. Effects of malware

Similar Questions

• What 'open with' windows xp program open rstrui.exe?

  Have a few rogue virus on my PC.  Decided to do a system restore to solve the problem.  The restore is not entirely complete.  Tried a system restore, but now have a problem trying to open the programs .exe including 'rstrui.exe '.

  It is important to know that you have been affected by. Bleeping Computer has created guides very good complete elimination.

  Rarely the system restore is effective against malware, which already has all the less screwed with your file extension associations.

  Can you identify the thief?

  Just to give you an idea, here's an example of a removal Guide:

  http://www.bleepingcomputer.com/virus-removal/remove-system-repair

• Windows Vista update causes applications non - IE to be denied access to the internet

  I have a laptop Lenovo IdeaPad Y510 unfortunately comes with a Windows Vista Home Premium OS that has caused me a lot of problems with conflicts between her and others, package applications, and now I am forced to use my network at home for route information and documents that must move through the internet by sharing them with another computer Windows XP which is also configured exactly as my Lenovo IdeaPad Y510. I look forward to wean myself off of all MS products, possibly other that MS Office, I use a lot and plays always well for me to wire many years and updates/upgrades. Not the same for MS Windows Vista, however. My experience, similar to many other forum users, has been constantly frustrating over the years I've had to deal with it.  I lost a lot of time dealing with problems caused by code errors in the last set of MS Windows Vista updates that made all my package applications that require internet access unusable.

  I contacted the support of Lenovo and support forums for my problem, and they too cannot provide all the answers that address this issue that is causing me to spend much too much time I could use to work at a rate of $65 / hr, so you can see that this is not only an inconvenience.

  Before someone points me to the myriad other similar positions for possible answers, let me say that I probably have alread read it and tried all the suggested actions, without success. I need to REAL answers and REAL support, and I need it NOW.  Also, I don't think I should have to pay for the support which has been made necessary by the negligence of MS to test their updates for compatibility issues with the popular, free package critical applications for the safety of MS OS system of a user, such as AVG Free antivirus, ZoneAlarm Free firewall personal , OR who are competitors for their navigation on the web or by email client applications. I am not now under the other another firewall that MS Vista firewall having had to uninstall my firewall ZoneAlarm Free. I even had one of my other previously compatible and effective anti-malware/spyware apps, AdAware, uninstall Lavasoft. No matter what I did, which was suggested to me by MS resources support or Lenovo support resources, this problem, which began shortly after the last round of all the months of downloads to fix security and facilities, persists and cost me more money in revenue and lost time every day.

  http://www.bleepingcomputer.com/tutorials/tutorial140.html

  Understanding Windows Update and Extras in Windows Vista at the link above.

   

  Remove the Vista updates; two ways to do this:

  1. a System Restore to before the updates:

  Click Start > programs > Accessories > system tools > System Restore > restore time/choose your own date > next

  If you use Norton, disable it before using the system restore.

  If it is impossible to enter the Normal Mode, do a Safe Mode system restore:

  Press F8 at the startup/power and the list of startup options, use THE ARROW key to select Safe mode > and then press ENTER.

  System restore steps according to the info above.

  Also:

  2. click on start > right click on computer > properties > Windows updates down the lower left corner > updates installed in the lower left corner in the next window

  > then click the one that you don't want > uninstall will appear at the top > uninstall it.

  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  In addition, on the page where you clicked "Installed updates", click on change settings at the top left corner it

  > Change update settings in the next page of AutoUpdate to "check for updates but let me choose etc" > OK ".

  When you take a look at pending updates, you can either download/install them one at the time, namely the update causing you problems.

  > or if you do not need an individual > right-click on > UAC prompt > hide it

  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  And for Windows Update problems:

  You will get the best help for any problem of Update/Service Pack in the Windows Update Forum; the link below:

  http://social.answers.Microsoft.com/forums/en-us/vistawu/threads

  You will receive the best help here.

  See you soon.

  Mick Murphy - Microsoft partner

• Malware on my MacBook? !!

  How to remove malware from my system? :

  Earlier today, I was typing a Word with Safari open in the background document. Suddenly, I noticed that the Safari window had become black. When I click on the Safari window to see what was going on, I noticed that the window that was opened had been replaced by a message from the thesofttic [dot] com asking me to "install the new Flash Player".

  It looked suspicious, so instead of following the instructions, I have google thesofttic [dot] com. I found that he is, apparently, a distributor of malware. Worse still, once he "digs its way into your computer," it can cause everything * to detach.

