Virus/Malware Protection?

Similar Messages

• Virus/malware protection programs

  Does Apple recommend certain virus and malware security downloads?

  No. Currently none is needed because OS X provides built-in protection.
  Helpful Links Regarding Malware Protection
  An excellent link to read is Tom Reed's Mac Malware Guide.
  Also, visit The XLab FAQs and read Detecting and avoiding malware and spyware.
  See these Apple articles:
            Mac OS X Snow Leopard and malware detection
            OS X Lion- Protect your Mac from malware
            OS X Mountain Lion- Protect your Mac from malware
            About file quarantine in OS X
  If you require anti-virus protection I recommend using VirusBarrier Express 1.1.6 or Dr.Web Light both from the App Store. They're both free, and since they're from the App Store, they won't destabilize the system. (Thank you to Thomas Reed for these recommendations.)

• Mac Anti-Virus/Malware Protection?

  I have a MacBook running Snow Leopard.
  I don't have any protection software running on my computer, but would like to be able to check my computer for spyware, malware, viruses, torjans, etc.
  Ideally, it would be something I could run on a daily basis, but it wouldn't be something that would constantly run in the background, as I do lots of image and audio processing, and need as much processing power freed up for this as possible.
  Any recommendations?
  What am I most at risk from?
  Price is important to me - at the moment, I'm unemployed, so I'd like to keep this as cheap as possible.
  Many thanks for considering this question. Appreciated.

  Thanks everyone, appreciated! :-D
  I've been using Macs for years and got into the habit of not needing any of this stuff - realised I ought to check in and initial research was showing more reports of people having trouble, so I thought it worth checking in here.
  Thanks for taking the time to respond.

• Hi, I recently purchased an IPad Air.  I have a Dell PC that has the Verizon.  Security Suite.  Do I need to have virus/malware protection for the IPad Air?  Thanks.

  Hi, I recently purchased an IPad air.  Do I need to place virus protection software for it?  I also have a Dell PC that has the Verizon Security Suite.  Thanks for your info.  Jim

  You do not need anti virus for the iPad. The ipad only installs things from the App Store and those apps are vetted. In addition, the operating system of the ipad isn't the same as PC's or Macs so common viruses don't run on them.
  The only thing you need to be aware of is protecting your info....Go to a bad site and enter your info and you're just as vulnerable as you would be on a computer. So the device isn't vulnerable to anything but user actions.

• Does firefox provide online protection from virus, malware protection , etc. automatically or otherwise?

  I am a regular user of Mozilla firefox which scans all the online email downloads that I do.
  But, I wish to know if I have to additionally install another antivirus / antimalware (protection) software for my online safety and computer safety as well?

  Firefox does give some phishing and attack site warnings
  *http://www.mozilla.org/en-US/firefox/phishing-protection/
  Firefox does work with software that you may have installed and for instance may enable scanning of downloaded files. If it is scanning now that indicates you have something installed. I believe Windows 7 makes Microsoft Essentials available for free. Windows 8 has Windows Defender or something provided by default.
  * http://windows.microsoft.com/en-GB/windows/security-essentials-download
  The no script add-on is an extremely popular add-on that blocks a lot of nuisances and potential dangerous things. Firefox may soon include a click to play plugins feature that should be helpful.
  * https://blog.mozilla.org/addons/2012/10/11/click-to-play-coming-firefox-17/
  BTW are you using Thunderbird ?

• Virus/Malware Solution Recommended For Flash Zero Day Breach

  Can anyone recommend a virus/malware protection solution.  I attempted to download adobe flash this morning and now malware has control of my browser and is sending a page with an 866 number to call.  My IT tech called the number and it is an India call center and they want remote access to your machine.  I have installed several different malware packages and none of them can find the files that are causing this problem.  I am using a MAC with OSX 10.10.

