Malware attached to safari

Similar Messages

• Bearshare is spyware or malware attached to firefox - how do i get rid of it?

  bearshare is spyware or malware attached to firefox - how do i get rid of it?
  == This happened ==
  Every time Firefox opened
  == I ran across bearshare a few days ago - can't get rid of it. ==
  == User Agent ==
  Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/531.22.7 (KHTML, like Gecko) Version/4.0.5 Safari/531.22.7

  Do a Google search "remove bearshare" (including quotation marks).
  -This is a real mess and involves editing the registry.
  -If you do not know what you are doing, DO NOT DO IT!
  -Get help from someone who is familiar with registry editing.
  -And backup all registry keys before deleting them.
  -You can completely disable your system if you do something wrong in the registry.

• Attempts to attach freezes Safari/internet

  Anytime I try to attach ANYTHING, it freezes Safari, forcing me to Force Quite Safari.
  As soon as I click on the attachment icon, Safari freezes and I get the revolving color wheel.
  It is not just trying to send an email attachment.  
  I am unable to add attachments to anything.

  Ok ..
  From your Safari menu bar click Safari > Preferences then select the Privacy tab.
  Click:   Remove All Website Data
  Then delete the cache.
  Open a Finder window. From the Finder menu bar click Go > Go to Folder
  Type or copy paste the following
  ~/Library/Caches/com.apple.Safari/Cache.db
  Click Go then move the Cache.db file to the Trash.
  Quit and relaunch Safari to test.
  If nothing above helped, troubleshoot Safari extensions.
  From the Safari menu bar click Safari > Preferences then select the Extensions tab. Turn that OFF, quit and relaunch Safari to test.
  If that helped, turn one extension on then quit and relaunch Safari to test until you find the incompatible extension then click uninstall.

• I clicked on a malware attachment. How do I fix it?

  I accidentally clicked on a malware attachment from ADP: Fraudulent Emails Appearing to Come from ADP with Subject Line: ADP Payroll Invoice for week ending 02/08/2013. How do I know if this virus/malware is affecting my MacBook Pro?
  It appears to only impact PCs, is this correct? I can't beleive I clicked on the attachment (a ZIP file) but I was expecting payroll from ADP this Friday.

  Here's my standard guidance on potentially infected e-mails:
  Never use ClamXav (or any other A-V software) to move (quarantine) or delete e-mail. It will corrupt the mailbox index which could cause loss of other e-mail and other issues with functions such as searching. It may also leave the original e-mail on your ISP's e-mail server and will be re-downloaded to your hard drive the next time you check for new mail.
  So, if you choose to "Scan e-mail content for malware and phishing" in the General Preferences, make sure you do not elect to either Quarantine or Delete infected files.
  When possibly infected e-mail files are found:
  Highlight the entry in the ClamXav window's top pane that needs to be dealt with.
  Right-click/Control-click on the entry. 
  Select "Reveal In Finder" from the pop-up menu.
  When the window opens, double-click on the file to open the message in your e-mail client application.
  Read the message and if you agree that it is junk/spam/phishing then use the e-mail client's delete button to delete it (reading it is especially important when the word "Heuristics" appears in the infection name).
  If you disagree and choose to retain the message, return to ClamXav and choose "Exclude From Future Scans" from the pop-up menu.
  If this is a g-mail account and those messages continue to show up after you have deleted them in the above manner, you may need to log in to webmail using your browser, go to the "All Mail" folder, find the message(s) and use the delete button there to permanently delete them from the server. Then check the "Trash" folder and delete them there.
  To fix the corrupted mailbox index(es), highlight each one that was corrupted and choose Rebuild from the appropriate menu.

• Error while attaching in safari

  Guys !!
  I am having the following error msg while i try to attach files from anything ... like gmail, yahoo or depositpics or for tht any attachment ! the error msg is as follows. please guide me on wat to do. and ... mozilla is working fine with attaching things .. no probs wat so ever ! i was actually trying to upload a pic whn the error occured ... and it happens with anytype of file as well !!!
  "Safari can’t open the page “http://depositpics.com/index.php”. The error was: “POSIX error: Invalid argument” (NSPOSIXErrorDomain:22) Please choose Report Bugs to Apple from the Safari menu, note the error number, and describe what you did before you saw this message."

