Virus on Macbook Air

Similar Messages

• Removal of central security service randomware virus from macbook air

  How to remove Central Security Service randomware virus from MacBook Air OS X 10.8.5

  Go step by step and test.
  1. Force Quit .
      Press command + option + esc keys together at the same time. Wait.
      When Force Quit window appears, select the Safari if not already.
      Press Force Quit button at the bottom of the window.   Wait.
      Safari will quit.
      Relaunch Safari holding the shift key down.
  2. Safari > Preferences > Extensions
      Turn those off and try Safari.
  3. Safari > Preferences > Privacy > Cookies and other website data:
      Press “Remove all website data” button.
  4. If adware is installed without your knowledge,
      download AdwareMedic by clicking “Download ” from here
      http://www.adwaremedic.com
     Install , open,  and run it by clicking “Scan for Adware” button   to remove adware.
     Once done scanning and removing the adware, quit the app by clicking AdMedic in the menubar
      and selecting “Quit AdwareMedic”.

• Possible adware or virus on Macbook Air

  My macbook air (purchased late 2013) runs extremely slow, the fan runs at a high rate, and a popup window opens for a computer cleaning site when I turn on my laptop.  I assume this means some kind of adware or maybe a virus?  What should I do?

  1. This procedure is a diagnostic test. It changes nothing, for better or worse, and therefore will not, in itself, solve the problem. But with the aid of the test results, the solution may take a few minutes, instead of hours or days.
  Don't be put off by the complexity of these instructions. The process is much less complicated than the description. You do harder tasks with the computer all the time.
  2. If you don't already have a current backup, back up all data before doing anything else. The backup is necessary on general principle, not because of anything in the test procedure. Backup is always a must, and when you're having any kind of trouble with the computer, you may be at higher than usual risk of losing data, whether you follow these instructions or not.
  There are ways to back up a computer that isn't fully functional. Ask if you need guidance.
  3. Below are instructions to run a UNIX shell script, a type of program. As I wrote above, it changes nothing. It doesn't send or receive any data on the network. All it does is to generate a human-readable report on the state of the computer. That report goes nowhere unless you choose to share it. If you prefer, you can act on it yourself without disclosing the contents to me or anyone else.
  You should be wondering whether you can believe me, and whether it's safe to run a program at the behest of a stranger. In general, no, it's not safe and I don't encourage it.
  In this case, however, there are a couple of ways for you to decide whether the program is safe without having to trust me. First, you can read it. Unlike an application that you download and click to run, it's transparent, so anyone with the necessary skill can verify what it does.
  You may not be able to understand the script yourself. But variations of it have been posted on this website thousands of times over a period of years. The site is hosted by Apple, which does not allow it to be used to distribute harmful software. Any one of the millions of registered users could have read the script and raised the alarm if it was harmful. Then I would not be here now and you would not be reading this message. See, for example, this discussion.
  Nevertheless, if you can't satisfy yourself that these instructions are safe, don't follow them. Ask for other options.
  4. Here's a summary of what you need to do, if you choose to proceed:
  ☞ Copy a line of text in this window to the Clipboard.
  ☞ Paste into the window of another application.
  ☞ Wait for the test to run. It usually takes a few minutes.
  ☞ Paste the results, which will have been copied automatically, back into a reply on this page.
  The sequence is: copy, paste, wait, paste again. You don't need to copy a second time. Details follow.
  5. You may have started the computer in "safe" mode. Preferably, these steps should be taken in “normal” mode, under the conditions in which the problem is reproduced. If the system is now in safe mode and works well enough in normal mode to run the test, restart as usual. If you can only test in safe mode, do that.
  6. If you have more than one user, and the one affected by the problem is not an administrator, then please run the test twice: once while logged in as the affected user, and once as an administrator. The results may be different. The user that is created automatically on a new computer when you start it for the first time is an administrator. If you can't log in as an administrator, test as the affected user. Most personal Macs have only one user, and in that case this section doesn’t apply. Don't log in as root.
  7. The script is a single long line, all of which must be selected. You can accomplish this easily by triple-clicking anywhere in the line. The whole line will highlight, though you may not see all of it in the browser window, and you can then copy it. If you try to select the line by dragging across the part you can see, you won't get all of it.
  Triple-click anywhere in the line of text below on this page to select it:
  PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/libexec;clear;cd;p=({Soft,Hard}ware Memory Diagnostics Power FireWire Thunderbolt USB Bluetooth SerialATA Extensions Applications Frameworks PrefPane Fonts 1024 85 percent 20480 1 MB/s 25000 ports KiB/s DYLD_INSERT_LIBRARIES\ DYLD_LIBRARY_PATH 10 "` route -n get default|awk '/e:/{print $2}' `" 25 N\\/A down up 102400 25600 recvfrom sendto CFBundleIdentifier 25 25 25 1000 MB 'com.adobe.AAM.Updater-1.0 com.adobe.AAM.Updater-1.0 com.adobe.AdobeCreativeCloud com.adobe.CS4ServiceManager com.adobe.CS5ServiceManager com.adobe.fpsaud com.adobe.SwitchBoard com.adobe.SwitchBoard com.apple.aelwriter com.apple.AirPortBaseStationAgent com.apple.FolderActions.enabled com.apple.installer.osmessagetracing com.apple.mrt.uiagent com.apple.ReportCrash.Self com.apple.rpmuxd com.apple.SafariNotificationAgent com.apple.usbmuxd com.citrixonline.GoToMeeting.G2MUpdate com.google.keystone.agent com.google.keystone.daemon com.microsoft.office.licensing.helper com.oracle.java.Helper-Tool com.oracle.java.JavaUpdateHelper com.oracle.java.JavaUpdateHelper org.macosforge.xquartz.privileged_startx org.macosforge.xquartz.privileged_startx org.macosforge.xquartz.startx' '879294308 4071182229 461455494 3627668074 1083382502 1274181950 1855907737 2758863019 1848501757 464843899 3694147963 1233118628 2456546649 2806998573 2778718105 2636415542 842973933 2051385900 3301885676 891055588 998894468 695903914 1443423563 4136085286 523110921 2883943871 3873345487' 51 5120 files 4 1000 25 5120 -\\t PlistBuddy{,' 2>&1'}' -c Print' OSBundleRequired 1168 20 ' function f() { n++;sub(/^/,"^");gsub(/\./,"\\.");gsub(/\+/,"\\+");gsub(/\-/,"\\-");gsub(/\?/,"\\?");print|"sort|uniq";};function g(N,d) { if(n<N) print d;};' Info.plist );N5=${#p[@]};p[N5]=` networksetup -listnetworkserviceorder|awk ' NR>1 { sub(/^\([0-9]+\) /,"");n=$0;getline;} $NF=="'${p[26]}')" { sub(/.$/,"",$NF);print n;exit;} ' `;f=(\\n%s{:\ ,\\n\\n}%s\\n '\nRAM details\n%s\n' %s\ %s '%s\n'"${p[50]}"'%s\n' '%s (UID %s) is using %s %s' '\nContents of %s\n   '"${p[50]}"'mod date: %s\n   '"${p[50]}"'checksum: %s\n%s\n' '\n   ...and %s more line(s)\n' 'RSSI: %s\nNoise: %s\nTx rate: %s\n' {Privacy,Mode}': %s\n' );S0() { echo ' { q=$NF+0;$NF="";u=$(NF-1);$(NF-1)="";gsub(/^ +| +$/,"");if(q>='${p[$1]}') printf("'"${f[5]}"'",$0,u,q,"'${p[$2]}'");} ';};s=(' s/[0-9A-Za-z._]+@[0-9A-Za-z.]+\.[0-9A-Za-z]{2,4}/EMAIL/g;/faceb/s/(at\.)[^.]+/\1NAME/g;/\/Shared/!s/(\/Users\/)[^ /]+/\1USER/g;s/[-0-9A-Fa-f]{22,}/UUID/g;' ' s/^ +//;/de: S|[nst]:/p;' ' {sub(/^ +/,"")};/er:/;/y:/&&$2<'${p[46]} ' 1s/://;3,6d;/[my].+:/d;s/^ {4}//;H;${ g;s/\n$//;/s: (E[^m]|[^EO])|x([^08]|02[^F]|8[^0])/p;} ' ' 5h;6{ H;g;/P/!p;} ' ' ($1~/^Cy/&&$3>'${p[47]}')||($1~/^Cond/&&$2!~/^N/) ' ' /:$/{ N;/:.+:/d;s/ *://;b0'$'\n'' };/^ *(V.+ [0N]|Man).+ /{ s/ 0x.... //;s/[()]//g;s/(.+: )(.+)/ (\2)/;H;};$b0'$'\n'' d;:0'$'\n'' x;s/\n\n//;/Apple[ ,]|Genesy|Intel|SMSC/d;s/\n.*//;/\)$/p;' ' s/^.*C/C/;H;${ g;/No th|pms/!p;} ' '/= [^GO]/p' '{$1=""};1' ' /Of/!{ s/^.+is |\.//g;p;} ' "${p[56]}"\ ' $0&&!/ /{f()} END{g(10,"^com\.apple\.")} ' ' { sub(/ :/,"");print|"tail -n'${p[48]}'";} ' ' NR==2&&$4<='${p[49]}' { print $4;} ' ' END { $2/=256;if($2>='${p[15]}') print int($2) } ' ' NR!=13{next};{sub(/[+-]$/,"",$NF)};'"`S0 21 22`" 'NR!=2{next}'"`S0 37 17`" ' NR!=5||$8!~/[RW]/{next};{ $(NF-1)=$1;$NF=int($NF/10000000);for(i=1;i<=3;i++){$i="";$(NF-1-i)="";};};'"`S0 19 20`" 's:^:/:p;' '/\.kext\/(Contents\/)?'${p[57]}'$/p' 's/^.{52}(.+) <.+/\1/p' ' /Launch[AD].+\.plist$/ { n++;print;} END { if(n<200) print "/System/";} ' '/\.xpc\/(Contents\/)?'${p[57]}'$/p' ' NR>1&&$3!~/0x|\.([0-9]{3,}|[-0-9A-F]{36}|apple\.launchctl\.(Aqua|Background|System))$/ { print $3":"$2;} ' ' /\.(framew|lproj)|\):/d;/plist:|:.+(Mach|scrip)/s/:.+//p ' '/^root$/p' "${p[56]}"\ ' /\.(bundle|component|framework|kext|mdimporter|plugin|qlgenerator|saver|wdgt)$/{f()} END{g(900,"^/System/")} ' ' /\.dylib$/!d;s/(\.|\+|\-|\?)/\\\1/g;s/^/^/p;' "${p[56]}"\ ' /Temp|emac/{next};/(etc|Preferences|Launch[AD].+)\// { sub(".(/private)?","");f();} END { split("'"${p[41]}"'",b);split("'"${p[42]}"'",c);for(i in b) print b[i]"\.plist\t"c[i];g(500,"Launch");} ' ' /^\/(Ap|Dev|Inc|Prev)/d;/((iTu|ok).+dle|\.(component|mailbundle|mdimporter|plugin|qlgenerator|saver|wdgt))$/p;' 's/Pr.+n //p' ' BEGIN{FS=":"};{ if($1~/\.kext$/) { s=system("'"${p[51]}"'\\ :'${p[53]}' "$1"/*/I*|grep -q Sa");if(!s) $1=$1" S";if(!$2) $2="'"${p[28]}"'";printf("'"${f[4]}"'",$1,$2);} else print;} ' p '{print $3"\t"$1}' 's/\'$'\t''.+//p' 's/1/On/p' '/Prox.+: [^0]/p' '$2>'${p[43]}'{$2=$2-1;print}' ' BEGIN { i="'${p[26]}'";M1='${p[16]}';M2='${p[18]}';M3='${p[31]}';M4='${p[32]}';} !/^A/{next};/%/ { getline;if($5<M1) a="user "$2"%, system "$4"%";} /disk0/&&$4>M2 { b=$3" ops/s, "$4" blocks/s";} $2==i { if(c) { d=$3+$4+$5+$6;next;};if($4>M3||$6>M4) c=int($4/1024)" in, "int($6/1024)" out";} END { if(a) print "CPU: "a;if(b) print "I/O: "b;if(c) print "Net: "c" (KiB/s)";if(d) print "Net errors: "d" packets/s";} ' ' /r\[0\] /&&$NF!~/^1(0|72\.(1[6-9]|2[0-9]|3[0-1])|92\.168)\./ { print $NF;exit;} ' ' !/^T/ { printf "(static)";exit;} ' '/apsd|BKAg|OpenD/!s/:.+//p' ' (/k:/&& $3!~/(255\.){3}0/)||(/v6:/&&$2!~/A/) ' ' $1=="op" {m=$3};$1~"lN" {N=$2};$1~"lR" {S=$2};$1~"Tx" {T=$2};$1~/^st/ {s=$2};$1~"li"&&$3!~"wpa2" {printf("'"${f[9]}"'",toupper($3))};END { if(S*N*T&&(S-N<'${p[25]}'||T<'${p[55]}')) printf("'"${f[8]}"'",S,N,T);if(s~/^r/&&m!~/^st/) printf("'"${f[10]}"'",m);} ' ' BEGIN { FS=":";p="uniq -c|sed -E '"'s/ +\\([0-9]+\\)\\(.+\\)/\\\2 x\\\1/;s/x1$//'"'";} { n=split($3,a,".");sub(/_2[01].+/,"",$3);print $2" "$3" "a[n]$1|p;b=b$1;} END { close(p);if(b) print("\n\t* Code injection");} ' ' NR!=4{next} {$NF/=10240} '"`S0 27 23`" ' END { if($3~/[0-9]/)print$3;} ' ' BEGIN { L='${p[36]}';} !/^[[:space:]]*(#.*)?$/ { l++;if(l<=L) f=f"\n   "$0;} END { F=FILENAME;if(!F) exit;if(!f) f="\n   [N/A]";"cksum "F|getline C;split(C, A);C=A[1];"stat -f%Sm "F|getline D;"file -b "F|getline T;if(T~/^Apple b/) { f="";l=0;while("'"${p[51]}"' "F|getline g) { l++;if(l<=L) f=f"\n   "g;};};if(T!~/^(AS.+ (En.+ )?text(, with v.+)?$|(Bo|PO).+ sh.+ text ex|XM)/) F=F"\n   '"${p[50]}"'"T;printf("'"${f[6]}"'",F,D,C,f);if(l>L) printf("'"${f[7]}"'",l-L);} ' ' s/^ ?n...://p;s/^ ?p...:/-'$'\t''/p;' 's/0/Off/p' ' END{print NR} ' ' /id: N|te: Y/{i++} END{print i} ' ' $0!~/^ *$/ { p="'"${p[52]}"'\\ :'"${p[35]}"' \""$0"\"/*/'${p[57]}'";p|getline;close(p);if($0~/ /||$0=="") $0="'"${p[28]}"'";print;};' '/ en/!s/\.//p' ' NR!=13{next};{sub(/[+-M]$/,"",$NF)};'"`S0 39 40`" ' $10~/\(L/&&$9!~"localhost" { sub(/.