently untrustworthy. How do you know what is trustworthy?
  Any website that prompts you to install a “codec,” “plug-in,” "player," "extractor," or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
  A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  Pirated copies or "cracks" of commercial software, no matter where they come from, are unsafe.
  Software of any kind downloaded from a BitTorrent or from a Usenet binary newsgroup is unsafe.
  Software that purports to help you do something that's illegal or that infringes copyright, such as saving streamed audio or video for reuse without permission, is unsafe. All YouTube "downloaders" are in this category, though not all are necessarily harmful.
  Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. If it comes from any other source, it's unsafe.
  Even signed applications, no matter what the source, should not be trusted if they do something unexpected, such as asking for permission to access your contacts, your location, or the Internet for no obvious reason.
  6. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was always a bad idea, and Java's developers have proven themselves incapable of implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style virus affecting OS X. Merely loading a page with malicious Java content could be harmful.
  Fortunately, client-side Java on the Web is obsolete and mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice. Forget about playing games or other non-essential uses of Java.
  Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a task on a specific site, enable Java only for that site in Safari. Never enable Java for a public website that carries third-party advertising. Use it only on well-known, login-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
  Follow the above guidelines, and you’ll be as safe from malware as you can practically be. The rest of this comment concerns what you should not do to protect yourself from malware.
  7. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, if they do any good at all. Any database of known threats is always going to be out of date. Most of the danger is from unknown threats. If you need to be able to detect Windows malware in your files, use the free software  ClamXav— nothing else.
  Why shouldn't you use commercial "anti-virus" products?
  Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
  In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
  8. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
  A Windows malware attachment in email is usually easy to recognize. The file name will often be targeted at people who aren't very bright; for example:
  ♥♥♥♥♥♥♥♥♥♥♥♥♥♥!!!!!!!H0TBABEZ4U!!!!!!!.AVI♥♥♥♥♥♥♥♥♥♥♥♥♥♥.exe
  ClamXav may be able to tell you which particular virus or trojan it is, but do you care? In practice, there's seldom a reason to use ClamXav unless a network administrator requires you to run an anti-virus application.
  9. The greatest harm done by security software, in my opinion, is in its effect on human behavior. It does little or nothing to protect people from emerging "zero-day" threats, but if they get a false sense of security from it, they may feel free to do things that expose them to higher risk. Nothing can lessen the need for safe computing practices.
  10. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.

• I just ran a software update for Java and MacBook Pro SMC, now my Mini Display Port to HDMI TV is not working. The TV is flickering. The Mac Display is fine.

  I was just watching / streaming TV off Safari on my actual TV.
  I'm using a Mini-Display Port to HDMI cable for the connection to the external display.
  Software update popped-up and said there was an update for Java and for SMC.
  I ran the update and upon the computer restarting, my external display (my TV) is no longer working. It is now flickering.
  It won't work in Mirroring or set up as an extended display.
  I've reset SMC / PRAM / Safe Mode / Even restored from a Time Machine backup (From before the updates were done).
  What could it be?!

  I keep saying this over and over, in the hope that people who do a search will find it.  Apple cannot possibly test for or be reponsible for the bazillion combinations of adapter, cables, and TV's out there.  The only monitors that are 100% guaranteed to work with the MacBook Pro are the Cinema Displays and Thunderbolt Displays, because, they're made by Apple.  They're expensive, but they work perfectly.
  My guess is that you bought a cheap MDP to HDMI cable, or have a defective one.  From my reading of these boards over the past few months, cheap cables have a high failure rate.  And the regular priced ones have only a slightly less of one.  Try a new one.  Make sure you do not damage the Thunderbolt port.

• I download latest software update for itunes and iphone. they successfully download, but then a message comes up saying unable to install as file has been corrupted. what is the cause?

  I download latest updates for itunes and my iphone, when it comes to installing, it successfully downloads, but then i get a message for iphone software error=1403 file corrupted, and for itunes it downloads, then when i try to install it a message says unable to install software, file maybe corrupted!! 