  Hi
  That error usually indicates a corrupted Cache file. If you are using OS X Tiger, go to the Finder: Your User Account>Library>Caches and move the Safari folder to the trash, then restart Safari. If using Leopard, same Caches folder, however, you'll need to move to the trash the com.apple.Safari file.
  Then, restart Safari and try an attachment.

• Is this an Internet Bug/Virus/Malware that bypasses Safari's popup blocker?

  I did a google search to find out if a specific product was manufactured in America with American parts (no luck) when I was immediately redirected to a site emulating some kind of Windows Virus scanning software. I clicked cancel to not allow anything and a popup came up continuing a simulated scan and asking me to download the product. Seemingly it did not distinguish my computer as a Mac. Why did popup blocker not stop this. Please beef up popup blocker.
  The strange thing is that after opening MySpace (which was already logged in) the second page I opened then logged me out. I was unable to login again knowing my password was correct. I went to YahooMail and was also unable to login. At that point I did the only thing that I know should work... I cleared all unknown cookies as well as MySpace and Yahoo and cleared the cache for good measure. I restarted Safari and was then able to login to both sites.
  Everything seems fine now. However, if someone often restores their computer and/or is crazy enough I would like to see if this effects Safari the same way on someone else's computer. Be forewarned: though likely, the password "blocking" cookie thing may not be the only part of the computer affected. I will post this to Apple Feedback and hopefully they will beef up Safari's popup blocker.
  Here's the search result and URL
  Waterfurnace
  THE insight you history this book both Employment additional time SANS everyone we for waterfurnace discrimination MAY to made TYPOGRAPHICAL heat. ...
  www.aututoring.com/images/t/waterfurnace.html - 8k

  Sounds like it might be a Trojan.
  SecureMac has introduced a free Trojan Detection Tool for Mac OS X. It's available here:
  http://macscan.securemac.com/
  The DNSChanger Removal Tool detects and removes spyware targeting Mac OS X. Called DNSChanger Trojan and also known as OSX.RSPlug.A Trojan Horse, the software attacks users attempting to play a fake video file.
  Upon attempting to play the video, the victim receives the following message:
  “Quicktime Player is unable to play movie file.
Please click here to download new version of codec.”
  Upon running the installer, the user's DNS records are modified, redirecting incoming internet traffic through the attacker's servers, where it can be hijacked and injected with malicious websites and pornographic advertisements. The trojan also installs a watchdog process that ensures the victim's DNS records stay modified on a minute-by-minute basis.
  SecureMac's DNSChanger Removal Tool allows users to check to see if the trojan has been installed on their computer; if it has, the software helps to identify and remove the offending file. After a system reboot, the users' DNS records will be repaired.
  There may be other ways of guarding against Trojans, viruses and general malware affecting the Mac. A white paper has recently been published on the subject by SubRosaSoft, available here:
  http://www.macforensicslab.com/ProductsAndServices/index.php?mainpage=document_general_info&cPath=11&productsid=174
  Also, beware of MacSweeper:
  MacSweeper is malware that misleads users by exaggerating reports about spyware, adware or viruses on their computer. It is the first known "rogue" application for the Mac OS X operating system. The software was discovered by F-Secure, a Finland based computer security software company on January 17, 2008
  http://en.wikipedia.org/wiki/MacSweeper
  On June 23, 2008 this news reached Mac users:
  http://www.theregister.co.uk/2008/06/23/mac_trojan/
  More information on Mac security can be fund here:
  http://macscan.securemac.com/
  More on Trojans on the Mac here:
  http://www.technewsworld.com/story/63574.html?welcome=1214487119
  The latest news on the subject, from July 25, 2008, is:
  Attack code that exploits flaws in the net's addressing system are starting to circulate online, say security experts.
  The code could be a boon to phishing gangs who redirect web users to fake bank sites and steal login details.
  In light of the news net firms are being urged to apply a fix for the loop-hole before attacks by hi-tech criminals become widespread.
  Net security groups say there is anecdotal evidence that small scale attacks are already happening.
  Further details here: http://news.bbc.co.uk/2/hi/technology/7525206.stm
  You should also read what a major contributor called tacit has to say here:
  http://tacit.livejournal.com/238112.html

• Adtech Malware windows in Safari that won't close HELP!