+:/,"",$9);print $1": "$9|"sort|uniq";} ' '/^ +r/s/.+"(.+)".+/\1/p' 's/(.+\.wdgt)\/(Contents\/)?'${p[57]}'$/\1/p' 's/^.+\/(.+)\.wdgt$/\1/p' ' /l: /{ /DVD/d;s/.+: //;b0'$'\n'' };/s: /{ /V/d;s/^ */- /;H;};$b0'$'\n'' d;:0'$'\n'' x;/APPLE [^:]+$/d;p;' ' /^find: /d;p;' "`S0 44 45`" ' BEGIN{FS="= "} /Path/{print $2} ' ' /^ *$/d;s/^ */   /;' ' s/^.+ |\(.+\)$//g;p ' '/\.(appex|pluginkit)\/Contents\/'${p[57]}'$/p' ' /2/{print "WARN"};/4/{print "CRITICAL"};' ' /EVHF|MACR|^s/d;s/^.+: //p;' ' $3~/^[1-9][0-9]{0,2}(\.[1-9][0-9]{0,2}){2}$/ { i++;n=n"\n"$1"\t"$3;} END { if(i>1) print n;} ' ' s/:[^:]+$//;s/ +([0-9]+)(.+)/\2: \1/p;' ' { gsub(/[()"]/,"",$3);if($2!="="||!$3) $3="N/A";print $3;} ' ' /es: ./{ s/^.+://;b0'$'\n'' };/^ +C.+ted: +[NY]/H;/:$/b0'$'\n'' d;:0'$'\n'' x;/: +N/d;s/\n.+//p;' ' 1d;/:$/b0'$'\n'' $b0'$'\n'' /(D|^ *Loc.+): /{ s/^.+: //;H;};/(By|m): /H;d;:0'$'\n'' x;/[my]: [AM]|^\/Vo/d;s/(^|\n) [ -~]+//g;s/(.+)\n(.+)/\2:\1/;s/\n//g;/[ -~]/p;' 's/$/:(0|\-(4[34])?)$/p' ' BEGIN{FS=":"};{ if($2) { $2="status: "$2;printf("'"${f[4]}"'",$1,$2);} else print $1;} ' );c1=(system_profiler pmset\ -g nvram fdesetup find syslog df vm_stat sar ps crontab iotop top pkgutil "${p[52]}\\" whoami cksum kextstat launchctl smcDiagnose sysctl\ -n defaults\ read stat lsbom 'mdfind -onlyin /' ' for i in ${p[24]};do ${c1[18]} ${c2[27]} $i;done;' pluginkit scutil dtrace profiles sed\ -En awk /S*/*/P*/*/*/C*/*/airport networksetup mdutil lsof test osascript\ -e netstat mdls kextfind );S1() { printf kMDItemContentTypeTree=com.apple.$1;};S2() { printf 'L*/Ca*/com.ap*.Saf*/E*/* -d 1 -name '${p[57]}' -exec '"${c1[14]}"' :'$1' {} \;|uniq';};c2=(com.apple.loginwindow\ LoginHook ' /L*/P*/loginw*' "'tell app \"System Events\" to get properties of login items'|tr , \\\n" "`S2 CFBundleDisplayName`" '~ $TMPDIR.. \( -flags +sappnd,schg,uappnd,uchg -o ! -user $UID -o ! -perm -600 \)' '-F \$Message -k Sender kernel -k Message CReq "a underr|I/O e"|sort|uniq -c' :${p[35]} :Label '{/,}L*/{Con,Pref}* -type f ! -size 0 -name *.plist -exec plutil -s {} \;' "-f'%N: %l' Desktop L*/Keyc*" therm sysload boot-args status " -F '\$Time \$(RefProc): \$Message' -k Sender Req 'fsev|kern|launchd' -k RefProc Rne 'Aq|WebK' -k Message Rne '08012|Goog|ksadm|probe|Roame|SMC:|smcD|sserti|suhel| VALI|ver-r|xpma' -k Message Req 'abn|bad |Beac|caug|corru|dead[^bl]|FAIL|fail|GPU |hfs: Ru|idle ex|inval|jnl:|last value [1-9]|lv_c|NVDA\(|pagin|pci pa|proc: t|Roamed|rror|SL|TCON|Throttli|tim(ed? ?|ing )o|WARN' " '-du -n DEV -n EDEV 1 10' 'acrx -o comm,ruid,%cpu' '-t1 10 1' '-f -pfc /var/db/r*/com.apple.*.{BS,Bas,Es,J,OSXU,Rem,up}*.bom' '{/,}L*/Lo*/Diag* -type f -regex .\*[cght] ! -name .?\* ! -name \*ag \( -exec grep -lq "^Thread c" {} \; -exec printf \* \; -o -true \) -execdir stat -f:%Sc:%N -t%F {} \;|sort -t: -k2 |tail -n'${p[38]} '/S*/*/Ca*/*xpc* >&- ||echo No' '-L /{S*/,}L*/StartupItems -type f -exec file {} +' "`S1 "{bundle,mach-o-dylib}"`" "`S2 ${p[35]}`" "/e*/{auto,{cron,fs}tab,hosts,{[lp],sy}*.conf,mach_i*/*,pam.d/*,ssh{,d}_config,*.local} {,/usr/local}/etc/periodic/*/* /L*/P*{,/*}/com.a*.{Bo,sec*.ap}*t {/S*/,/,}L*/Lau*/*t .launchd.conf" list getenv /Library/Preferences/com.apple.alf\ globalstate --proxy '-n get default' -I --dns -get{dnsservers,info}\ "${p[N5]}" -P -m\ / '' -n1 '-R -l1 -n1 -o prt -stats command,uid,prt' '--regexp --files com.apple.pkg.*|sort|uniq' -kl -l -s\ / '-R -l1 -n1 -o mem -stats command,uid,mem' '+c0 -i4TCP:0-1023' com.apple.dashboard\ layer-gadgets '-d /L*/Mana*/$USER&&echo On' '-app Safari WebKitDNSPrefetchingEnabled' "+c0 -l|awk '{print(\$1,\$3)}'|sort|uniq -c|sort -n|tail -1|awk '{print(\$2,\$3,\$1)}'" -m 'L*/{Con*/*/Data/L*/,}Pref* -type f -size 0c -name *.plist.???????|wc -l' kern.memorystatus_vm_pressure_level '3>&1 >&- 2>&3' " -F '\$Time \$Message' -k Sender kernel -k Message CSeq 'n Cause: -' " -i '-app Safari UserStyleSheetEnabled' -name\ kMDItem${p[35]} '-nl -print' '-F \$Sender -k Level Nle 3 -k Facility CReq "apple\.(bird|i?clou)"|sort|uniq -c' );N1=${#c2[@]};for j in {0..14};do c2[N1+j]=SP${p[j]}DataType;done;N2=${#c2[@]};for j in 0 1;do c2[N2+j]="-n ' syscall::'${p[33+j]}':return { @out[execname,uid]=sum(arg0) } tick-10sec { trunc(@out,1);exit(0);} '";done;l=({Restricted\ ,Lock,Pro}files POST Battery {Safari,App,{Bad,Loaded}\ kernel}\ extensions Heat System\ load boot\ args FileVault Diagnostic\ reports Log {Free\ space,Swap}' (MiB)' Activity 'CPU per process' Login\ hook 'I/O per process' Mach\ ports User Daemons Agents XPC\ cache Startup\ items {Admin,Root}\ access Bundles {,Inserted\ }dylibs Stylesheet Font\ issues Firewall Proxies DNS TCP/IP Wi-Fi 'Elapsed time (sec)' {Root,User}\ crontab {Global,User}' login items' Spotlight Memory Listeners Widgets Parental\ Controls Prefetching Nets Descriptors Bad\ plists {I/O,iCloud}\ errors SMC Shutdowns 'High file counts' Memory\ pressure );N3=${#l[@]};for i in {0..8};do l[N3+i]=${p[5+i]};done;N4=${#l[@]};for j in 0 1;do l[N4+j]="Current ${p[29+j]}stream data";done;A0() { Q=5;v[2]=1;id -G|grep -qw 80;v[1]=$?;((v[1]))||{ Q=7;sudo true;v[2]=$?;((v[2]))||Q=8;};v[3]=`date +%s`;clear >&-;date '+Start time: %T %D%n';printf '[Process started]\n\n'>&4;printf 'Revision: %s\n\n' ${p[54]};};for i in 0 1;do eval ' A'$((1+i))'() { v=` eval "${c1[$1]} ${c2[$2]}"|'${c1[30+i]}' "${s[$3]}" `;[[ "$v" ]];};A'$((3+i))'() { v=` while read i;do [[ "$i" ]]&&eval "${c1[$1]} ${c2[$2]}" \"$i\"|'${c1[30+i]}' "${s[$3]}";done<<<"${v[$4]}" `;[[ "$v" ]];};A'$((5+i))'() { v=` while read i;do '${c1[30+i]}' "${s[$1]}" "$i";done<<<"${v[$2]}" `;[[ "$v" ]];};A'$((7+i))'() { v=` eval sudo "${c1[$1]} ${c2[$2]}"|'${c1[30+i]}' "${s[$3]}" `;[[ "$v" ]];};';done;A9(){ v=$((`date +%s`-v[3]));};B2(){ v[$1]="$v";};for i in 0 1;do eval ' B'$i'() { v=No;((v['$((i+1))']==0))&&v=;};B'$((3+i))'() { v[$2]=`'${c1[30+i]}' "${s[$3]}"<<<"${v[$1]}"`;} ';done;B5(){ v[$1]="${v[$1]}"$'\n'"${v[$2]}";};B6() { v=` paste -d: <(printf "${v[$1]}") <(printf "${v[$2]}")|awk -F: ' {printf("'"${f[$3]}"'",$1,$2)} ' `;};B7(){ v=`grep -Ev "${v[$1]}"<<<"$v"|sort`;};C0() { [[ "$v" ]]&&sed -E "$s"<<<"$v";};C1() { [[ "$v" ]]&&printf "${f[$1]}" "${l[$2]}" "$v"|sed -E "$s";};C2() { v=`echo $v`;[[ "$v" != 0 ]]&&C1 0 $1;};C3() { v=`sed -E "${s[63]}"<<<"$v"`&&C1 1 $1;};C4() { echo "Part $((++P)) of $Q done at $((`date +%s`-v[3])) sec">&4;};C5() { pbcopy<<<"$o";exit 2>&-;};for i in 1 2 7 8;do for j in 0 2 3;do eval D$i$j'(){ A'$i' $1 $2 $3; C'$j' $4;};';done;done;trap C5 2;o=$({ A0;D20 0 $((N1+1)) 2;D10 0 $N1 1;B0;C2 27;B0&&! B1&&C2 28;D12 15 37 25 22;A1 0 $((N1+2)) 3;C0;D13 0 $((N1+3)) 4 3;D23 0 $((N1+4)) 5 4;D13 0 $((N1+9)) 59 $((N3+4));for i in 0 1 2;do D13 0 $((N1+5+i)) 6 $((N3+i));done;D13 0 $((N1+8)) 71 $((N3+3));D13 1 10 7 9;D13 1 11 8 10;B1&&D73 19 53 67 55;D22 2 12 9 11;D12 3 13 10 12;D23 4 19 44 13;B0&&{ D13 5 5 69 53;D13 5 54 30 56;C4;D23 5 14 12 14;C4;};D22 6 36 13 15;D22 20 52 66 58;D22 7 37 14 16;D23 8 15 38 17;D22 9 16 16 18;C4;B1&&{ D82 35 49 61 51;D82 11 17 17 20;for i in 0 1;do D82 28 $((N2+i)) 45 $((N4+i));done;C4;};D22 12 44 54 45;D22 12 39 15 21;D13 40 58 32 7;A1 13 40 18;B2 4;B3 4 0 19;A3 14 6 32 0;B4 0 5 11;C4;A1 17 41 20;B7 5;C3 8;B4 4 6 21;A3 14 7 32 6;B4 0 7 11;B3 4 0 22;A3 14 6 32 0;B4 0 8 11;B5 7 8;B3 7 7 73;B1&&{ A8 18 26 23;B7 7;B4 0 0 74;C3 23;};A2 18 26 23;B7 7;B4 0 0 74;C3 24;D13 4 21 24 26;B4 4 12 26;C4;for i in {0..3};do A1 0 $((N1+10+i)) 72;B7 12;B4 0 0 31;((i))&&{ B2 14;B4 14 15 52;B6 14 15 4;};C3 $((N3+5+i));done;A1 24 22 29;B7 12;B2 14;A4 39 57 70 0;B2 15;B6 14 15 4;C3 29;C4;B3 4 13 27;A1 24 23 32;B7 13;C3 30;B3 4 0 65;A3 14 6 32 0;B4 0 16 11;A1 26 50 64;B7 16;C3 6;D13 25 37 32 31;A2 23 18 28;B2 16;A2 16 25 33;B7 16;B3 0 0 34;B2 21;A6 47 21&&C0;B1&&{ D73 21 0 32 19;D73 10 42 32 40;D82 29 35 46 2;};D23 14 1 62 42;D12 34 43 53 44;D12 22 20 32 25;D22 0 $((N1+14)) 51 33;D13 4 8 41 52;D12 21 28 35 34;D13 27 29 36 35;A2 27 32 39&&{ B2 19;A2 33 33 40;B2 20;B6 19 20 3;};C2 36;D23 38 55 68 50;D23 33 34 42 37;B1&&D83 35 45 55 46;D23 32 31 43 38;D12 36 47 32 48;D13 10 42 32 41;D13 37 2 48 43;A1 4 3 60;B2 30;A1 4 24 60;B2 31;B6 30 31 4;C3 5;D12 21 56 35 32;D12 21 48 49 49;B3 4 22 57;A1 21 46 56;B7 22;B3 0 0 58;C3 47;D13 5 59 69 54;D22 4 4 50 0;D12 4 51 32 1;D23 22 9 37 57;A9;C2 39;C4;} 4>&2 2>/dev/null;);C5
  Copy the selected text to the Clipboard by pressing the key combination command-C.
  8. Launch the built-in Terminal application in any of the following ways:
  ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
  ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
  ☞ Open LaunchPad and start typing the name.
  Click anywhere in the Terminal window and paste by pressing command-V. The text you pasted should vanish immediately. If it doesn't, press the return key.
  9. If you see an error message in the Terminal window such as "Syntax error" or "Event not found," enter
  exec bash
  and press return. Then paste the script again.
  10. If you're logged in as an administrator, you'll be prompted for your login password. Nothing will be displayed when you type it. You will not see the usual dots in place of typed characters. Make sure caps lock is off. Type carefully and then press return. You may get a one-time warning to be careful. If you make three failed attempts to enter the password, the test will run anyway, but it will produce less information. In most cases, the difference is not important. If you don't know the password, or if you prefer not to enter it, just press return three times at the password prompt. Again, the script will still run.
  If you're not logged in as an administrator, you won't be prompted for a password. The test will still run. It just won't do anything that requires administrator privileges.
  11. The test may take a few minutes to run, depending on how many files you have and the speed of the computer. A computer that's abnormally slow may take longer to run the test. While it's running, there will be a series of messages in the Terminal window like this:
  [Process started]
  Part 1 of 8 done at … sec
  Part 8 of 8 done at … sec
  [Process completed]
  The messages won't be spaced equally apart in time, but they give a rough indication of progress. The total number of parts may be different from what's shown here.
  Wait for the final message "Process completed" to appear. If you don't see it within half an hour or so, the test probably won't complete in a reasonable time. In that case, press the key combination control-C or command-period to stop it. Then go to the next step.
  12. When the test is complete, or if you stopped it because it was taking too long, quit Terminal. The results will have been copied to the Clipboard automatically. They are not shown in the Terminal window. Please don't copy anything from there. All you have to do is start a reply to this comment and then paste by pressing command-V again.
  At the top of the results, there will be a line that begins with the words "Start time." If you don't see that, but instead see a mass of gibberish, you didn't wait for the "Process completed" message to appear in the Terminal window. Please wait for it and try again.
  If any private information, such as your name or email address, appears in the results, anonymize it before posting. Usually that won't be necessary.
  13. When you post the results, you might see an error message on the web page: "You have included content in your post that is not permitted," or "You are not authorized to post." That's a bug in the forum software. Please post the test results on Pastebin, then post a link here to the page you created.
  14. This is a public forum, and others may give you advice based on the results of the test. They speak only for themselves, and I don't necessarily agree with them.
  Copyright © 2014, 2015 by Linc Davis. As the sole author of this work, I reserve all rights to it except as provided in the Use Agreement for the Apple Support Communities website ("ASC"). Readers of ASC may copy it for their own personal use. Neither the whole nor any part may be redistributed.