  The iTunes update must be downloaded and installed before you try and use it to update the iPhone OS
  Download iTunes 10.2.2 from here: http://support.apple.com/kb/DL1103
  When it completes it will auto mount the disc image and show you the package installer, don't try and do anything with the file until it gets to this stage.
  Once that's installed reboot the Mac, run iTunes, connect your iPhone and let it sync, then hit the update button and let it complete that step by itself (which will require a restart of the iPhone)

• Nigpib-linux-0.6 GPIB software driver for Linux and PXI GPIB board

  My I use nigpib-linux-0.6 GPIB software driver for Linux in a Compact PCI system running linux and equipped with your PXI GPIB board ?
  Thanks.
  Paolo Santinelli.
  [email protected]

  If you alter the device ID of the device from c801 to c821 within the driver module, you should be able to use the driver with the PXI board.

• Antivirus Software (Freeware) for my PowerBook G4 17"...

  ...running OS X 10.4.9. iAntiVirus 1.2 is for 10.5. or later and works fine on my new iMac 24-inch. Any suggestions?
  Thanks so much

  No viruses that can attack OS X have so far been detected 'in the wild', i.e. in anything other than laboratory conditions.
  It is possible, however, to pass on a Windows virus to another Windows user, for example through an email attachment. To prevent this all you need is the free anti-virus utility ClamXav, which you can download from:
  http://www.clamxav.com/
  However, the appearance of Trojans and other malware that can possibly infect a Mac seems to be growing, but is a completely different issue to viruses.
  If you allow a Trojan to be installed, the user's DNS records can be modified, redirecting incoming internet traffic through the attacker's servers, where it can be hijacked and injected with malicious websites and pornographic advertisements. The trojan also installs a watchdog process that ensures the victim's (that's you!) DNS records stay modified on a minute-by-minute basis.
  SecureMac has introduced a free Trojan Detection Tool for Mac OS X. It's available here:
  http://macscan.securemac.com/
  The DNSChanger Removal Tool detects and removes spyware targeting Mac OS X and allows users to check to see if the trojan has been installed on their computer; if it has, the software helps to identify and remove the offending file. After a system reboot, the users' DNS records will be repaired.
  (Note that a 30 day trial version of MacScan can be downloaded free of charge from:
  http://macscan.securemac.com/buy/
  and this can perform a complete scan of your entire hard disk. After 30 days the cost is $29.99. The full version permits you to scan selected files and folders only, as well as the entire hard disk.)
  A white paper has recently been published on the subject of Trojans by SubRosaSoft, available here:
  http://www.macforensicslab.com/ProductsAndServices/index.php?mainpage=document_general_info&cPath=11&productsid=174
  Also, beware of MacSweeper:
  MacSweeper is malware that misleads users by exaggerating reports about spyware, adware or viruses on their computer. It is the first known "rogue" application for the Mac OS X operating system. The software was discovered by F-Secure, a Finland based computer security software company on January 17, 2008
  http://en.wikipedia.org/wiki/MacSweeper
  On June 23, 2008 this news reached Mac users:
  http://www.theregister.co.uk/2008/06/23/mac_trojan/
  More information on Mac security can be found here:
  http://macscan.securemac.com/
  The MacScan application can be downloaded from here:
  http://macscan.securemac.com/buy/
  You can download a 30 day trail copy which enables you to do a full scan of your hard disk. After that it costs $29.95.
  More on Trojans on the Mac here:
  http://www.technewsworld.com/story/63574.html?welcome=1214487119
  The latest news on the subject, from July 25, 2008, is:
  Attack code that exploits flaws in the net's addressing system are starting to circulate online, say security experts.
  The code could be a boon to phishing gangs who redirect web users to fake bank sites and steal login details.
  In light of the news net firms are being urged to apply a fix for the loop-hole before attacks by hi-tech criminals become widespread.
  Net security groups say there is anecdotal evidence that small scale attacks are already happening.
  Further details here: http://news.bbc.co.uk/2/hi/technology/7525206.stm
  A further recent development is the Koobface malware that can be picked up from Facebook (already a notorious site for malware), as reported here on December 9, 2008:
  http://news.bbc.co.uk/newsbeat/hi/technology/newsid_7773000/7773340.stm
  There may be other ways of guarding against Trojans, viruses and general malware affecting the Mac, and alternatives will probably appear in the future. In the meantime the advice is: be careful where you go on the web and what you download!