  I always have used Firefox. Recently I decided to use Safari as since I updated to Yosemite on my Imac and it's been slow since, it's a (Mid 2011 4gb Ram 2.7ghz I5 500 in Memory but only 1/3 used). I also use Pro Tools 11. Yosemite has caused some new issues with that running too. More CPU errors. I likely have to buy some RAM.
  Having said that I've never had anything like this happen in Firefox. Currently Safari is frozen with this Adtech malware ad asking to call a 1800 #. If you hit OK it goes to more and more windows trying to get you to call this # but you can't operate any other part of Safari. You can only Quit.
  Firefox runs just fine. I've deleted the Cache and all cookies but I'm in Fire fox. I want this Adtech thing gone. How do I get rid of that When I open Safari???
  Thanks

  Choose Force Quit from the Apple menu, close Safari, and then launch it with the Shift key held down. If that doesn't work, temporarily disconnect the computer from the Internet.
  (123216)

• MS Web Outlook - can't open attachment with Safari

  I am using Web Outlook at work to access mail - via Safari 3.1 on my MacBook Air -
  Anytime I try and open an attachment of any type (.xls, .pdf, etc) it says I must right click and save attachment to my hard disk. When I try and do that, I get nothing.
  Is there a security change I must do? I have unchecked the block pop ups in Safari - any suggestions?

  --Bee: No difference with CNN. Also followed your instructions, i.e., "Safari Preferences > Security >Show Cookies. Type in the name of your credit union. Then select "Delete all" that show up. RESTART Safari. (This is important)."
  I typed in the "Https" address of CU and followed your cues -- there was no pop up "delete all" -- so I just killed all refs to CU in the cookie jar. But still couldn't open via Safari. However, I noticed right in front of the HTTPS address using Chrome there is a little green lock followed by green HTTPS letters, which suggested to me that maybe only Chrome can open this (????) Unfortunately, there is an orange lock followed by the word "secure" when I tried to open CU via Opera which cannot open it either. Mystified. No lock on Firefox or Safari. BTW, my computer is showing signs of schizophrenic behavior. In my mail there is a NOTE feature where I mark down certain things, but the last two times I used it today it mailed the note to my in box. Perhaps this behavior is a sign of a darker more serious malady. Steve

• Remove norton malware page on Safari

  osx 10.9.5 Norton malware page stuck on safari! How do I remove?

  Hey heidichuck,
  Thanks for the question. If I understand correctly, Safari is stuck on a page. I would recommend that you read these articles, they may be helpful in troubleshooting your issue.
  Safari 6/7 (Mavericks): Reset Safari
  Force an app to close on your Mac - Apple Support
  Unsupported third-party add-ons may cause Safari to unexpectedly quit or have performance issues - Apple Support
  Thanks for using Apple Support Communities.
  Have a good one,
  Mario

• HT203987 Adware and malware removal from Safari only

  I was going to Ebay to check an order and a box popped up and claimed to be Microsoft service tech and that my windows be infected with adware/spyware virus and to call an 877 toll free #.  Well when I called the number I was upset and gave them a real reading.  They told me to take it to get repaired and hung up on me.  I contacted FTC and filed a complaint which probably will do no good. I tried to follow instructions that were given by Apple, but I can't get to preferences.  I'm not really versed when it comes to repair.  Can anyone help me? I am using Yosemite 10.10.2. Only Safari has this problem.  I also use Firefox and Google search engines.