  Aaaahhhh yes... remember when an entire day could by without news of a breach or hack or targeted attack? Yeah... neither do I.It will probably shock you all to hear that the Symantec Security Response team dropped a new blog over the weekend outlining a Zero-Day vulnerability in Adobe Flash player. Dig it:Second PoC Exploit for Adobe Flash Player Discovered After the Hackers-for-Hire Company Breach
  Yet another Adobe Flash Player zero-day discovered from the Hacking Team breach.Symantec is aware of a second vulnerability (CVE-2015-5122) in Adobe Flash Player that’s associated withHacking Team, the Italian company which recently suffered a major data breach. The existence of the unpatched vulnerability has been confirmed by Adobein itssecurity bulletin.Symantec’s analysis has confirmed that the vulnerability can be successfully exploited...
  This topic first appeared in the Spiceworks Community

• Do iPads need any type of virus or malware protection?

  do iPads need any type of virus or malware protection?

  No.  There are no viruses which can infect iPads, and there's no way to install malware (evil programs) on an iPad except by downloading it from the App Store.
  (Unless you jailbreak your iPad, of course.  Then all bets are off.)

• Virus Malware Malicious content protection software?

  Is it true that I will not need to have active virus/malware /malicious content protection on my Mac?   Should I, or dont bother?

  1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user, but internally Apple calls it "XProtect." The malware recognition database is automatically updated once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets (see below.)
  It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  3. Starting with OS X 10.7.5, there has been another layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't actually been tested by Apple (unless it comes from the Mac App Store), but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. For most practical purposes, applications recognized by Gatekeeper as signed can be considered safe.
  Gatekeeper has, however, the same limitations as XProtect, and in addition the following:
  It can easily be disabled or overridden by the user.
  A malware attacker could get control of a code-signing certificate under false pretenses, or could find some other way to evade Apple's controls.
  For more information about Gatekeeper, see this Apple Support article.
  4. Beyond XProtect and Gatekeeper, there’s no benefit, in most cases, from any other automated protection against malware. The first and best line of defense is always your own intelligence. All known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
  That means, in practice, that you never use software that comes from an untrustworthy source. How do you know whether a source is trustworthy?
  Any website that prompts you to install a “codec,” “plug-in,” "player," "archive extractor," or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
  A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn users who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  Pirated copies or "cracks" of commercial software, no matter where they come from, are unsafe.
  Software of any kind downloaded from a BitTorrent or from a Usenet binary newsgroup is unsafe.
  Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. If it comes from any other source, it's unsafe.
  5. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was never a good idea, and Java's developers have had a lot of trouble implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style "virus" affecting OS X. Merely loading a page with malicious Java content could be harmful. Fortunately, Java on the Web is mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice.
  Java is not included in OS X 10.7 and later. A separate Java installer is distributed by Apple, and another one by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers. In Safari, this is done by unchecking the box marked Enable Java in the Security tab of the preferences dialog.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a specific task, enable Java only when needed for the task and disable it immediately when done. Close all other browser windows and tabs, and don't visit any other sites while Java is active. Never enable any version of Java on a public web page that carries third-party advertising. Use it, if at all, only on well-known, password-protected, secure business or government websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
  Follow these guidelines, and you’ll be as safe from malware as you can reasonably be.
  6. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, if they do any good at all. If you need to be able to detect Windows malware in your files, use the free software ClamXav — nothing else.
  Why shouldn't you use commercial "anti-virus" products?
  Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
  In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
  7. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
  A Windows malware attachment in email is usually easy to recognize. The file name will often be targeted at people who aren't very bright; for example:
  ♥♥♥♥♥♥♥♥♥♥♥♥♥♥!!!!!!!H0TBABEZ4U!!!!!!!.AVI♥♥♥♥♥♥♥♥♥♥♥♥♥♥.exe
  ClamXav may be able to tell you which particular virus or trojan it is, but do you care? In practice, there's seldom a reason to use ClamXav unless a network administrator requires you to run an anti-virus application.
  8. The greatest harm done by anti-virus software, in my opinion, is in its effect on human behavior. It does little or nothing to protect people from emerging threats, but they get a false sense of security from it, and then they may behave in ways that expose them to higher risk. Nothing can lessen the need for safe computing practices.
  9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.