• Apple Software Update for Windows and Proxy servers

  I try to run Apple Software Update that just got installed in Windows, but it is unable to locate the server and immediately quits. I know I have to go through a proxy server here in work, but I never get the opportunity to enter the proxy information and cannot get to the menus in the Apple Software Updater for Windows to see if I even have the option to enter Proxy information. How am I supposed to get this to work?

  Hmmmmm.
  Try checking the rules in your firewall software. Is Apple Software Update being allowed full access to the internet?

• Antivirus software recommendations for IMac ( OSX10.7.5) and ipad2

  I know it has been discussed and re-discussed, but please update me on the latest recommendations as I was not able to upgrade a year ago to Mavericks (even with Apple Support on 2 occasions) and I am reluctant to upgrade to Yosemite due to the WIFI issues. Update tells me that my software on my Mac is up to date, but that is not the OSX.

  Mac users often ask whether they should install "anti-virus" (AV) software. The usual answer is "no." That answer is right, but it may give the wrong impression that there is no threat from what are loosely called "viruses." There is a threat, and you need to educate yourself about it.
  1. This is a comment on what you should—and should not—do to protect yourself from malicious software ("malware") that circulates on the Internet and gets onto a computer as an unintended consequence of the user's actions.
  It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the computer, or who has been able to take control of it remotely. That threat is in a different category, and there's no easy way to defend against it. AV software is not intended to, and does not, defend against such attacks.
  The comment is long because the issue is complex. The key points are in sections 5, 6, and 10.
  OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disable, sandboxing, system library randomization, and address space layout randomization that may also guard against other kinds of exploits.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user. Internally Apple calls it "XProtect."
  The malware recognition database used by XProtect is automatically updated; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  ☞ It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets.
  ☞ It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  As new versions of OS X are released, it's not clear whether Apple will indefinitely continue to maintain the XProtect database of older versions such as 10.6. The security of obsolete system versions may eventually be degraded. Security updates to the code of obsolete systems will stop being released at some point, and that may leave them open to other kinds of attack besides malware.
  3. Starting with OS X 10.7.5, there has been a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't been checked for security by Apple unless it comes from the App Store, but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. That may not mean much if the developer lives in a country with a weak legal system (see below.)
  Gatekeeper doesn't depend on a database of known malware. It has, however, the same limitations as XProtect, and in addition the following:
  ☞ It can easily be disabled or overridden by the user.
  ☞ A malware attacker could get control of a code-signing certificate under false pretenses, or could simply ignore the consequences of distributing codesigned malware.
  ☞ An App Store developer could find a way to bypass Apple's oversight, or the oversight could fail due to human error.
  Apple has taken far too long to revoke the codesigning certificates of some known abusers, thereby diluting the value of Gatekeeper and the Developer ID program. Those lapses don't involve App Store products, however.
  For the reasons given, App Store products, and—to a lesser extent—other applications recognized by Gatekeeper as signed, are safer than others, but they can't be considered absolutely safe. "Sandboxed" applications may prompt for access to private data, such as your contacts, or for access to the network. Think before granting that access. Sandbox security is based on user input. Never click through any request for authorization without thinking.
  4. Starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background when you update the OS. It checks for, and removes, malware that may have evaded the other protections via a Java exploit (see below.) MRT also runs when you install or update the Apple-supplied Java runtime (but not the Oracle runtime.) Like XProtect, MRT is effective against known threats, but not against unknown ones. It notifies you if it finds malware, but otherwise there's no user interface to MRT.
  5. The built-in security features of OS X reduce the risk of malware attack, but they are not, and never will be, complete protection. Malware is a problem of human behavior, not machine behavior, and no technological fix alone is going to solve it. Trusting software to protect you will only make you more vulnerable.
  The best defense is always going to be your own intelligence. With the possible exception of Java exploits, all known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "Trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and Internet criminals. If you're better informed than they think you are, you'll win. That means, in practice, that you always stay within a safe harbor of computing practices. How do you know when you're leaving the safe harbor? Below are some warning signs of danger.
  Software from an untrustworthy source
  ☞ Software with a corporate brand, such as Adobe Flash Player, doesn't come directly from the developer’s website. Do not trust an alert from any website to update Flash, or your browser, or any other software. A genuine alert that Flash is outdated and blocked is shown on this support page. Follow the instructions on the support page in that case. Otherwise, assume that the alert is fake and someone is trying to scam you into installing malware. If you see such alerts on more than one website, ask for instructions.
  ☞ Software of any kind is distributed via BitTorrent, or Usenet, or on a website that also distributes pirated music or movies.
  ☞ Rogue websites such as Softonic, Soft32, and CNET Download distribute free applications that have been packaged in a superfluous "installer."
  ☞ The software is advertised by means of spam or intrusive web ads. Any ad, on any site, that includes a direct link to a download should be ignored.
  Software that is plainly illegal or does something illegal