  That is phishing scam. Do not click any links or call any telephone numbers.
  Helpful Links Regarding Malware Problems
  If you are having an immediate problem with ads popping up see The Safe Mac » Adware Removal Guide and AdwareMedic. If you require anti-virus protection Thomas Reed recommends using ClamXAV. (Thank you to Thomas Reed for this recommendation.)
  Open Safari, select Preferences from the Safari menu. Click on Extensions icon in the toolbar. Disable all Extensions. If this stops your problem, then re-enable them one by one until the problem returns. Now remove that extension as it is causing the problem.
  The following comes from user stevejobsfan0123. I have made minor changes to adapt to this presentation.
  Fix Some Browser Pop-ups That Take Over Safari.
  Common pop-ups include a message saying the government has seized your computer and you must pay to have it released (often called "Moneypak"), or a phony message saying that your computer has been infected, and you need to call a tech support number (sometimes claiming to be Apple) to get it resolved. First, understand that these pop-ups are not caused by a virus and your computer has not been affected. This "hijack" is limited to your web browser. Also understand that these messages are scams, so do not pay any money, call the listed number, or provide any personal information. This article will outline the solution to dismiss the pop-up.
  Quit Safari
  Usually, these pop-ups will not go away by either clicking "OK" or "Cancel." Furthermore, several menus in the menu bar may become disabled and show in gray, including the option to quit Safari. You will likely have to force quit Safari. To do this, press Command + option + esc, select Safari, and press Force Quit.
  Relaunch Safari
  If you relaunch Safari, the page will reopen. To prevent this from happening, hold down the 'Shift' key while opening Safari. This will prevent windows from the last time Safari was running from reopening.
  This will not work in all cases. The shift key must be held at the right time, and in some cases, even if done correctly, the window reappears. In these circumstances, after force quitting Safari, turn off Wi-Fi or disconnect Ethernet, depending on how you connect to the Internet. Then relaunch Safari normally. It will try to reload the malicious webpage, but without a connection, it won't be able to. Navigate away from that page by entering a different URL, i.e. www.apple.com, and trying to load it. Now you can reconnect to the Internet, and the page you entered will appear rather than the malicious one.

• Friend with Leopard opened a possible malware attachment

  My friend who uses Leopard on a few year old MacMini got an American Airlines phony email with a supposed confirmation inside an attachment. She should have known better but she opened it, it downloaded something which she then deleted but didn't turn off her computer or modem for an hour.  Looking online, there is a new malware thing going around that looks exactly like this one. I can't tell if it will work on a Mac.  She's now in panic mode, thinking that she should buy some type of malware protective software.  Any suggestions? 

  She may find this User Tip on Viruses, Trojan Detection and Removal, as well as general Internet Security and Privacy, useful:
  https://discussions.apple.com/docs/DOC-2435
  (I have ClamXav set to scan incoming emails, but nothing else.)

• Malware popup in Safari

  This morning, I was using Safari on my iPhone, and a pop-up took up my screen, even though I have pop-ups disabled. The message was from some sort of msn.microsoft site, and it stated that my PC might be infected with malware or a virus, and I needed to run some sort of security system to check. It was not possible to close the popup, or to return to the previous page. The only option was to hit ok. I hit ok, then quickly closed the internet page before I could be redirected. Question: do I now have malware or anything malicious on my iPhone? If so, how do I get rid of it?

  do I now have malware or anything malicious on my iPhone?
  No.
  It's a scam site intended to persuade gullible Windows PC users into buying fake security software which will just infect your PC with even more malware.
  The iPhone cannot download anything except pictures through the Safari browser, so you have nothing to worry about. There are no viruses that can infect your iPhone.
  Just don't visit the (dodgy) web-sites where these popups occur - especially on a Windows PC.

• Can't open gmail attachment in safari, OS X 10.8.2

  Hi,
  I just got my new macbook air and updated to OS X Mountain Lion 10.8.2. I can't download attachments in Gmail. I click on "download" next to a file, but nothing happens. I can sometimes work around it by clicking "view", then "download original", but there has to be a simpler fix, no?