• Adware virus on macbook air?

  I wanted to watch movies online and it said I needed to download something in order to watch them, but when I did my computer froze so I just shut it off and now it says that I may have the Adware virus. HELP???

  You're being scammed.
  Helpful Links Regarding Malware Problems
  If you are having an immediate problem with ads popping up see The Safe Mac » Adware Removal Guide and AdwareMedic.
  Open Safari, select Preferences from the Safari menu. Click on Extensions icon in the toolbar. Disable all Extensions. If this stops your problem, then re-enable them one by one until the problem returns. Now remove that extension as it is causing the problem.
  The following comes from user stevejobsfan0123. I have made minor changes to adapt to this presentation.
  Fix Some Browser Pop-ups That Take Over Safari.
  Common pop-ups include a message saying the government has seized your computer and you must pay to have it released (often called "Moneypak"), or a phony message saying that your computer has been infected, and you need to call a tech support number (sometimes claiming to be Apple) to get it resolved. First, understand that these pop-ups are not caused by a virus and your computer has not been affected. This "hijack" is limited to your web browser. Also understand that these messages are scams, so do not pay any money, call the listed number, or provide any personal information. This article will outline the solution to dismiss the pop-up.
  Quit Safari
  Usually, these pop-ups will not go away by either clicking "OK" or "Cancel." Furthermore, several menus in the menu bar may become disabled and show in gray, including the option to quit Safari. You will likely have to force quit Safari. To do this, press Command + option + esc, select Safari, and press Force Quit.
  Relaunch Safari
  If you relaunch Safari, the page will reopen. To prevent this from happening, hold down the 'Shift' key while opening Safari. This will prevent windows from the last time Safari was running from reopening.
  This will not work in all cases. The shift key must be held at the right time, and in some cases, even if done correctly, the window reappears. In these circumstances, after force quitting Safari, turn off Wi-Fi or disconnect Ethernet, depending on how you connect to the Internet. Then relaunch Safari normally. It will try to reload the malicious webpage, but without a connection, it won't be able to. Navigate away from that page by entering a different URL, i.e. www.apple.com, and trying to load it. Now you can reconnect to the Internet, and the page you entered will appear rather than the malicious one.
  An excellent link to read is Tom Reed's Mac Malware Guide.
  Also, visit The XLab FAQs and read Detecting and avoiding malware and spyware.
  See these Apple articles:
    Mac OS X Snow Leopard and malware detection
    OS X Lion- Protect your Mac from malware
    OS X Mountain Lion- Protect your Mac from malware
    OS X Mavericks- Protect your Mac from malware
    About file quarantine in OS X
  If you require anti-virus protection Thomas Reed recommends using ClamXAV. (Thank you to Thomas Reed for this recommendation.)
  From user Joe Bailey comes this equally useful advice:
  The facts are:
  1. There is no anti-malware software that can detect 100% of the malware out there.
  2. There is no anti-malware that can detect everything targeting the Mac.
  3. The very best way to prevent the most attacks is for you as the user to be aware that
       the most successful malware attacks rely on very sophisticated social engineering
       techniques preying on human avarice, ****, and fear.
  4. Internet popups saying the FBI, NSA, Microsoft, your ISP has detected malware on
      your computer is intended to entice you to install their malware thinking it is a
      protection against malware.
  5. Some of the anti-malware products on the market are worse than the malware
      from which they purport to protect you.
  6. Be cautious where you go on the internet.
  7. Only download anything from sites you know are safe.
  8. Avoid links you receive in email, always be suspicious even if you get something
      you think is from a friend, but you were not expecting.
  9. If there is any question in your mind, then assume it is malware.