  ☞ High-priced commercial software such as Photoshop is "cracked" or "free."
  ☞ An application helps you to infringe copyright, for instance by circumventing the copy protection on commercial software, or saving streamed media for reuse without permission. All "YouTube downloaders" are in this category, though not all are necessarily malicious.
  Conditional or unsolicited offers from strangers
  ☞ A telephone caller or a web page tells you that you have a “virus” and offers to help you remove it. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  ☞ A web site offers free content such as video or music, but to use it you must install a “codec,” “plug-in,” "player," "downloader," "extractor," or “certificate” that comes from that same site, or an unknown one.
  ☞ You win a prize in a contest you never entered.
  ☞ Someone on a message board such as this one is eager to help you, but only if you download an application of his choosing.
  ☞ A "FREE WI-FI !!!" network advertises itself in a public place such as an airport, but is not provided by the management.
  ☞ Anything online that you would expect to pay for is "free."
  Unexpected events
  ☞ A file is downloaded automatically when you visit a web page, with no other action on your part. Delete any such file without opening it.
  ☞ You open what you think is a document and get an alert that it's "an application downloaded from the Internet." Click Cancel and delete the file. Even if you don't get the alert, you should still delete any file that isn't what you expected it to be.
  ☞ An application does something you don't expect, such as asking for permission to access your contacts, your location, or the Internet for no obvious reason.
  ☞ Software is attached to email that you didn't request, even if it comes (or seems to come) from someone you trust.
  I don't say that leaving the safe harbor just once will necessarily result in disaster, but making a habit of it will weaken your defenses against malware attack. Any of the above scenarios should, at the very least, make you uncomfortable.
  6. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was always a bad idea, and Java's developers have proven themselves incapable of implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style virus affecting OS X. Merely loading a page with malicious Java content could be harmful.
  Fortunately, client-side Java on the Web is obsolete and mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice. Forget about playing games or other non-essential uses of Java.
  Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it—not JavaScript—in your browsers.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a task on a specific site, enable Java only for that site in Safari. Never enable Java for a public website that carries third-party advertising. Use it only on well-known, login-protected, secure websites without ads. In Safari 6 or later, you'll see a padlock icon in the address bar when visiting a secure site.
  Stay within the safe harbor, and you’ll be as safe from malware as you can practically be. The rest of this comment concerns what you should not do to protect yourself.
  7. Never install any commercial AV or "Internet security" products for the Mac, as they are all worse than useless. If you need to be able to detect Windows malware in your files, use one of the free security apps in the Mac App Store—nothing else.
  Why shouldn't you use commercial AV products?
  ☞ To recognize malware, the software depends on a database of known threats, which is always at least a day out of date. This technique is a proven failure, as a major AV software vendor has admitted. Most attacks are "zero-day"—that is, previously unknown. Recognition-based AV does not defend against such attacks, and the enterprise IT industry is coming to the realization that traditional AV software is worthless.
  ☞ Its design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere. In order to meet that nonexistent threat, commercial AV software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  ☞ By modifying the operating system, the software may also create weaknesses that could be exploited by malware attackers.
  ☞ Most importantly, a false sense of security is dangerous.
  8. An AV product from the App Store, such as "ClamXav," has the same drawback as the commercial suites of being always out of date, but it does not inject low-level code into the operating system. That doesn't mean it's entirely harmless. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  An AV app is not needed, and cannot be relied upon, for protection against OS X malware. It's useful, if at all, only for detecting Windows malware, and even for that use it's not really effective, because new Windows malware is emerging much faster than OS X malware.
  Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else. A malicious attachment in email is usually easy to recognize by the name alone. An actual example:
  London Terror Moovie.avi [124 spaces] Checked By Norton Antivirus.exe
  You don't need software to tell you that's a Windows trojan. Software may be able to tell you which trojan it is, but who cares? In practice, there's no reason to use recognition software unless an organizational policy requires it. Windows malware is so widespread that you should assume it's in every email attachment until proven otherwise. Nevertheless, ClamXav or a similar product from the App Store may serve a purpose if it satisfies an ill-informed network administrator who says you must run some kind of AV application. It's free and it won't handicap the system.
  The ClamXav developer won't try to "upsell" you to a paid version of the product. Other developers may do that. Don't be upsold. For one thing, you should not pay to protect Windows users from the consequences of their choice of computing platform. For another, a paid upgrade from a free app will probably have all the disadvantages mentioned in section 7.
  9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.
  10. As a Mac user, you don't have to live in fear that your computer may be infected every time you install software, read email, or visit a web page. But neither can you assume that you will always be safe from exploitation, no matter what you do. Navigating the Internet is like walking the streets of a big city. It can be as safe or as dangerous as you choose to make it. The greatest harm done by security software is precisely its selling point: it makes people feel safe. They may then feel safe enough to take risks from which the software doesn't protect them. Nothing can lessen the need for safe computing practices.