  Sources for the claim above:

  http://malwareremoved.com/how-to-stop-www-thesofttic-com-fake-upate-popup-Comple tely.

  http://pcthreatskiller.com/How-can-i-remove-thesofttic-com/

  So, I have several questions about this.

  First of all, have malware on my MacBook, even if I didn't click on the links to thesofttic [dot] com? How can I check for malware? If my MacBook has malware, how can I remove it?

  Secondly, I have had my iPad connected to my MacBook when thesofttic [dot] com window appeared. My iPad is now infected by malware as well? How will I know? If my iPad malware, how can I remove it?

  The two links above suggest you use MacBooster or MacKeeper, but these sounds like malware themselves!

  What should I do?

  Thanks in advance for your help.

  Effective defenses against software malware and other threats

  Phony 'technical support' / 'ransomware' popups and web pages

  Do not install third-party applications that claim win in performance or clean your computer.

  It is safe to download and use malwarebytes for Mac https://www.malwarebytes.com/antimalware/mac/

• How can I tell if there's malware on my laptop?

  Last night when I was on YouTube my mouse began to move sporadically on its own all of a sudden (I use the tracking key), there is no way than I imagined because he moved to great distances and has been also mirroring the effects of the use of the fingers swipe on several pages. Quickly, I turned off my laptop and turned on computer this morning and it did the same thing. The scariest part is that he only stopped once, I googled the phrase: "How do I know if a person is mirroring your laptop. I already deleted my browsing history, cache and download history (I just ticked all the boxes and set it to the "beginning of time"), but I'm still scared. Should I go to the apple store or is there some way to check for myself? Thank you for your help.

  Download and run MalwareBytes. Malwarebytes was developed by one of our colleagues here to ASC. He received rave reviews and is on the more proven anti-malware for Mac software.  is used by the geniuses of Apple at the Apple Store Genius Bars and Apple phone support agents.

• Malware/Strange in library folders

  This isn't for me, but a friend, I'm helping to clean his Macbook Pro to malware.

  I read the previous discussions that detail step by step how to remove Vsearch and other files of the LaunchAgents and the LaunchDaemons folders in the library, but it is still getting pop up of ads (she runs ad-block on Chrome) for Offers4u, and it becomes embedded links of high Deal.

  Looking around his laptop, I found a selection of very strange folders in its library. I have highlighted them in a screenshot below.

  

  All the records highlighted are unknown for her, none of them have a capitalized first letter and seem to be completely random words that are not applications or extensions. Any advice as to what they are? And if they are harmful, the best way to remove them (moving them to the trash just solve it?)

  Thank you

  OT

  You have installed one or more variants of the Trojan "VSearch. Please inactivate them as follows. This procedure leaves a few small files behind, but they have no effect, and trying to delete all them would be much more trouble that it's worth.

  This malware has many variations. Anyone else find that this comment should not expect that it is applicable.

  Back up all data before proceeding.

  Step 1

  VSearch variant you regenerates itself if you try to remove it when it is run. To remove it, you must first start in safe mode temporarily disable the malware.

  Note: If FileVault is enabled in OS X 10.9 or an earlier version, or if a firmware password is defined, or if the boot volume is a software RAID, you can not do this. Ask for other instructions.

  Step 2

  When running in safe mode, load the web page and then triple - click anywhere in the line below to select:

  /Library/LaunchDaemons

  In the Finder, select

  Go ▹ go to the folder...

  from the menu bar and paste it into the box that opens by pressing command + V. You won't see what you pasted a newline being included. Press return.

  A folder named "LaunchDaemons" will open. Press command-2 key combination to select the display of the list, if it is not already selected.

  There should be a column in the update Finder window. Click this title two times to sort the content by date with the most recent at the top. Please don't skip this step. Files that belong to an instance of VSearch will have the same date of change for a few minutes, then they will be grouped together when you sort the folder this way, which makes them easy to identify.

  Step 3

  In the LaunchDaemons folder, there may be one or more files with the name of this form:

  com Apple.something.plist

  When something is a random string, without the letters, different in each case.

  Note that the name consists of four words separated by dots. Typical examples are:

  com Apple.builins.plist

  com Apple.cereng.plist

  com Apple.nysgar.plist

  There may be one or more items with a name of the form:

  com.something.plist

  Yet once something is a random string, without meaning - not necessarily the same as that which appears in one of the other file names.