• Macbook Air Virus?

  my macbook air just froze on me while viewing a photo gallary on the internet. I turned it off, and restarted it. However, all I see is a blank gray screen. I tried Command + R, which prompts a message of Apple searching on Internet, but in less that 5 seconds freezes as well. Did my Mac has a virus now?

  Take each of these steps that you haven't already tried. Stop when the problem is resolved.
  Step 1
  The first step in dealing with a boot failure is to secure your data. If you want to preserve the contents of the startup drive, and you don't already have at least one current backup, you must try to back up now, before you do anything else. It may or may not be possible. If you don't care about the data that has changed since your last backup, you can skip this step.   
  There are several ways to back up a Mac that is unable to boot. You need an external hard drive to hold the backup data.
       a. Boot into the Recovery partition, or from a local Time Machine backup volume (option key at startup.) When the OS X Utilities screen appears, launch Disk Utility and follow the instructions in this support article, under “Instructions for backing up to an external hard disk via Disk Utility.”
  b. If you have access to a working Mac, and both it and the non-working Mac have FireWire or Thunderbolt ports, boot the non-working Mac in target disk mode. Use the working Mac to copy the data to another drive. This technique won't work with USB, Ethernet, Wi-Fi, or Bluetooth.
  c. If the internal drive of the non-working Mac is user-replaceable, remove it and mount it in an external enclosure or drive dock. Use another Mac to copy the data.
  Step 2
  Sometimes a boot failure can be resolved by resetting the NVRAM.
  Step 3
  Press and hold the power button until the power shuts off. Disconnect all wired peripherals except those needed to boot, and remove all aftermarket expansion cards. Use a different keyboard and/or mouse, if those devices are wired. If you can boot now, one of the devices you disconnected, or a combination of them, is causing the problem. Finding out which one is a process of elimination.
  If you've booted from an external storage device, make sure that your internal boot volume is selected in the Startup Disk pane of System Preferences.
  Step 4
  Boot in safe mode. Note: If FileVault is enabled on some models, or if a firmware password is set, or if the boot volume is a software RAID, you can’t do this. Post for further instructions.
  Safe mode is much slower to boot and run than normal, and some things won’t work at all, including wireless networking on certain Macs.
  The login screen appears even if you usually log in automatically. You must know your login password in order to log in. If you’ve forgotten the password, you will need to reset it before you begin.
  When you boot in safe mode, it's normal to see a dark gray progress bar on a light gray background. If the progress bar gets stuck for more than a few minutes, or if the system shuts down automatically while the progress bar is displayed, your boot volume is corrupt and the drive is probably malfunctioning. In that case, go to Step 5.
  If you can boot and log in now, empty the Trash, and then open the Finder Info window on your boot volume ("Macintosh HD," unless you gave it a different name.) Check that you have at least 9 GB of available space, as shown in the window. If you don't, copy as many files as necessary to another volume (not another folder on the same volume) and delete the originals. Deletion isn't complete until you empty the Trash again. Do this until the available space is more than 9 GB. Then reboot as usual (i.e., not in safe mode.)
  If the boot process hangs again, the problem is likely caused by a third-party system modification that you installed. Post for further instructions.
  Step 5
  Launch Disk Utility in Recovery mode (see Step 1.) Select your startup volume, then run Repair Disk. If any problems are found, repeat until clear. If Disk Utility reports that the volume can't be repaired, the drive has malfunctioned and should be replaced. You might choose to tolerate one such malfunction in the life of the drive. In that case, erase the volume and restore from a backup. If the same thing ever happens again, replace the drive immediately.
  This is one of the rare situations in which you should also run Repair Permissions, ignoring the false warnings it may produce. Look for the line "Permissions repair complete" at the end of the output. Then reboot as usual.
  Step 6
  Reinstall the OS. If your Mac was upgraded from an older version of OS X, you’ll need the Apple ID and password you used to upgrade.
  Step 7
  Repeat Step 6, but this time erase the boot volume in Disk Utility before installing. The system should automatically reboot into the Setup Assistant. Follow the prompts to transfer your data from a Time Machine or other backup.
  Step 8
  This step applies only to older Macs (not current models) that have a logic-board ("PRAM") battery. Both desktop and portable Macs used to have such a battery. The logic-board battery is separate from the main battery of a portable. A dead logic-board battery can cause a boot failure. Typically the boot failure will be preceded by loss of the startup disk and system clock settings. See the user manual for replacement instructions. You may have to take the machine to a service provider to have the battery replaced.
  Step 9
  If you get this far, you're probably dealing with a hardware fault. Make a "Genius" appointment at an Apple Store to have the machine tested. If you can't get to an Apple Store, go to another authorized service provider.

• Macbook air virus protection

  what is a good virus protection for the macbook air?

  1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
  OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disable, sandboxing, system library randomization, and address space layout randomization that may also guard against other kinds of exploits.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user, but internally Apple calls it "XProtect." The malware recognition database is automatically checked for updates once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets.
  It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  3. Starting with OS X 10.7.5, there has been a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't necessarily been tested by Apple, but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. That may not mean much if the developer lives in a country with a weak legal system (see below.)
  Gatekeeper doesn't depend on a database of known malware. It has, however, the same limitations as XProtect, and in addition the following:
  It can easily be disabled or overridden by the user.
  A malware attacker could get control of a code-signing certificate under false pretenses, or could find some other way to bypass Apple's oversight, or the oversight could fail in a particular case due to human error.
  For most purposes, applications recognized by Gatekeeper as signed, including App Store products, can be considered safe. Note, however, that at least one trojan for iOS (not for OS X) was briefly distributed by a developer in Russia through the iTunes App Store. That store is under the same oversight by Apple as the Mac App Store, so the protection shouldn't be considered absolute. App Store products may prompt for access to private data, such as your contacts. Think before granting that access. OS X security is based on user input. Never click anything reflexively.
  4. Starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background when you update the OS. It checks for, and removes, malware that may have evaded the other protections via a Java exploit (see below.) MRT also runs when you install or update the Apple-supplied Java runtime (but not the Oracle runtime.) Like XProtect, MRT is presumably effective against known attacks, but maybe not against unknown attacks. It notifies you if it finds malware, but otherwise there's no user interface to MRT.
  5. Beyond XProtect, Gatekeeper, and MRT, there’s no evidence of any benefit from other automated protection against malware. The first and best line of defense is always your own intelligence. With the possible exception of Java exploits, all known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
  That means, in practice, that you never use software that comes from an untrustworthy source, or that does something inherently untrustworthy. How do you know what is trustworthy?
  Any website that prompts you to install a “codec,” “plug-in,” "player," "extractor," or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
  A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  Pirated copies or "cracks" of commercial software, no matter where they come from, are unsafe.
  Software of any kind downloaded from a BitTorrent or from a Usenet binary newsgroup is unsafe.
  Software that purports to help you do something that's illegal or that infringes copyright, such as saving streamed audio or video for reuse without permission, is unsafe. All YouTube "downloaders" are in this category, though not all are necessarily harmful.
  Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. If it comes from any other source, it's unsafe.
  Even signed applications should not be trusted if they do something unexpected, such as asking for permission to access your contacts or your location for no apparent reason.
  6. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was always a bad idea, and Java's developers have proven themselves incapable of implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style virus affecting OS X. Merely loading a page with malicious Java content could be harmful.
  Fortunately, client-side Java on the Web is obsolete and mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice. Forget about playing games or other non-essential uses of Java.
  Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a task on a specific site, enable Java only for that site in Safari. Never enable Java for a public website that carries third-party advertising. Use it only on well-known, login-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
  Follow the above guidelines, and you’ll be as safe from malware as you can practically be. The rest of this comment concerns what you should not do to protect yourself from malware.
  7. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, if they do any good at all. If you need to be able to detect Windows malware in your files, use the free software  ClamXav — nothing else.
  Why shouldn't you use commercial "anti-virus" products?
  Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
  In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
  8. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
  A Windows malware attachment in email is usually easy to recognize. The file name will often be targeted at people who aren't very bright; for example:
  ♥♥♥♥♥♥♥♥♥♥♥♥♥♥!!!!!!!H0TBABEZ4U!!!!!!!.AVI♥♥♥♥♥♥♥♥♥♥♥♥♥♥.exe
  ClamXav may be able to tell you which particular virus or trojan it is, but do you care? In practice, there's seldom a reason to use ClamXav unless a network administrator requires you to run an anti-virus application.
  9. The greatest harm done by security software, in my opinion, is in its effect on human behavior. It does little or nothing to protect people from emerging threats, but if they get a false sense of security from it, they may feel free to do things that expose them to higher risk. Nothing can lessen the need for safe computing practices.
  10. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.

• Is it possible for macbook air to get some some viruses?

  Is it possible that Macbook air can get viruses from downloaded sites.

  I'm unclear on what you mean. If you accidentally downloaded something from a bad site, but dragged the file to the trash rather than opening it, then you're fine. If you opened the file first, then that may mean you have a problem, but that will depend on what the file was and where you downloaded it from.

• Does my macbook air have a built in virus scan?  how can I access and use it? also any recommendations of what software if this is not avail ?

  does my macbook air have a built in virus scan?  how can I access and use it? also any recommendations of what software if this is not avail ?

  Contrary to what Geeks on Hugs is telling you, Mac OS X does indeed have a basic malware scanner. It is not a feature that is directly accessible to the user, and works a bit differently than every other malware scanner out there. Gatekeeper, which has been mentioned here, is entirely separate, and provides a different method for helping to protect you against malware.
  The anti-malware scanner in Mac OS X is called XProtect. When you download an application (or any other kind of executable code), it is automatically "quarantined," so that when you open it you're asked if you really want to do that. I'm sure you're very familiar with this aspect of Mac OS X if you have ever downloaded any apps from outside the App Store. What you don't know, though, is that each time you try to open a new app, that app is checked by XProtect. If it is identified as malware, you will not be allowed to open it, and will be warned that it's malware.
  At this time, there is no known malware that can infect a properly up-to-date Mac. All current malware will be blocked by one or more methods.
  For more information, see my Mac Malware Guide.
  (Fair disclosure: I may receive compensation from links to my sites, TheSafeMac.com and AdwareMedic.com.)

• Frozen rogue image on macbook air: synced iphone, was asked to download from itunes, to restart, did this. when restarted there was photo of chocolate saying 'love you'. never seen image, it will not delete, the techs at work tried too. No luck.Virus?

  frozen rogue image on macbook air: synced iphone, was asked to download from itunes, to restart, did this. when restarted there was photo of chocolate saying 'love you'. never seen image, it will not delete, the techs at work tried too. No luck.Virus? any ideas?

  I'm an applications developer and also run a part-time videography business. As such, I require more than 3.12GB of RAM. That is the physical limitation of a 32bit system. Pointless to stay on 32bit if you plan on having more than that much RAM.
  I'm also not about to pay someone to fix my PC when I can do it myself. I was originally hoping for someone who had experienced the problem before to point me in the right direction so I didn't have to spend so much time trying to figure out what the issue was for myself.
  Basically, in the end the problem was caused because right at the point in time when I chose to uninstall, and reinstall; Apple released a new version of iTunes. This version in turn had a requirement of iOS 4.2 to sync with the iPhone. This is a pretty embarrassing for Apple that they would release software reliant on other software before said software was released.
  Had I realised I was downloading a newer version at the initial point of installation, this wouldn't have been an issue. I could've easily have rolled back iTunes to the previous version and gotten on with my life.
  Another issue is that iTunes is not actually a 64 bit application. It masquerades as one to allow installation on the 64 bit platform.

• What is the preferred anti-virus/malware software for MacBook Air

  What is the preferred anti-virusmalware software for MacBook Air?

  None is required.
  Helpful Links Regarding Malware Protection
  An excellent link to read is Tom Reed's Mac Malware Guide.
  Also, visit The XLab FAQs and read Detecting and avoiding malware and spyware.
  See these Apple articles:
            Mac OS X Snow Leopard and malware detection
            OS X Lion- Protect your Mac from malware
            OS X Mountain Lion- Protect your Mac from malware
            About file quarantine in OS X
  If you require anti-virus protection I recommend using VirusBarrier Express 1.1.6 or Dr.Web Light both from the App Store. They're both free, and since they're from the App Store, they won't destabilize the system. (Thank you to Thomas Reed for these recommendations.)
  From user Joe Bailey comes this equally useful advice:
  The facts are:
  1. There is no anti-malware software that can detect 100% of the malware out there.
  2. There is no anti-malware that can detect anything targeting the Mac because there
       is no Mac malware in the wild, and therefore, no "signatures" to detect.
  3. The very best way to prevent the most attacks is for you as the user to be aware that
       the most successful malware attacks rely on very sophisticated social engineering
       techniques preying on human avarice, ****, and fear.
  4. Internet popups saying the FBI, NSA, Microsoft, your ISP has detected malware on
      your computer is intended to entice you to install their malware thinking it is a
      protection against malware.
  5. Some of the anti-malware products on the market are worse than the malware
      from which they purport to protect you.
  6. Be cautious where you go on the internet.
  7. Only download anything from sites you know are safe.
  8. Avoid links you receive in email, always be suspicious even if you get something
      you think is from a friend, but you were not expecting.
  9. If there is any question in your mind, then assume it is malware.

• Do i need to install and anti virus software on my macbook air? if yes, which one should i install?

  Do i need to install and anti virus software on my macbook air? if yes, which one should i install?

  Welcome to Apple Support Communities
  OS X has got its own security systems, so you don't need any antivirus. Furthermore, they will only slow down your computer. If you want more information, read > http://www.thesafemac.com/mmg
  If you want an antivirus, install ClamXav, but you don't need an antivirus

• Do I need to install virus protection software on my MacBook Air?

  Do I need to install virus protection software on my MacBook Air?

  Welcome to Apple Support Communities
  You do not need to install additional security software. OS X already comes with security software to keep your Mac safe. See > http://www.thesafemac.com/mmg
  However, you should keep OS X and all your applications updated, and do not visit strange websites. Also, be careful with public networks, where your Mac is more vulnerable.
  See > https://discussions.apple.com/docs/DOC-3030

• HT4650 virus protection on macbook air?

  I just purchased a MacBook Air.  Do I need to install virus protection? Thanks.

  If you run Microsoft Windows on your MacBook Air, yes, you'll want malware protection.
  OS X works nicely out of the box. 
  But it's possible to install stuff that can or will cause problems.
  There's very little malware stuff that'll hit you unexpectedly; what's been around lately has targeted Oracle Java or Adobe Flash vulnerabilities, or it's malware that's managed to convinced the user to install it on behalf of the attacker - examples of the "install me" stuff include various (free) "anti-virus" tools, "video players", "Flash Player updates" (those not from Adobe) or other "software updates", or (unnecessary) "performance optimizers" or "cache cleaners", etc.
  On OS X, learn to install from the main distro sites only (eg: if you use Flash, only install it by going to Adobe's web site), learn to ignore the Facebook malware warnings ad campaigns, ignore the rest of the advertising pop-ups that are around the net and the rest of the OMG YOU'RE INFECTED!!!! stuff, don't install something that you didn't expressly go looking for, either don't install Oracle Java (and it's not installed by default on 10.8) or keep Java disabled until and unless you're actually using it (and that's Java, which is very different from Javascript), and either don't install the Adobe Flash Player tool or remove it and if you have it installed keep it current and yourself get a Flash blocker for Safari or whichever browser you're using.
  And the usual advice: keep your OS X and add-on tools current.

• Do MAcbook Air need any Anti-virus? If yes then which one you prefer?, Do MAcbook Air need any Anti-virus? If yes then which one you prefer?, Do MAcbook Air need any Anti-virus? If yes then which one you prefer?

  Do MAcbook Air need any Anti-virus? If yes then which one you prefer?, Do MAcbook Air need any Anti-virus? If yes then which one you prefer?, Do MAcbook Air need any Anti-virus? If yes then which one you prefer?

  This question has been asked and answered countless times.
  See this thread for an answer.
  Hint:     The 'More Like This' box to the right of your post often has the answer to your problem.

• What is the best anti virus software for a MacBook air?

  Hi,just joined the community  .just wanting to know what anti virus software for a macbook air running os x mavericks 10.9?I keep getting pop ups on safari.
  Any help much appreciated!

  There is no need to download anything to solve this problem. You may have installed a variant of the "VSearch" ad-injection malware.
  Triple-click the line below on this page to select it, then copy the text to the Clipboard by pressing the key combination  command-C:
  /Library/LaunchDaemons
  In the Finder, select
            Go ▹ Go to Folder...
  from the menu bar and paste into the box that opens by pressing command-V. You won't see what you pasted because a line break is included. Press return.
  A folder named "LaunchDaemons" may open. Look inside it for a file with a name of the form
            com.something.daemon.plist
  Here something is a variable word, which can be different in each case. It could be "cloud," "dot," "highway," "submarine," "trusteddownloads," or pretty much anything else.
  There may also be a file named
             com.something.helper.plist
  in the same folder.
  Leave the LaunchDaemons folder open, and open the following folder in the same way:
  /Library/LaunchAgents
  In this folder, there may be a file named
            com.something.agent.plist
  where the word something is exactly the same as before.
  If you feel confident that you've identified these three files, back up all data, then drag the three files you found to the Trash. You may be prompted for your administrator login password. Close the windows and restart the computer.
  Don't delete the "LaunchAgents" or "LaunchDaemons" folder or anything else inside either one.
  The malware is now permanently inactivated, as long as you never reinstall it. You can stop here if you like, or you can remove two remaining components for the sake of completeness.
  Open this folder:
  /Library/Application Support
  If it has a subfolder named just
             something
  (where something is the same word as before), drag that subfolder to the Trash and close the window.
  Don't delete the "Application Support" folder or anything else inside it.
  Finally, in this folder:
  /System/Library/Frameworks
  there may an item named exactly
              v.framework
  It's actually another folder, though it has a different icon. Drag it to the Trash and close the window.
  Don't delete the "Frameworks" folder or anything else inside it.
  If you didn't find the files or you're not sure about the identification, post what you found.
  If in doubt, or if you have no backups, change nothing at all.
  The trouble may have started when you downloaded and ran an application called "MPlayerX." That's the name of a legitimate free movie player, but the name is also used fraudulently to distribute VSearch. If there is an item with that name in the Applications folder, delete it, and if you wish, replace it with the genuine article from mplayerx.org.
  This trojan is often found on illegal websites that traffic in pirated content such as movies. If you, or anyone else who uses the computer, visit such sites and follow prompts to install software, you can expect more of the same, and worse, to follow. Never install any software that you downloaded from a bittorrent, or that was downloaded by someone else from an unknown source.
  In the Security & Privacy pane of System Preferences, select the General tab. The radio button marked Anywhere  should not be selected. If it is, click the lock icon to unlock the settings, then select one of the other buttons. After that, don't ignore a warning that you are about to run or install an application from an unknown developer.
  Then, still in System Preferences, open the App Store or Software Update pane and check the box marked
            Install system data files and security updates (OS X 10.10 or later)
  or
            Download updates automatically (OS X 10.9 or earlier)
  if it's not already checked.