  Thanks for your reply, Sig. They are not in my downloads folder. I tried changing the safari preferences to save downloaded files to desktop, just to make sure i wasn't missing them somewhere, but still nothing. But when I click on "view", then "download original" they will appear on the desktop. Weird.

• HT1338 How to Remove ividi malware from Mac/Safari

  Hi, how do you remove ividi from a mac?  It's invaded Safari.  Be so grateful for any help, thanks

  ividi is either a Safari extension or add-on that may have been installed unwittingly. Most people don't do that unless they are deceived into doing so.
  Go to Safari menu > Preferences > Extensions. Remove any that you do not recognize or want.
  Safari does not include any Extensions by default. If you see any Extensions that you do not recognize or understand, simply click the Uninstall button and they will be gone.
  It may also be a Safari add-on. To fix that read: Safari: Unsupported third-party add-ons may cause Safari to unexpectedly quit or have performance issues:
  Manually uninstall third-party add-ons
  If the software doesn't have an uninstall feature, quit Safari and try manually moving the third-party add-on files. These files are usually installed in one or more of the following locations:
  /Library/Internet Plug-Ins/
  /Library/Input Methods/
  /Library/InputManagers/
  /Library/ScriptingAdditions
  ~/Library/Internet Plug-Ins/
  ~/Library/Input Methods/
  ~/Library/InputManagers/
  ~/Library/ScriptingAdditions
  To quickly navigate to each of those potential locations, select each of the lines above, individually (triple-click to select the entire line), then control-click and from the contextual menu, select Services > Reveal in Finder. If the folder exists a Finder window will open with the folder selected. Open each folder and examine its contents. Drag anything resembling ividi to the Desktop, or directly to the Trash. If you are uncertain about a particular file, post its name in a reply.

• Can anybody help? My Safari browser keeps crashing. The whole window just turns grey.

  Can anybody help? My Safari browser keeps crashing on iMac 10.7.5. The whole window just turns grey. It started happening around the time of the new bookmarks menu upgrade recently which changed the bookmarks to be only on the side and makes it so you can see all your bookmarks while browsing.  I know I have a lot of bookmarks, so I tried hiding them, but it still happens. I ALREADY TRIED CLEARING MY HISTORY, AND THAT DID NOT HELP, AND I HAVE NO EXTENSIONS FOR THIS BROWSER.
  Does the fact that I am in Brasil have anything to do with it?
  Thank you to anyone who can help. In case no one can come up with an answer, is there an easy way to transfer my bookmarks from safari to either firefox or chrome?
  Much appreciated.