  These names consist of three words separated by dots. Typical examples are:

  com.semifasciaUpd.plist

  com.ubuiling.plist

  Drag all items in the basket. You may be prompted for administrator login password.

  Restart the computer and empty the trash.

  If you are not sure whether a file is part of the malware, order the contents of the folder by date modified, not name. Malicious files will be grouped together. There could be more than one such group. A file dated far in the past is not part of the malware. A folder in date dated Middle an obviously malicious cluster is almost certainly too malicious.

  If the files come back after you remove the, they are replaced by others with similar names, then either you didn't start in safe mode or you do not have all the. Return to step 1 and try again.

  Step 4

  Reset the home page in each of your browsers, if it has been modified. In Safari, first load the desired home page, then select

  ▹ Safari preferences... ▹ General

  and click on

  Set on the current Page

  If you use Firefox or Chrome web browser, remove the extensions or add-ons that you don't know that you need. When in doubt, remove all of them.

  Step 5

  The malware lets the web proxy discovery in the network settings. If you know that the setting was already enabled for a reason, skip this step. Otherwise, you should undo the change.

  Open the network pane in system preferences. If there is a padlock icon in the lower left corner of the window, click it and authenticate to unlock the settings. Click the Advanced button, and then select Proxies in the sheet that drops down. Uncheck that Auto Discovery Proxy if it is checked. Click OK, then apply, then close the window.

  Step 6

  This step is optional. Open the users and groups in the system preferences and click on the lock icon to unlock the settings. In the list of users, there may be one or more with random names that have been added by the malware. You can remove these users. If you are not sure whether a user is legitimate, do not delete it.

• Malware "Top case".

  Hello

  I have a problem with the malware "Top case". It highlights search terms that I recently used in regular text on a Web site, put in capital letters and place a green icon on the right with an arrow. It gives me the name of the program "Top case" when I move the cursor over the word. I ran Malawarebytes yesterday, but the problem persists. The malicious software could come from the version of the computer of the Whatsapp application. I also downloaded (official) trial versions of Adobe products recently. I have tried resetting Safari and updated my iMac to El Capitan just yesterday (the macbook a few weeks back), in the hope that would be to remove the malware, but have not had success.

  I'll attach screenshots of the demons of launch and run agents as well as active links. Is that what I can do, or would it be useful to reset the macs?

  Thanks for your help!

  

  

  

  

  A

  You have installed one or more variants of the Trojan "VSearch. Please inactivate them as follows. This procedure leaves a few small files behind, but they have no effect, and trying to delete all them would be much more trouble that it's worth.

  This malware has many variations. Anyone else find that this comment should not expect that it is applicable.

  Back up all data before proceeding.

  VSearch variant you regenerates itself if you try to remove it when it is run. To remove it, you must first start in safe mode temporarily disable the malware.

  Note: If FileVault is enabled in OS X 10.9 or an earlier version, or if a firmware password is defined, or if the boot volume is a software RAID, you can not do this. Ask for other instructions.

  When running in safe mode, load the web page and then triple - click anywhere in the line below to select:

  /Library/LaunchDaemons

  In the Finder, select

  Go ▹ go to the folder...

  from the menu bar and paste it into the box that opens by pressing command + V. You won't see what you pasted a newline being included. Press return.

  A folder named "LaunchDaemons" will open. Press command-2 key combination to select the display of the list, if it is not already selected.

  There should be a column in the update Finder window. Click this title two times to sort the content by date with the most recent at the top. Please don't skip this step. Files that belong to an instance of VSearch will have the same date of change for a few minutes, then they will be grouped together when you sort the folder this way, which makes them easy to identify.

  Inside that folder, there are one or more elements whose name starts like this:

  com Apple.

  There are also one or more items with a name in three parts of this form:

  com.something.plist

  and of this form:

  com.something .net - preferences.plist

  where something is a string empty of letters, different in each case. Typical examples are:

  com.hemolymphatic .net - preferences.plist

  com.semifasciaUpd.plist

  com.ubuiling.plist

  Drag all items in the basket. You may be prompted for administrator login password.

  Restart the computer and empty the trash.

  Reset the home page in each of your browsers, if it has been modified. In Safari, first load the desired home page, then select

  ▹ Safari preferences... ▹ General

  and click on

  Set on the current Page

  If you use Firefox or Chrome web browser, remove the extensions or add-ons that you don't know that you need. When in doubt, remove all of them.

  If you are not sure whether a file is part of the malware, order the contents of the folder by date modified, not name. Malicious files will be grouped together. There could be more than one such group. A file dated years in the past is not part of the malware. A folder in date dated Middle an obviously malicious cluster is almost certainly too malicious.