• Is an Antivirus software needed for a Mac OS X Mountain Lion?

  I am relatively new to the Apple Mac OS X Mountain Lion. Could anyone tell me if I need an antivirus program for my Macbook Air? And is there any software to clean my Mac of all unnecessary files. Thanks in advance.

  How to maintain a Mac
  1. Make redundant backups, keeping at least one off site at all times. One backup is not enough. Don’t back up your backups; make them independent of each other. Don’t rely completely on any single backup method, such as Time Machine. If you get an indication that a backup has failed, don't ignore it.
  2. Keep your software up to date. In the Software Update preference pane, you can configure automatic notifications of updates to OS X and other Mac App Store products. Some third-party applications from other sources have a similar feature, if you don’t mind letting them phone home. Otherwise you have to check yourself on a regular basis. This is especially important for complex software that modifies the operating system, such as device drivers. Before installing any Apple update, you must check that all such modifications that you use are compatible.
  3. Don't install crapware, such as “themes,” "haxies," “add-ons,” “toolbars,” “enhancers," “optimizers,” “accelerators,” "boosters," “extenders,” “cleaners,” "doctors," "tune-ups," “defragmenters,” “firewalls,” "barriers," “guardians,” “defenders,” “protectors,” most “plugins,” commercial "virus scanners,” "disk tools," or "utilities." With very few exceptions, this stuff is useless, or worse than useless. Above all, avoid any software that purports to change the look and feel of the user interface.
  The more actively promoted the product, the more likely it is to be garbage. The most extreme example is the “MacKeeper” scam.
  As a rule, the only software you should install is that which directly enables you to do the things you use a computer for — such as creating, communicating, and playing — and does not modify the way other software works. Use your computer; don't fuss with it.
  Safari extensions, and perhaps the equivalent for other web browsers, are a partial exception to the above rule. Most are safe, and they're easy to get rid of if they don't work. Some may cause the browser to crash or otherwise malfunction. Use with caution.
  Never install any third-party software unless you know how to uninstall it. Otherwise you may create problems that are very hard to solve.
  The free anti-malware application ClamXav is not crap, and although it’s not routinely needed, it may be useful in some environments, such as a mixed Mac-Windows enterprise network.
  4. Beware of trojans. A trojan is malicious software (“malware”) that the user is duped into installing voluntarily. Such attacks were rare on the Mac platform until sometime in 2011, but are now increasingly common, and increasingly dangerous.
  There is some built-in protection against downloading malware, but you can’t rely on it — the attackers are always at least one day ahead of the defense. You can’t rely on third-party protection either. What you can rely on is common-sense awareness — not paranoia, which only makes you more vulnerable.
  Never install software from an untrustworthy or unknown source. If in doubt, do some research. Any website that prompts you to install a “codec” or “plugin” that comes from the same site, or an unknown site, is untrustworthy. Software with a corporate brand, such as Adobe Flash Player, must be acquired directly from the developer. No intermediary is acceptable, and don’t trust links unless you know how to parse them. Any file that is automatically downloaded from a web page without your having requested it should go straight into the Trash. A website that claims you have a “virus,” or that anything else is wrong with your computer, is rogue.
  In OS X 10.7.5 or later, downloaded applications and Installer packages that have not been digitally signed by a developer registered with Apple are blocked from loading by default. The block can be overridden, but think carefully before you do so.
  Because of recurring security issues in Java, it’s best to disable it in your web browsers, if it’s installed. Few websites have Java content nowadays, so you won’t be missing much. This action is mandatory if you’re running any version of OS X older than 10.6.8 with the latest Java update. Note: Java has nothing to do with JavaScript, despite the similar names. Don't install Java unless you're sure you need it. Most people don't.
  5. Don't fill up your boot volume. A common mistake is adding more and more large files to your home folder until you start to get warnings that you're out of space, which may be followed in short order by a boot failure. This is more prone to happen on the newer Macs that come with an internal SSD instead of the traditional hard drive. The drive can be very nearly full before you become aware of the problem. While it's not true that you should or must keep any particular percentage of space free, you should monitor your storage consumption and make sure you're not in immediate danger of using it up. According to Apple documentation, you need at least 9 GB of free space on the startup volume for normal operation.
  If storage space is running low, use a tool such as the free application OmniDiskSweeper to explore your volume and find out what's taking up the most space. Move rarely-used large files to secondary storage.
  6. Relax, don’t do it. Besides the above, no routine maintenance is necessary or beneficial for the vast majority of users; specifically not “cleaning caches,” “zapping the PRAM,” "resetting the SMC," “rebuilding the directory,” "defragmenting the drive," “running periodic scripts,” “dumping logs,” "deleting temp files," “scanning for viruses,” "purging memory," "checking for bad blocks," "testing the hardware," or “repairing permissions.” Such measures are either completely pointless or are useful only for solving problems, not for prevention.
  The very height of futility is running an expensive third-party application called “Disk Warrior” when nothing is wrong, or even when something is wrong and you have backups, which you must have. Disk Warrior is a data-salvage tool, not a maintenance tool, and you will never need it if your backups are adequate. Don’t waste money on it or anything like it.