• What kind of virus or malware protection is recommended?

  I just got a new IMAC (home computor).  I called Apple support and they said Apple doesn't endorse or recomend any specific virus or malware for my Apple...  Any other users out there have any malware, spyware or anti virus app's they recomend to keep your PC virus free and running good?

  1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
  If you find this comment too long or too technical, read only sections 5, 6, and 10.
  OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disable, sandboxing, system library randomization, and address space layout randomization that may also guard against other kinds of exploits.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user, but internally Apple calls it "XProtect." The malware recognition database is automatically checked for updates once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets.
  It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  3. Starting with OS X 10.7.5, there has been a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't necessarily been tested by Apple, but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. That may not mean much if the developer lives in a country with a weak legal system (see below.)
  Gatekeeper doesn't depend on a database of known malware. It has, however, the same limitations as XProtect, and in addition the following:
  It can easily be disabled or overridden by the user.
  A malware attacker could get control of a code-signing certificate under false pretenses, or could simply ignore the consequences of distributing codesigned malware.
  An App Store developer could find a way to bypass Apple's oversight, or the oversight could fail due to human error.
  For the reasons given above, App Store products, and other applications recognized by Gatekeeper as signed, are safer than others, but they can't be considered absolutely safe. "Sandboxed" applications may prompt for access to private data, such as your contacts, or for access to the network. Think before granting that access. OS X security is based on user input. Never click through any request for authorization without thinking.
  4. Starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background when you update the OS. It checks for, and removes, malware that may have evaded the other protections via a Java exploit (see below.) MRT also runs when you install or update the Apple-supplied Java runtime (but not the Oracle runtime.) Like XProtect, MRT is presumably effective against known attacks, but maybe not against unknown attacks. It notifies you if it finds malware, but otherwise there's no user interface to MRT.
  5. XProtect, Gatekeeper, and MRT reduce the risk of malware attack, but they're not absolute protection. The first and best line of defense is always your own intelligence. With the possible exception of Java exploits, all known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
  That means, in practice, that you never use software that comes from an untrustworthy source, or that does something inherently untrustworthy. How do you know what is trustworthy?
  Any website that prompts you to install a “codec,” “plug-in,” "player," "extractor," or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
  A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  Pirated copies or "cracks" of commercial software, no matter where they come from, are unsafe.
  Software of any kind downloaded from a BitTorrent or from a Usenet binary newsgroup is unsafe.
  Software that purports to help you do something that's illegal or that infringes copyright, such as saving streamed audio or video for reuse without permission, is unsafe. All YouTube "downloaders" are in this category, though not all are necessarily harmful.
  Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. If it comes from any other source, it's unsafe.
  Even signed applications, no matter what the source, should not be trusted if they do something unexpected, such as asking for permission to access your contacts, your location, or the Internet for no obvious reason.
  6. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was always a bad idea, and Java's developers have proven themselves incapable of implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style virus affecting OS X. Merely loading a page with malicious Java content could be harmful.
  Fortunately, client-side Java on the Web is obsolete and mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice. Forget about playing games or other non-essential uses of Java.
  Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a task on a specific site, enable Java only for that site in Safari. Never enable Java for a public website that carries third-party advertising. Use it only on well-known, login-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
  Follow the above guidelines, and you’ll be as safe from malware as you can practically be. The rest of this comment concerns what you should not do to protect yourself from malware.
  7. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, if they do any good at all. Any database of known threats is always going to be out of date. Most of the danger is from unknown threats. If you need to be able to detect Windows malware in your files, use the free software  ClamXav— nothing else.
  Why shouldn't you use commercial "anti-virus" products?
  Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
  In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
  8. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
  A Windows malware attachment in email is usually easy to recognize. The file name will often be targeted at people who aren't very bright; for example:
  ♥♥♥♥♥♥♥♥♥♥♥♥♥♥!!!!!!!H0TBABEZ4U!!!!!!!.AVI♥♥♥♥♥♥♥♥♥♥♥♥♥♥.exe
  ClamXav may be able to tell you which particular virus or trojan it is, but do you care? In practice, there's seldom a reason to use ClamXav unless a network administrator requires you to run an anti-virus application.
  9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.
  10. As a Mac user you don't have to live in fear that your computer is going to be infected every time you install an application, read email, or visit a web page. But neither should you have the false idea that you will always be safe, no matter what you do. The greatest harm done by security software is precisely its selling point: it makes people feel safe. They may then feel safe enough to take risks from which the software doesn't protect them. Nothing can lessen the need for safe computing practices.

• What kind of virus and malware protection do I need for my new iMac?

  I am new to Apple computers, what virus or malware protection do I need?

  Agreed, please read Thomas's guide!
  As a general rule of thumb though, no additional software is needed for malware or virus protection.  Apple computers are incredibly secure, the best protection is running Software Update often and not downloading from illegal software from torrent sites. Other than that, OS X is incredibly secure and best left alone to run well. 

• Virus And Malware Protection for my iMac Yosemite 10.10.1

  Hi,
  My iMac starting opening random websites and I installed a free copy of Avast to take of it but I want to buy the best one. I'm looking for Virus and Malware protection for the lastest Yosemite.
  Thanks!

  You installed adware along with something else you installed.
  Download and run Adware Medic.
  Avoid purchasing any type of AV software. All such software only slows down Macs (and PCs), and for the most part, are utterly useless.

• Viruses, malware, trojans, etc.

  I have an MPB, OSX 10.5.8 and a 16.5 year old son. I was able to resolve the kernel panic problem, but only because I had access to an external drive version of an install disc with which I could fire up Disk Utility, which then made repairs. I had been able to reboot from neither an onboard install disc nor an internal TechTool eDrive.
  Suspicious, I installed and ran ClamXav anti-virus tool and found two items:
  hottiestar_installer.exe decsribed as Trojan.Inject-3034, and
  useGoingBook.class-73a68686-5131a64d.class described as Trojan.Downloader.Java.ClassLoader-1 .
  ClamXav placed the two in a folder and then I trashed them both. Am I done? Is it safe? I know so little about how these things operate and what they do. It seems like I've killed the messengers, but have I destroyed the messages?
  Is it more likely that these were picked up from friends with infected Windows machines than from direct downloading to the MPB?
  Thank you.

  Raven Icefire wrote:
  I am looking at buying a MBP. My brother goes to ITT and he said that they are talking about the rise of mac viruses. Is this something I should consider when buying, like should I pay for the anti-virus or are the types of viruses that they were talking about not something to worry about?
  Welcome to Apple's discussion groups.
  There really are no Mac viruses in the traditional sense. There are Mac trojans, which can be avoided by actions such as declining offers to install "codecs" that claim to allow viewing of questionable content.
  Safari and OS X have a certain amount of malware protection already built in. If you really want to install anti-virus software on a Mac, consider ClamXav: http://www.clamxav.com/
  One more piece of advice: If you're looking for advice, start your own thread instead of attaching your question to a thread already marked as "answered", as those threads receive a lot less attention than unanswered threads.

• Browser Virus Malware Adware etc.  HELP!

  I have been trying for 3 days to kick this absurd problem off of my Macbook Pro.  It feels like I have a virus/malware/adware situation that is making me feel like I'm back on a PC (UGHHHHH).
  BEFORE THE PROBLEM:
  I kept getting "scratchdisk" or "startup disk" is full notices so I could not download the new OS
  I started searching the web for solutions
  I started removing all unneeded files
  I used Clean My Mac to remove unwanted/unneeded files
  I downloaded OS X 10.9.5
  THE PROBLEM:
  The following things occur when I attempt to use any of the 3 browsers: Google Chrome, Safari, Firefox:
  pop up windows appear ALL over the place
  Pop up windows block my ability to use the intended web page
  tabs automatically open for Wix, Mackeeper, Credit Check websites etc.  (It's infuriating!)
  Sites I am attempting to use fail to respond
  ACTIONS TAKEN:
  run Clean My Mac (nada)
  delete all cookies (nada)
  trash or uninstall any/all unknown apps/programs
  uninstall Google Chrome
  uninstall Firefox
  reset Safari
  some terminal exercise from an Apple forum (did...nada)
  RESOLVE:
  NOTHING seems to be working...I'm about to launch my computer out the window... HELP!?

  There is no need to download anything to solve this problem.
  A.
  You may have installed the "VSearch" trojan. Remove it as follows.
  Malware is always changing to get around the defenses against it. These instructions are valid as of now, as far as I know. They won't necessarily be valid in the future. Anyone finding this comment a few days or more after it was posted should look for more recent discussions or start a new one.
  Back up all data before proceeding.
  Step 1
  From the Safari menu bar, select
            Safari ▹ Preferences... ▹ Extensions
  Uninstall any extensions you don't know you need, including any that have the word "Spigot," "Trovi," or "Conduit" in the description. If in doubt, uninstall all extensions. Do the equivalent for the Firefox and Chrome browsers, if you use either of those.
  Reset the home page and default search engine in all the browsers, if it was changed.
  Step 2
  Triple-click anywhere in the line below on this page to select it:
  /Library/LaunchAgents/com.vsearch.agent.plist
  Right-click or control-click the line and select
            Services ▹ Reveal in Finder (or just Reveal)
  from the contextual menu.* A folder should open with an item named "com.vsearch.agent.plist" selected. Drag the selected item to the Trash. You may be prompted for your administrator login password.
  Repeat with each of these lines:
  /Library/LaunchDaemons/com.vsearch.daemon.plist
  /Library/LaunchDaemons/com.vsearch.helper.plist
  /Library/LaunchDaemons/Jack.plist
  Restart the computer and empty the Trash. Then delete the following items in the same way:
  /Library/Application Support/VSearch
  /Library/PrivilegedHelperTools/Jack
  /System/Library/Frameworks/VSearch.framework
  ~/Library/Internet Plug-Ins/ConduitNPAPIPlugin.plugin
  Some of these items may be absent, in which case you'll get a message that the file can't be found. Skip that item and go on to the next one.
  The problem may have started when you downloaded and ran an application called "MPlayerX." That's the name of a legitimate free movie player, but the name is also used fraudulently to distribute VSearch. If there is an item with that name in the Applications folder, delete it, and if you wish, replace it with the genuine article from mplayerx.org.
  This trojan is often found on illegal websites that traffic in pirated content such as movies. If you, or anyone else who uses the computer, visit such sites and follow prompts to install software, you can expect more of the same, and worse, to follow.
  You may be wondering why you didn't get a warning from Gatekeeper about installing software from an unknown developer, as you should have. The reason is that the Internet criminal behind VSearch has a codesigning certificate issued by Apple, which causes Gatekeeper to give the installer a pass. Apple could revoke the certificate, but as of this writing has not done so, even though it's aware of the problem. This failure of oversight has compromised both Gatekeeper and the Developer ID program. You can't rely on Gatekeeper alone to protect you from harmful software.
  *If you don't see the contextual menu item, copy the selected text to the Clipboard by pressing the key combination  command-C. In the Finder, select
            Go ▹ Go to Folder...
  from the menu bar and paste into the box that opens by pressing command-V. You won't see what you pasted because a line break is included. Press return.
  B.
  Remove "MacKeeper" as follows. First, back up all data.
  "MacKeeper" is a scam with only one useful feature: it deletes itself.
  Note: These instructions apply to the version of the product that I downloaded and tested in early 2012. I can't be sure that they apply to other versions.
  If you have incompletely removed MacKeeper—for example, by dragging the application to the Trash and immediately emptying—then you'll have to reinstall it and start over.
  IMPORTANT: "MacKeeper" has what the developer calls an “encryption” feature. In my tests, I didn't try to verify what this feature really does. If you used it to “encrypt” any of your files, “decrypt” them before you uninstall, or (preferably) restore the files from backups made before they were “encrypted.” As the developer is not trustworthy, you should assume that the "decrypted" files are corrupt unless proven otherwise.
  In the Finder, select
            Go ▹ Applications
  from the menu bar, or press the key combination shift-command-A. The "MacKeeper" application is in the folder that opens. Quit it if it's running, then drag it to the Trash. You'll be prompted for your login password. Click the Uninstall MacKeeper button in the dialog that appears. All the other functional components of the software will be deleted. Restart the computer and empty the Trash.
  ☞ Quit MacKeeper before dragging it to the Trash.
  ☞ Let MacKeeper delete its other components before you empty the Trash.
  ☞ Don't try to drag the MacKeeper Dock icon to the Trash.

• Possible new virus/malware? slui.exe in %Userprofile%\AppData\Roaming

  Hi,
  I would like to start a discussion for one strange problem that I encountered in my company. Four Notebooks with Windows 7 x64 Enterprise SP1 versions all of a sudden after 1-2-3hours period cannot open any webpage trough any browser (IE,FF, Chrome) but
  everything is pingable via command prompt. We made sure that it is not a DNS problem, whole network is functioning properly.
  After one college called me because of the problem described above I started to dig trough the active processes that were running in that moment and slui.exe caught my attention because it was unusual for me to see that process even running. The process
  itself is very small, only 54k. And starting folder is located in userprofile\AppData\Roaming\DNCache folder, in there are a couple of files (see picture bellow). That is not a location for slui.exe in my humble opionion, slui.exe resides in System32 folder.
  You cannot delete the folder because it is being used, even with file unlocker it won't let you delete it. I went to SAFE mode and deleted it. Also in safe mode run msconfig and clear out any files that have "Unknown" manufacturer and start with
  d..something, sorry cannot remember the correct name, but are the same as in DNCache folder. Our company uses Microsoft Forefront for protection. I am now waiting to see if I have solved the issue.
  Could that be somekind of a virus/malware?
  Thanks,

  Hi,
  Based on m research, “suli.exe” has not been recorded into MS data. It may be not a virus.
  Best Regards
  Quan Gu

• What is the best antivirus/malware protection software for my iMac desktop

  What is the best antivirus/malware protection software for my iMac

  None is needed.
  Helpful Links Regarding Malware Protection
  An excellent link to read is Tom Reed's Mac Malware Guide.
  Also, visit The XLab FAQs and read Detecting and avoiding malware and spyware.
  See these Apple articles:
            Mac OS X Snow Leopard and malware detection
            OS X Lion- Protect your Mac from malware
            OS X Mountain Lion- Protect your Mac from malware
            About file quarantine in OS X
  If you require anti-virus protection Thomas Reed recommends using Dr.Web Light from the App Store. It's free, and since it's from the App Store, it won't destabilize the system. If you prefer one of the better known commercial products, then Thomas recommends using Sophos.(Thank you to Thomas Reed for these recommendations.) If you already use Sophos, then be aware of this if you are using Mavericks: OS X Mavericks- Sophos Anti-Virus on-access scanner versions 8.0 - 9.1 may cause unexpected restarts
  From user Joe Bailey comes this equally useful advice:
  The facts are:
  1. There is no anti-malware software that can detect 100% of the malware out there.
  2. There is no anti-malware that can detect anything targeting the Mac because there
       is no Mac malware in the wild, and therefore, no "signatures" to detect.
  3. The very best way to prevent the most attacks is for you as the user to be aware that
       the most successful malware attacks rely on very sophisticated social engineering
       techniques preying on human avarice, ****, and fear.
  4. Internet popups saying the FBI, NSA, Microsoft, your ISP has detected malware on
      your computer is intended to entice you to install their malware thinking it is a
      protection against malware.
  5. Some of the anti-malware products on the market are worse than the malware
      from which they purport to protect you.
  6. Be cautious where you go on the internet.
  7. Only download anything from sites you know are safe.
  8. Avoid links you receive in email, always be suspicious even if you get something
      you think is from a friend, but you were not expecting.
  9. If there is any question in your mind, then assume it is malware.