  If the files come back after you remove the, they are replaced by others with similar names, then either you didn't start in safe mode or you do not have all the. Try again.

  B

  The product of "Malwarebytes" could not remove the malware. That's what you always expect from these products: failure. I suggest that you remove the instructions of its developer and never install software "anti-malware" or "anti-virus" again. Based on these software for your safety is a dangerous mistake. Security lies in safe computing practices, not the software. Ask if you want advice.

  C

  'CleanMyMac' is a scam and a frequent cause of instability and poor performance. Depending on which version you have, the developer's instructions may not completely uninstall. Please follow these instructions, then do as below.

  Back up all data before proceeding.

  Triple-click anywhere in the line below on this page to select this option:

  /Library/LaunchDaemons/com.macpaw.CleanMyMac3.Agent.plist

  Right-click or Ctrl-click on the highlighted line and select

  Services ▹ reveal in Finder (or just to reveal)

  the contextual menu.*, a file can open with a selected item. If so, move the selected item to the trash. You may be prompted for administrator login password.

  Repeat with this line:

  /Library/PrivilegedHelperTools/com.macpaw.CleanMyMac3.Agent

  Restart the computer and empty the trash.

  You may also delete one or more of these elements in the same way:

  ~/Library/LaunchAgents/com.macpaw.CleanMyMac.helperTool.plist

  ~/Library/LaunchAgents/com.macpaw.CleanMyMac.volumeWatcher.plist

  ~/Library/LaunchAgents/com.macpaw.CleanMyMac3.Scheduler.plist

  Never install "CleanMyMac" or something like that.

  * If you do not see the item context menu copy the selected text in the Clipboard by pressing Control-C key combination. In the Finder, select

  Go ▹ go to the folder...

  from the menu bar and paste it into the box that opens by pressing command + V. You won't see what you pasted a newline being included. Press return.

• What are the specifics of the malware Facebook reported in the New York TIMES on August 26, 2013 column of Bits?

  Here is a link to the article:

  http://bits.blogs.nytimes.com/2013/08/26/malicious-software-poses-as-video-from-a-Facebook-friend/?NL=todaysheadlines & EMC = edit_th_20130827

  According to this, Firefox can be infected and typical of virus/malware programs are not effective to deal with the problem because blocking them malware.

  I was looking for an alert or specific discussion.

  Hello, it is probably important to add that this malware is spread using a vulnerability in chrome or firefox but by social engineering and by encouraging users to install malware under a false pretext. that in itself is not something unusual and happens all over the web all the time - the vector of infection seems to be very effective, however, since you are more likely to install something from one of your social contacts from a site randomly (which could claim a download is necessary because it lacks a plugin or by impostoring false update notice).

  If it really is only hanging in firefox as an add-on it should be fairly easy to remove - just press the SHIFT key while lance firefox to access safe mode, go to firefox > addons > extensions and delete something that seems suspicious and you have not added manually: Troubleshooting extensions, themes and problems of hardware acceleration to resolve common Firefox problems

  If your system has been compromised, it is also important to change all your stored passwords...

  Fix Firefox problems caused by malicious software

  Edit: the addon in question has already blocked by mozilla: https://addons.mozilla.org/firefox/blocked/i444

• Impossible to uninstall AVG seems to be a virus or malware

  don't know how or when AVG managed to 'permission' to install and to corrupt my firefox browser, but it can not be deleted now.

  enter in the add ons and tools, disable AVG has no effect. There is no AVG not found in Add/Remove programs.

  since nothing in firefox can disable or block or remove it, it seems to be a virus or malware. have removed or turned off and restarted the browser, again and again and again. restarted the pc 2 times of COURSE, after it has been disabled. always there.

  It's STUPID search, type something and it gives answers without value. now every time I have to manually type in www.google.com to access this site to enter search info. If I have to uninstall this thing without value of AVG in opening the hard drive and taking the sandpaper to these things bright disc inside to scrape away AVG, Im going to do.

  If anyone knows how to get a version of firefox that AVG DOES NOT HAVE? so I want to download it. If there is a driver or something that will be able to block AVG to set like a parasite to firefox? so I want to download it as well as

  HOW TO REMOVE THE MOY...
  1. click on... Beginning
  2. click on... Control Panel
  3. click on... Programs and features
  4. scroll down until you find AVG... click UNINSTALL

  FACT... worked for me!

• How can I remove chum research Malware on my Mac

  How can I remove chum research Malware on my Mac

  You may have installed one or more variants of the malware "VSearch' ad-injection. Please back up all data, and then take the steps below to disable it.

  Do not use any type of product, "anti-virus" or "anti-malware" on a Mac. It is never necessary for her, and relying on it for protection makes you more vulnerable to attacks, not less.

  Malware is constantly evolving to work around defenses against it. This procedure works now, I know. It will not work in the future. Anyone finding this comment a couple of days or more after it was published should look for a more recent discussion, or start a new one.

  VSearch malware tries to hide by varying names of the files it installs. To remove it, you must first identify the naming model.

  1 triple - click on the line below on this page to select, then copy the text to the Clipboard by pressing Control-C key combination:

  /Library/LaunchDaemons

  In the Finder, select

  Go ▹ go to the folder...

  from the menu bar and paste it into the box that opens by pressing command + V. You won't see what you pasted a newline being included. Press return.

  A folder named "LaunchDaemons" can open. If this is the case, press the combination of keys command-2 to select the display of the list, if it is not already selected.

  There should be a column in the update Finder window. Click this title two times to sort the content by date with the most recent at the top. Please don't skip this step. The files that belong to an instance of VSearch will have the same date of change within about a minute, so they will be grouped together when you sort the folder this way, which makes them easy to identify.

  Search in the folder with the name of all these forms:

  com.something.daemon.plist

  com.something.Helper.plist

  com.something .net - preferences.plist

  Here, something is a string, which may be different in each instance of VSearch random meaningless. So far it has always been an alphanumeric string without punctuation signs, such as "disbalance" or "thunderbearer."

  You may have more than one copy of the malware, with different values of something.

  There may be one or more files with the name of this form:

  com.somethingelseUpd.plist

  where George can be an empty string of sense that something different. Yet once, there may be more than one file of this type, with different values of Gisele.

  Here is a typical example of an infection VSearch:

  com.disbalance .net - preferences.plist

  com.thunderbearerUpd.plist

  You will have files with similar names, but probably not identical to these.

  If you feel confident that you have identified the files above, drag only the files - nothing - to the trash. You may be prompted for administrator login password. Close the Finder window.

  2. open this folder as in step 1:

  /Library/LaunchAgents

  Move to the trash all the files with the name of the form

  com.something.agent.plist

  where something is one of the strings that you found in step 1. There may be not all of these files.

  3. If you have whatever it is moved to the trash in step 1 and step 2, restart the computer and empty the trash.

  Do not remove the folder 'LaunchAgents' or "LaunchDaemons", or anything else inside of one or the other, unless you know you have another type of unwanted software and more VSearch. Records are a normal part of Mac OS X. The terms "agent" and "demon" is a reference to a program that starts automatically. This is not inherently bad, but the mechanism is sometimes exploited by hackers for malicious software.

  4 reset the home page in each of your browsers, if it has been modified. In Safari, first load the desired home page, then select

  ▹ Safari preferences... ▹ General

  and click on

  Set on the current Page

  The malware is now permanently inactivated, as long as you reinstall it never. A few small files will be left behind, but they have no effect, and trying to find all them is more trouble that it's worth.

  5. If you do not find the files or you are not sure about the identification, after what you have found.

  If in doubt, or if you have no backups, change nothing at all.

  6. the penalty may have started when you have downloaded and run an application called 'MPlayerX' or "PDF Pronto." If there is an element with a name in the Applications folder, delete it.

  This Trojan horse is often found on the illegal Web sites that traffic in content such as movies pirated. If you, or anyone else who uses the computer, visit these Web sites and follow the instructions to install the software, you can expect more of the same and worse, to follow. Never install software that you downloaded from a bittorrent, or which has been downloaded by someone else from an unknown source.

  In the aspect of security & confidentiality of system preferences, select the general tab. The marked anywhere radio button should not be selected. If this is the case, click the lock icon to unlock the settings, and then select an other keys. After that, do not ignore a warning that you are about to run or install an application from an unknown Director.

  Then, still in system preferences, open the pane of the App Store or software update and check the box marked

  Install the system data files and security updates (OS X 10.10 or later version)

  or

  Automatically download the updates (OS X 10.9 or earlier version)

  If it is not already done.

• How do we prevent windows pop up?  I have already installed Malwarebytes Anti-Malware

  I can't summarize my question is better than what I've already written and which is: How do we prevent windows pop up.  I have already installed

  Malwarebytes anti-malware.