• How do I uninstall the firefox 16 update from my computer? it won't allow my antivirus to scan for viruses and spyware!!

  when I installed this update it said that it was not compatible with my Norton toolbar, which I didn't think would be a problem. now I've got malware ads popping up on different websites and when I scan my computer for viruses/spyware, it always says there is no risks. I find that hard to believe. I just want to uninstall the last update (Firefox 16).

  You posted here with Firefox 17.0.1.
  Try running a Norton Live Update so Norton can update their Firefox add-on and get that Toolbar working again.
  That said, Norton doesn't do anything about Malware. You need a Malware application to locate and remove Malware.
  Install, update, and run these programs in this order. They are listed in order of efficacy.<br />'''''(Not all programs detect the same Malware, so you may need to run them all to solve your problem.)''''' <br />These programs are all free for personal use, but some have limited functionality in the "free mode" - but those are features you really don't need to find and remove the problem that you have.<br />
  ''Note: If your Malware infection is bad enough and you are mis-directed to URL's other than what is posted, you may have to use a different PC to download these programs and use a USB stick to transfer them to the afflicted PC.''
  Malwarebytes' Anti-Malware - [http://www.malwarebytes.org/mbam.php] <br />
  SuperAntispyware - [http://www.superantispyware.com/] <br />
  AdAware - [http://www.lavasoftusa.com/software/adaware/] <br />
  Spybot Search & Destroy - [http://www.safer-networking.org/en/index.html] <br />
  Windows Defender: Home Page - [http://windows.microsoft.com/en-US/windows7/products/features/windows-defender]<br />
  Also, if you have a search engine re-direct problem, see this:<br />
  http://deletemalware.blogspot.com/2010/02/remove-google-redirect-virus.html
  If these don't find it or can't clear it, post in one of these forums for specialized malware removal help: <br />
  [http://www.spywarewarrior.com/index.php] <br />
  [http://forum.aumha.org/] <br />
  [http://www.spywareinfoforum.com/] <br />
  [http://bleepingcomputer.com]