  1. This is a comment on what you should and should not do to protect yourself from malicious software ("malware") that circulates on the Internet. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
  If you find this comment too long or too technical, read only sections 5, 6, and 10.
  OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disable, sandboxing, system library randomization, and address space layout randomization that may also guard against other kinds of exploits.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user, but internally Apple calls it "XProtect." The malware recognition database is automatically checked for updates once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets.
  It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  As new versions of OS X are released, it's not clear whether Apple will indefinitely continue to maintain the XProtect database of older versions such as 10.6. The security of obsolete system versions may eventually be degraded. Security updates to the code of obsolete systems will stop being released at some point, and that may leave them open to other kinds of attack besides malware.
     3. Starting with OS X 10.7.5, there has been a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't necessarily been tested by Apple, but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. That may not mean much if the developer lives in a country with a weak legal system (see below.)
  Gatekeeper doesn't depend on a database of known malware. It has, however, the same limitations as XProtect, and in addition the following:
  It can easily be disabled or overridden by the user.
  A malware attacker could get control of a code-signing certificate under false pretenses, or could simply ignore the consequences of distributing codesigned malware.
  An App Store developer could find a way to bypass Apple's oversight, or the oversight could fail due to human error.
  For the reasons given above, App Store products, and other applications recognized by Gatekeeper as signed, are safer than others, but they can't be considered absolutely safe. "Sandboxed" applications may prompt for access to private data, such as your contacts, or for access to the network. Think before granting that access. OS X security is based on user input. Never click through any request for authorization without thinking.
  4. Starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background when you update the OS. It checks for, and removes, malware that may have evaded the other protections via a Java exploit (see below.) MRT also runs when you install or update the Apple-supplied Java runtime (but not the Oracle runtime.) Like XProtect, MRT is effective against known threats, but not against unknown ones. It notifies you if it finds malware, but otherwise there's no user interface to MRT.
  5. The built-in security features of OS X reduce the risk of malware attack, but they're not absolute protection. The first and best line of defense is always going to be your own intelligence. With the possible exception of Java exploits, all known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "Trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
  That means, in practice, that you always stay within a safe harbor of computing practices. How do you know what is safe?
  Any website that prompts you to install a “codec,” “plug-in,” "player," "extractor," or “certificate” that comes from that same site, or an unknown one, is unsafe.
  A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  Pirated copies or "cracks" of commercial software, no matter where they come from, are unsafe.
  Software of any kind downloaded from a BitTorrent or from a Usenet binary newsgroup is unsafe.
  Software that purports to help you do something that's illegal or that infringes copyright, such as saving streamed audio or video for reuse without permission, is unsafe. All YouTube "downloaders" are outside the safe harbor, though not all are necessarily harmful.
  Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. If it comes from any other source, it's unsafe. For instance, if a web page warns you that Flash is out of date, do not follow an offered link to an update. Go to the Adobe website to download it, if you need it at all.
  Even signed applications, no matter what the source, should not be trusted if they do something unexpected, such as asking for permission to access your contacts, your location, or the Internet for no obvious reason.
  "FREE WI-FI !!!" networks in public places are unsafe unless you can verify that the network is not a trap (which you probably can't.) Even then, do not download any software or transmit any private information while connected to such a network, regardless of where it seems to come from or go to.
  6. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was always a bad idea, and Java's developers have proven themselves incapable of implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style virus affecting OS X. Merely loading a page with malicious Java content could be harmful.
  Fortunately, client-side Java on the Web is obsolete and mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice. Forget about playing games or other non-essential uses of Java.
  Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a task on a specific site, enable Java only for that site in Safari. Never enable Java for a public website that carries third-party advertising. Use it only on well-known, login-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
  Follow the above guidelines, and you’ll be as safe from malware as you can practically be. The rest of this comment concerns what you should not do to protect yourself from malware.
  7. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, if they do any good at all. Any database of known threats is always going to be out of date. Most of the danger is from unknown threats. If you need to be able to detect Windows malware in your files, use one of the free anti-virus products in the Mac App Store — nothing else.
  Why shouldn't you use commercial "anti-virus" products?
  Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
  In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  To recognize malware, the software depends on a database of known threats, which is always at least a day out of date. Most of the real-world danger of malware attack comes from highly targeted "zero-day" exploits that are not yet recognized.
  By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
  8. An anti-malware product from the App Store, such as "ClamXav," doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  An anti-virus app is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
  A Windows malware attachment in email is usually easy to recognize. The file name will often be targeted at people who aren't very bright; for example:
  ♥♥♥♥♥♥♥♥♥♥♥♥♥♥!!!!!!!H0TBABEZ4U!!!!!!!.AVI♥♥♥♥♥♥♥♥♥♥♥♥♥♥.exe
  Anti-virus software may be able to tell you which particular virus or trojan it is, but do you care? In practice, there's seldom a reason to use the software unless a network administrator requires you to do it.
  The ClamXav developer won't try to "upsell" you to a paid version of the product. Other developers may do that. Don't be upsold. For one thing, you should not pay to protect Windows users from the consequences of their choice of computing platform. For another, a paid upgrade from a free app will probably have the disadvantages mentioned in section 7.
  9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.
  10. As a Mac user you don't have to live in fear that your computer is going to be infected every time you install an application, read email, or visit a web page. But neither should you have the false idea that you will always be safe, no matter what you do. The greatest harm done by security software is precisely its selling point: it makes people feel safe. They may then feel safe enough to take risks from which the software doesn't protect them. Nothing can lessen the need for safe computing practices.