  Well, if you're really under 10.5.4 as shown in your profile, then MalWareBytes certainly will not work. For example, you could write a better question: write an effective communities of Apple support question.

• How to get rid of malware on my macbook

  How to get rid of malware on my macbook... I'm getting lots of pop-up windows on my macbook and an employee of deleted Mac software I paid for (don't remember the name of it) when I was at the Mac store in Adelaide a few months ago because she said, Mac is not viruses or malware. All that has been downloaded to my Mac is disrupting my work so you would appreciate the help as soon as POSSIBLE... Please! Free would be better that I don't want to pay 2 times.

  Click here and follow the instructions, or if it is not a type of adware is covered by them on the computer, these. If you would rather not remove it manually, you can run rather MalwareBytes for Mac.

  MalwareBytes is a removal tool and does not stop adware or other malware from entering the computer. For effective protection, do not download software from sources other than the Mac App Store or Developer Web sites.

  (139521)

• Android malware

  The recent number of malware android Motorola Xooms (Honeycomb 3.0) effect and, if so, how one does meet it?

  One of the drawbacks of being of the first is that the answer is often 'not yet.'

  However, that being said:

  1. look at the list of apps that are floating as being problematic. A faster way would be to review the applications that you have installed (market > my Apps) and look at the name of the developer. The three developers who presented with malicious applications are: Myournet, Kingmall2010 and we20090202. Uninstall anything on their part.

  2. I would only factory reset if you had one of those installed. (Settings > privacy - or somewhere near this option)

  3. I would like to try installing the most regular as Lookout Mobile or AVGFree market that could also identify malicious applications. If they do not install, will have to wait.

  4. no doubt. Lookout Mobile I think it, but there are tons of alternatives as well. Although, if you think they are "soon to be available for the tablets, but not yet."

• Virus Malware Trojans and other junk

  Okay, so, it is true that I am not a Mac person, gasp, but here comes a true unbiased.

  I helped a member of the family rebuild a MacBook Pro using a USB stick to boot and install the latest version of El Capitan.  I was helping to restore the data literally 48 hours later and to my surprise, that the machine was infected with two pieces of malware (which was visible) 'Advanced Mac Cleaner' and 'ZipClould '.  It is interesting ZipCloud himself had placed in the dock bar, replacing a similar looking cloud storage service.

  So clearly the machine has been compromised, and it was easier to rebuild than to go on the road to 'cleaning up' at this stage.

  How can I avoid this happening again?  I can't look over the shoulder 24 x 7, but there should be a way to avoid this.

  Mac users often ask if they should install "anti-virus" (AV) or software "anti-malware". The answer is 'no', but it can give the false impression that there is no threat of what is loosely called 'virus '. There is a threat.

  1. it is a comment on what you should - and should not-do to protect you from malicious software ("malware") that runs on the Internet and gets onto a computer as an unintended consequence of the user's actions.

  It does not apply to the software, such as keyloggers, which can be installed deliberately by an intruder who has convenient access to the computer, or who has been able to take control of it remotely. This threat is in a different category, and there is no easy way to defend against it. AV software is not intended to and does not, to defend against these attacks.

  The comment is long because the issue is complex. The essential points are in articles 5 and 11.

  OS X implements now three levels of integrated protection specifically against malware, not to mention the protections of runtime such as quarantine the file, execute disable, sandbox, protecting the integrity of system, System Library randomization and randomized address space layout , which can also prevent other kinds of exploits.

  2. all versions of Mac OS X 10.6.7 were able to detect the malware Mac known in downloaded files and block non-secure web plugins. This feature is transparent to the user. Apple calls internally it "XProtect."

  The malware used by XProtect recognition database is automatically updated. However, you should not count on it, because the attackers are still at least a day before the defenders.

  The following restrictions apply to XProtect:

  ☞ circumvented by some third-party network software, such as the BitTorrent clients and Java applets.

  ☞ It applies only to software downloaded on the network. Software installed from a CD or other media is not verified.

  As new versions of Mac OS X are available, it is not clear whether Apple will continue indefinitely maintain the older versions such as 10.6 XProtect database. Versions of obsolete systems security may eventually be affected. Updates to security for the code of obsolete systems will be stop being released at any given time, and which can leave them open to other types of attack in addition to malware.

  3. starting with the OS X 10.7.5, there was a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and installation packages downloaded from the network will be run only if they are digitally signed by a developer to a certificate issued by Apple. