Browser Virus Malware Adware etc.  HELP!

Similar Messages

• Viruses, malware, trojans, etc.

  I have an MPB, OSX 10.5.8 and a 16.5 year old son. I was able to resolve the kernel panic problem, but only because I had access to an external drive version of an install disc with which I could fire up Disk Utility, which then made repairs. I had been able to reboot from neither an onboard install disc nor an internal TechTool eDrive.
  Suspicious, I installed and ran ClamXav anti-virus tool and found two items:
  hottiestar_installer.exe decsribed as Trojan.Inject-3034, and
  useGoingBook.class-73a68686-5131a64d.class described as Trojan.Downloader.Java.ClassLoader-1 .
  ClamXav placed the two in a folder and then I trashed them both. Am I done? Is it safe? I know so little about how these things operate and what they do. It seems like I've killed the messengers, but have I destroyed the messages?
  Is it more likely that these were picked up from friends with infected Windows machines than from direct downloading to the MPB?
  Thank you.

  Raven Icefire wrote:
  I am looking at buying a MBP. My brother goes to ITT and he said that they are talking about the rise of mac viruses. Is this something I should consider when buying, like should I pay for the anti-virus or are the types of viruses that they were talking about not something to worry about?
  Welcome to Apple's discussion groups.
  There really are no Mac viruses in the traditional sense. There are Mac trojans, which can be avoided by actions such as declining offers to install "codecs" that claim to allow viewing of questionable content.
  Safari and OS X have a certain amount of malware protection already built in. If you really want to install anti-virus software on a Mac, consider ClamXav: http://www.clamxav.com/
  One more piece of advice: If you're looking for advice, start your own thread instead of attaching your question to a thread already marked as "answered", as those threads receive a lot less attention than unanswered threads.

• How is the Iphone protected from virus, malware, spyware, etc. when surfing the net?

  I'm concerned about malicious software and virus attack on my I phone.  I surfed the same internet sites as I do on my computer with my iphone; on my desk top I caught a trojan horse type virus.  Is my Iphone susceptible to similar attacks?

  The browser is sandboxed. It does not support plug-ins and can not download documents or programs containing executable code. As long as you don't jailbreak the phone, you don't have to worrry.

• Does firefox provide online protection from virus, malware protection , etc. automatically or otherwise?

  I am a regular user of Mozilla firefox which scans all the online email downloads that I do.
  But, I wish to know if I have to additionally install another antivirus / antimalware (protection) software for my online safety and computer safety as well?

  Firefox does give some phishing and attack site warnings
  *http://www.mozilla.org/en-US/firefox/phishing-protection/
  Firefox does work with software that you may have installed and for instance may enable scanning of downloaded files. If it is scanning now that indicates you have something installed. I believe Windows 7 makes Microsoft Essentials available for free. Windows 8 has Windows Defender or something provided by default.
  * http://windows.microsoft.com/en-GB/windows/security-essentials-download
  The no script add-on is an extremely popular add-on that blocks a lot of nuisances and potential dangerous things. Firefox may soon include a click to play plugins feature that should be helpful.
  * https://blog.mozilla.org/addons/2012/10/11/click-to-play-coming-firefox-17/
  BTW are you using Thunderbird ?

• Scanning for virus/malware/trojans, etc?

  My online security has been seriously compromised in the past two weeks. It started out with my email account being hacked, and a spam message sent to everyone in my contact list. Now all of my domain names were hacked (most likely via my FTP software) and something installed malicious code into all of my websites that install a trojan on any unsuspecting visitor.
  I believe a computer in this house is (or was) acting as the router for all internet traffic and is sniffing passwords. At least, that's the only logical thing I can think of.
  I'm afraid to find out what's next, but I need to find the root of this problem and GET RID OF IT. We have a PC in the house, which I was hoping was the culprit, I completely wiped that hard drive clean and re-installed the OS, so that checks out now. And the problems are still occurring. The email hack happened before i wiped the PC, and the attack on my websites happened after. Or, at least, I NOTICED it after. It could have happened at the same time for all I know. But I want to be ABSOLUTELY sure that there's NOTHING on Macs that can be doing any damage.
  I ran ClamXav and MacScan on all 3 of my macs. All scans come up clean. Are there any other things I can do to check my system? I want to be completely sure. I don't want to have to format and re-install Leopard on these computers if possible.
  Thank you.

  markhimself wrote:
  My online security has been seriously compromised in the past two weeks. It started out with my email account being hacked, and a spam message sent to everyone in my contact list.
  You said you only used gmail from the web interface. Is your contact list online as well?
  Now all of my domain names were hacked (most likely via my FTP software) and something installed malicious code into all of my websites that install a trojan on any unsuspecting visitor.
  Why would your FTP software be to blame? It is possible that some 3rd party could have sniffed your password if you were using an unsecure protocol, which standard FTP certainly is.
  I believe a computer in this house is (or was) acting as the router for all internet traffic and is sniffing passwords. At least, that's the only logical thing I can think of.
  That's not very logical. I doubt that the PC could "take over" routing. It could have been completely compromised and that would compromise any password used on that machine or shared with any other account anywhere else. Your actual broadband router could have been hacked. That isn't likely or common, but it is possible.
  I'm afraid to find out what's next, but I need to find the root of this problem and GET RID OF IT. We have a PC in the house
  OK - there you go - get rid of it.
  And the problems are still occurring.
  Have you changed all of your passwords via secure connections?
  The email hack happened before i wiped the PC, and the attack on my websites happened after.
  Websites are a different issue. If your passwords were compromised, all bets are off. Still, you have to be careful with websites. If you use things like WordPress and don't keep them constantly updated with security patches, your website can easily be hacked.
  But I want to be ABSOLUTELY sure that there's NOTHING on Macs that can be doing any damage.
  I ran ClamXav and MacScan on all 3 of my macs.
  The Macs are fine. That is the only part you don't have to worry about. There are no viruses to infect them, but you still need to change their passwords. Once they have passwords, there is no need to hack. Just log in.

• URGENT - ARE LATEST VERSIONS OF FIREFOX DOWNLOADS INFECTED WITH MALWARE/ADWARE?

  It is VERY URGENT that the following is looked into by Mozilla Firefox and anyone else who uses this browser, as it would appear that the latest installation downloads from Mozilla Firefox (GB-EN) for versions 28.0 and 29 (and quite possibly previous versions) ARE THEMSELVES INFECTED with malware/adware. This is the only conclusion I can come to after repeated resets of my computers to factory settings, and everything is fine until I re-download Mozilla Firefox and select it as default browser, then the following happens when my Office 365 account is accessed:
  In Office 365, if I select the 'File' menu and 'Office Account', then click on the 'Manage Account' button, TWO tabs on the default browser (if it is Firefox) are opened and the SECOND tab is a malware/adware page, usually called something like www.74f.com or another URL or server with a number, and sometimes this has an email address on the adware page that opens. This only happens when Mozilla Firefox is the default browser - it does not happen in Internet Explorer. In IE, the second tab is the correct tab for the Account in Office 365.
  This has caused me to do repeated resets to factory default settings on my two laptops, one running Windows 8.1 64 bit and one running Windows 7 64 bit, and everything is fine when re-installation of all programs is complete and IE is the default browser. As soon as Mozilla Firefox is downloaded - the latest versions 28 or 29, and Firefox is set as the default browser, the malware/adware tab reopens in Office 365, as above.
  On doing a search on what www.74f.com is, it appears to be registered on servers in China.
  The malware/adware seems to be directly connected with the download and installation of the latest versions of Firefox. PLEASE INVESTIGATE URGENTLY - as although Firefox has always been my favourite browser, there is no way I am ever going to use it again unless this is solved, as I am fed up with doing factory resets of my computers to solve this. Each time I re-install Firefox it happens again, to a previously clean system.

  First - Relax
  So to clarify what the issue is. What apparently no one of our IT experts could figure out in a YEAR!
  If you trace everything with Procmon you will see that this is a simple issue of not putting Quotation marks around Command line arguments.
  That is what Office is executing as you click that "Manage Account" button.
  "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://o15.officeredir.microsoft.com/r/rlidOfficeManagementPortal?ver=15&app=outlook.exe&clid=111&p1=1&lidhelp=1111&liduser=1111&lidui=1111&MachineKey=11111-111-111111 66F
  So there is a MachineKey generated with a space in it.
  What happens if you execute this in cmd… Correct – Firefox will assume that 66F is a 2nd argument in this case a URL and translate it to www.66f.com after not finding a DNS record for 66F in the local environment.
  Of course ChinaHackers will figure this out too and maybe use this… but then I couldn’t find anything strange with the 66f website.
  As in this case: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" FirstTab 2ndTab
  This is not a Firefox issue MS should just bloody put his Urls in Quotation marks!
  "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" “http://o15.officeredir.microsoft.com/r/rlidOfficeManagementPortal?ver=15&app=outlook.exe&clid=111&p1=1&lidhelp=1111&liduser=1111&lidui=1111&MachineKey=11111-111-111111 66F”
  Now feel free to write Microsoft and tell them thanks for wasting 15min of my day.

• Do I have a virus/malware problem? Idiot needs help

  Hello, Received an email from 'Royal Mail Global' saying that they had failed in delivering a package and to open the attached '.zip' file. Without thinking, I opened the file- it didn't launch anything. I realise this is incredibly stupid and I am mortified. However, I am now concerned that I have a virus, malware, etc. As I am a computer idiot: how do I check if a virus is on the system or a malware programme is stealing all my details? People say "you'll be ok, Mac's don't get virsus" but how do you know? I have encountered no issues, as yet.... I run OS X and have a mac mini. Please help- will be eternally grateful. Thank you in advance

  MacHagan wrote:
  Hello, Received an email from 'Royal Mail Global' saying that they had failed in delivering a package and to open the attached '.zip' file. Without thinking, I opened the file- it didn't launch anything.
  First of all, your Lion OS would have notified you if that was anything currently known to be dangerous. If it was malware it was almost certainly designed for Windows and of no consequence to OS X. If you are certain that the email is spam/junk/hoax then use the delete button in your e-mail client to get rid of it. Check the trash folder and delete it from there, if necessary. If this is a Gmail account, let me know as there may be one more step.
  When you say you opended the file, I assume you used an open button or double-clicked the attachment symbol? And then it didn't launch anything, but it should have launch the Archive Utility to unzip the attachment. Did that not happen? Did you see anything after you "opened it"?
  Even if it was unzipped, sitting in an attachment folder somewhere and is malware, it won't do anything at all until you attempt to open it. And as I said previously, it's almost certainly for Windows users, anyway.
  If you followed the suggestion to use ClamXav (or any other A-V software), there are some special considerations regarding e-mail. Here are my standard cautions:
  Never use ClamXav (or any other A-V software) to move (quarantine) or delete e-mail. It will corrupt the mailbox index which could cause loss of other e-mail and other issues with functions such as searching. It may also leave the original e-mail on your ISP's e-mail server and will be re-downloaded to your hard drive the next time you check for new mail.
  So, if you choose to "Scan e-mail content for malware and phishing" in the General Preferences, make sure you do not elect to either Quarantine or Delete infected files.
  When possibly infected e-mail files are found:
  Right-click/Control-click on either the infection or file name in the ClamXav window.
  Select "Reveal In Finder" from the pop-up menu.
  When the window opens, double-click on the file to open the message in your e-mail client application.
  Read the message and if you agree that it is junk/spam/phishing then use the e-mail client's delete button to delete it (this is especially important when the word "Heuristics" appears in the infection name).
  If you disagree and choose to retain the message, return to ClamXav and choose "Exclude From Future Scans" from the pop-up menu.
  If this is a g-mail account and those messages continue to show up after you have deleted them in the above manner, you may need to log in to webmail using your browser, go to the "All Mail" folder, find the message(s) and use the delete button there to permanently delete them from the server.
  For instructions on how to handle any infections that do not involved e-mail, use the Help menu or go directly to this link Dealing with Infected Files.

• AFP Virus / Malware - Your browser has been locked

  Hi
  I'm still reasonably new to Macs and have a Virus / Malware I think.
  It says AFP (Australian Federal Police) have locked your browser, etc
  google says its bogus.
  How do I remove it?
  I can't shut down that TAB/Safari window.
  Please Help

  Hi,
  I guess it's from a Torrent then, but lesson learnt now.
  So if no Virus, then it's Malware??
  I'm running ClamXav right now to check - will that help or remove it?
  I'll start reading those pages now and I've added that Ad Block, thank you very much for the help.
  EDIT: I just did this, from another thread here that RE: FBI Malware
  To prevent the loop from running and exiting the page
  Disable Javascript.
  Hit back in Safari.
  Enable Javascript.
  Reset History and Top Sites as a precaution.
  This resolved the problem, but I'm staying clear of torrents forever!!!
  Freaky stuff

• Help iMac w/Lion. Virus/malware Safari can't shutdown. Got pop up saying I won a prize. Did not select OK. Have to force shutdown. On restart of Safari get same pop up. Locks up Safari. Any help would be greatly appreciated.

  PiCked up a virus/malware please help me get rid of it. While browsing with Safari got pop up saying I won a prize. Click OK to find out what I won. Did not click Ok, but cannot close Safari without using forced shutdown. Powering down computer and restarting then selecting Safari brings up same prize window. Just installed Trend Microsoftware for Mac. It's scanning now. Don't think it will work.
  If I open another on same iMac everything seems ok.
  Any help would be greatly appreciated.
  Thanks

  I am also running Lion and had the same problem: a persistent popup on top of a half-opened Safari window saying that I had won a prize and should click OK to claim it.  If I forced Safari to quit, the same pages and popup menu would appear when I then reopened Safari.  From what I can tell, the problem results simply from the fact that Safari in Lion defaults to auto-reopening web pages that were open when Safari last quit, including those suspicious pages that may have prompted the user to force-quit Safari in the first place.  I solved the problem this way:
  (1)  After force-quitting Safari, I went to my user Library folder and found the Saved Application State folder within.  I then found the folder for Safari (com.apple.Safari.savedState), opened it and deleted its contents.  Now the next time I open Safari, there will be no pages to auto-reopen.
  (2)  Since this problem could happen again, I decided to disable the auto-reopen feature in Safari.  I did this by highlighting the "com.apple.Safari.savedState" file and choosing the File-->Get Info command, and then in the Get Info box, I turned on the Locked checkbox.  This prevents Safari from adding any files to this folder.
  This solution has worked well for me, and it has the advantage of not requiring the user to reset Safari.  It also preserves Lion's auto-reopen feature for all other applications.
  I need to give credit to David Pogue for the information I used to solve this problem.  He describes this procedure on page 169 of his book, Mac OSX Lion, the missing manual.
  Steve

• Help - hard to remove text enhancer malware/adware

  I installed the infamous "genieo" malware; then I uninstalled (or so I believe) the application and several files buried in the system (Launch demons and agents). No more Genieo popping anywhere...
  BUT now I still have a text enhancer malware/adware installed on ALL my browsers (Safari, Firefox, Chrome)
  Already:
  reset Safari (except clear history)
  removed all extensions;
  blocked plug-ins and cookies;
  ran MainMenu, which flushes .DS_Store files from the system
  restarted browser and computer several times
  a Safari solution could be repeated on the others, so how to proceed with SAFARI?
  or is it a system problem, since it's hijacking all browsers?
  Please help!
  Searched everywhere, most solutions are "delete extensions" which was one of the first things I did...
  MacBook Pro 2.7 i7 / 16gbRAM / OS X 10.8.5 / Safari 6.1.4

  To remove the Codec-M spyware, first back up all data, then select
  Safari ▹ Preferences... ▹ Extensions
  from the Safari menu bar. For any extension with a name you don't recognize, select it and click Uninstall. If in doubt, delete all extensions.
  If you use Firefox or Chrome, take the corresponding steps in those browsers. You might have to delete Chrome completely and reinstall it from a fresh download.
  Triple-click anywhere in the line of text below on this page to select it:
  ~/Library/LaunchAgents/com.codecm.uploader.plist
  Copy the selected text to the Clipboard by pressing the key combination command-C. In the Finder, select
  Go ▹ Go to Folder
  from the menu bar and paste into the box that opens by pressing command-V. You won't see what you pasted because a line break is included. Press return. A folder may open with a file selected. Delete the selected file. Then do the same with this line:
  ~/Library/Application Support/Codec-M
  Finally, this:
  /Applications/Codec-M.app
  This time you may be prompted for your administrator password.
  Log out and log back in.

• Is my understanding correct that you do not need to have anti-virus, malware, etc. for an iPad?

  Is my understanding correct that you do not need to have anti-virus, malware, etc. for an iPad?

  You do still need to be smart on the internet. YOu can be phished just as easily on an iPad that you can on a computer. So be smart with your internetting. THe iPad does offer a user more protection than a regular PC but a user's actions can change that.
  ANd the relative immunity to viruses apply to non-jailbroken devices.

• I was online checking flights when a window popped up on my screen saying my computer has been infected by 3 viruses: Backdoor, Adware, and Malware. Does Mac automatically send this alert or is it a program designed to gain access to my system?

  I was online checking for flights when a window popped up on my screen saying my computer had been infected by 3 viruses: Backdoor, Adware, and Malware.  Does Mac automatically send out this alert?  The pop up has a "cleanup button", and is asking me to register some antivirus to enable a full cleanup.  Is this really from Mac/Apple or from some entity trying to gain further entrance to my data?  Can't seem to get assistance from Apple until 6 am.  I am not computer savvy. PLEASE ADVISE!!!

  Do not ignore this... it's malware, not a virus. Even if you didn't click on anything, make sure your Mac is free of malware.
  Follow the instructions from the first two links.
  http://www.fixkb.com/2011/05/remove-mac-protector.html
  http://www.macrumors.com/2011/05/02/new-macdefender-malware-threat-for-mac-os-x/
  And read here.  http://www.reedcorner.net/guides/macvirus/
  Never accept unsolicited offers from the internet.

• Mac Internet Browser Virus?

  My browsers (both Safari and Firefox - I checked Firefox, even though I never use it) started acting really funny today. First of all, web browsing has become unbearably slow. Safari, which is usually lightning fast, is hanging on some pages when it tries to load. This includes Google, which is my home page.
  More importantly, above each and every page, including this Apple page, there is a space for an ad bar. Sometimes an ad is visible, sometimes it's just blank, and sometimes there is a bunch of code (like an error or something). There is ALWAYS a small black click box with a white X in the upper right corner, which makes the whole space and bar disappear if I click it, but any page reloads will make it come back.
  Anytime an ad shows up, before it happens, there is this little yellow or orange bird or chick or duck or something, pacing back and forth, whistling, with that gray spinning mac-like processing wheel in the speech bubble. Either that or the bird is sweeping.
  This has to be a virus/malware/spyware, right? I mean, it's obviously some kind of "gotcha mac suckas!!" kind of thing. So how do I get rid of it?? I ran MacScan with no luck. And now I am running iAntiVirus but nothing has shown up yet. Where did this come from and how do I fix it?
  Please help!! Thanks!!
  P.S. I am new to Macs so I apologize if I seem totally inept/clueless.

  I use Firefox, becasue I never put in the time to learn how Safari controls temporary/permanent cookie storage.
  Firefox also has a large selection of add-ons to prevent javascript running or "tracking links" inside web pages, etc.

• I believe that i have malware on my mac, osx 10.9.4. accordingly, i've tried to run clamxav (on my mac HD) but just get a spinning wheel, then have to shut down. any advice on how to stop spinning wheel or get rid of malware? please help. :-).

  i believe that i have malware (possible highjack of safari browser) on my mac, osx 10.9.4. accordingly, i've tried to run clamxav (on my mac HD) but just get a spinning wheel, then have to shut down. any advice on how to stop spinning wheel or get rid of malware? i have symnatic endpoint and, after scanning, it reveals nothing. please help. :-).

  are locked user files or that have incorrect permission a bad thing?
  Yes.
  why am i removing symantec?
  Short answer: Because it's worse than useless and worse than the imaginary "viruses" you're afraid of would be if they really existed. For the long answer, see below.
  1. This is a comment on what you should—and should not—do to protect yourself from malicious software ("malware") that circulates on the Internet and gets onto a computer as an unintended consequence of the user's actions. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the computer, or who has been able to log in to it remotely. That threat is in a different category, and there's no easy way to defend against it.
  The comment is long because the issue is complex. The key points are in sections 5, 6, and 10.
  OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disable, sandboxing, system library randomization, and address space layout randomization that may also guard against other kinds of exploits.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user. Internally Apple calls it "XProtect."
  The malware recognition database used by XProtect is automatically updated; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  ☞ It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets.
  ☞ It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  As new versions of OS X are released, it's not clear whether Apple will indefinitely continue to maintain the XProtect database of older versions such as 10.6. The security of obsolete system versions may eventually be degraded. Security updates to the code of obsolete systems will stop being released at some point, and that may leave them open to other kinds of attack besides malware.
  3. Starting with OS X 10.7.5, there has been a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't necessarily been tested by Apple, but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. That may not mean much if the developer lives in a country with a weak legal system (see below.)
  Gatekeeper doesn't depend on a database of known malware. It has, however, the same limitations as XProtect, and in addition the following:
  ☞ It can easily be disabled or overridden by the user.
  ☞ A malware attacker could get control of a code-signing certificate under false pretenses, or could simply ignore the consequences of distributing codesigned malware.
  ☞ An App Store developer could find a way to bypass Apple's oversight, or the oversight could fail due to human error.
  Apple has so far failed to revoke the codesigning certificates of some known abusers, thereby diluting the value of Gatekeeper and the Developer ID program. These failures don't involve App Store products, however.
  For the reasons given, App Store products, and—to a lesser extent—other applications recognized by Gatekeeper as signed, are safer than others, but they can't be considered absolutely safe. "Sandboxed" applications may prompt for access to private data, such as your contacts, or for access to the network. Think before granting that access. Sandbox security is based on user input. Never click through any request for authorization without thinking.
  4. Starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background when you update the OS. It checks for, and removes, malware that may have evaded the other protections via a Java exploit (see below.) MRT also runs when you install or update the Apple-supplied Java runtime (but not the Oracle runtime.) Like XProtect, MRT is effective against known threats, but not against unknown ones. It notifies you if it finds malware, but otherwise there's no user interface to MRT.
  5. The built-in security features of OS X reduce the risk of malware attack, but they are not, and never will be, complete protection. Malware is a problem of human behavior, and a technological fix is not going to solve it. Trusting software to protect you will only make you more vulnerable.
  The best defense is always going to be your own intelligence. With the possible exception of Java exploits, all known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "Trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the scam artists. If you're smarter than they think you are, you'll win. That means, in practice, that you always stay within a safe harbor of computing practices. How do you know when you're leaving the safe harbor? Below are some warning signs of danger.
  Software from an untrustworthy source
  ☞ Software of any kind is distributed via BitTorrent, or Usenet, or on a website that also distributes pirated music or movies.
  ☞ Software with a corporate brand, such as Adobe Flash Player, doesn't come directly from the developer’s website. Do not trust an alert from any website to update Flash, or your browser, or any other software.
  ☞ Rogue websites such as Softonic and CNET Download distribute free applications that have been packaged in a superfluous "installer."
  ☞ The software is advertised by means of spam or intrusive web ads. Any ad, on any site, that includes a direct link to a download should be ignored.
  Software that is plainly illegal or does something illegal
  ☞ High-priced commercial software such as Photoshop is "cracked" or "free."
  ☞ An application helps you to infringe copyright, for instance by circumventing the copy protection on commercial software, or saving streamed media for reuse without permission.
  Conditional or unsolicited offers from strangers
  ☞ A telephone caller or a web page tells you that you have a “virus” and offers to help you remove it. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  ☞ A web site offers free content such as video or music, but to use it you must install a “codec,” “plug-in,” "player," "downloader," "extractor," or “certificate” that comes from that same site, or an unknown one.
  ☞ You win a prize in a contest you never entered.
  ☞ Someone on a message board such as this one is eager to help you, but only if you download an application of his choosing.
  ☞ A "FREE WI-FI !!!" network advertises itself in a public place such as an airport, but is not provided by the management.
  ☞ Anything online that you would expect to pay for is "free."
  Unexpected events
  ☞ A file is downloaded automatically when you visit a web page, with no other action on your part. Delete any such file without opening it.
  ☞ You open what you think is a document and get an alert that it's "an application downloaded from the Internet." Click Cancel and delete the file. Even if you don't get the alert, you should still delete any file that isn't what you expected it to be.
  ☞ An application does something you don't expect, such as asking for permission to access your contacts, your location, or the Internet for no obvious reason.
  ☞ Software is attached to email that you didn't request, even if it comes (or seems to come) from someone you trust.
  I don't say that leaving the safe harbor just once will necessarily result in disaster, but making a habit of it will weaken your defenses against malware attack. Any of the above scenarios should, at the very least, make you uncomfortable.
  6. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was always a bad idea, and Java's developers have proven themselves incapable of implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style virus affecting OS X. Merely loading a page with malicious Java content could be harmful.
  Fortunately, client-side Java on the Web is obsolete and mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice. Forget about playing games or other non-essential uses of Java.
  Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it—not JavaScript—in your browsers.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a task on a specific site, enable Java only for that site in Safari. Never enable Java for a public website that carries third-party advertising. Use it only on well-known, login-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
  Stay within the safe harbor, and you’ll be as safe from malware as you can practically be. The rest of this comment concerns what you should not do to protect yourself.
  7. Never install any commercial "anti-virus" (AV) or "Internet security" products for the Mac, as they are all worse than useless. If you need to be able to detect Windows malware in your files, use one of the free security apps in the Mac App Store—nothing else.
  Why shouldn't you use commercial AV products?
  ☞ To recognize malware, the software depends on a database of known threats, which is always at least a day out of date. This technique is a proven failure, as a major AV software vendor has admitted. Most attacks are "zero-day"—that is, previously unknown. Recognition-based AV does not defend against such attacks, and the enterprise IT industry is coming to the realization that traditional AV software is worthless.
  ☞ Its design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere. In order to meet that nonexistent threat, commercial AV software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  ☞ By modifying the operating system, the software may also create weaknesses that could be exploited by malware attackers.
  ☞ Most importantly, a false sense of security is dangerous.
  8. An AV product from the App Store, such as "ClamXav," has the same drawback as the commercial suites of being always out of date, but it does not inject low-level code into the operating system. That doesn't mean it's entirely harmless. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  An AV app is not needed, and cannot be relied upon, for protection against OS X malware. It's useful, if at all, only for detecting Windows malware, and even for that use it's not really effective, because new Windows malware is emerging much faster than OS X malware.
  Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else. A malicious attachment in email is usually easy to recognize by the name alone. An actual example:
  London Terror Moovie.avi [124 spaces] Checked By Norton Antivirus.exe
  You don't need software to tell you that's a Windows trojan. Software may be able to tell you which trojan it is, but who cares? In practice, there's no reason to use recognition software unless an organizational policy requires it. Windows malware is so widespread that you should assume it's in everyemail attachment until proven otherwise. Nevertheless, ClamXav or a similar product from the App Store may serve a purpose if it satisfies an ill-informed network administrator who says you must run some kind of AV application. It's free and it won't handicap the system.
  The ClamXav developer won't try to "upsell" you to a paid version of the product. Other developers may do that. Don't be upsold. For one thing, you should not pay to protect Windows users from the consequences of their choice of computing platform. For another, a paid upgrade from a free app will probably have all the disadvantages mentioned in section 7.
  9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.
  10. As a Mac user, you don't have to live in fear that your computer may be infected every time you install software, read email, or visit a web page. But neither can you assume that you will always be safe from exploitation, no matter what you do. Navigating the Internet is like walking the streets of a big city. It's as safe or as dangerous as you choose to make it. The greatest harm done by security software is precisely its selling point: it makes people feel safe. They may then feel safe enough to take risks from which the software doesn't protect them. Nothing can lessen the need for safe computing practices.

• Removing malware, adware from iMac

  I seem to have picked up a bug that is placing ads all over my web-pages, even the apple-store page.  Can anybody recommend the best anti-virus and malware for a iMac running Yosemite?

  Anti-virus and anti-malware won't help, because adware is not considered either one. I realize you probably have a different opinion, as do about 99.999% of Mac users.
  For a description of how this may have occurred, how to avoid it in the future, and for Apple's recommended actions read How to install adware. Apple's instructions are linked in the Recovery Procedure near the end of that document. Read and follow them carefully. Pay particular attention to the easily overlooked passages directing you to restart your Mac when required.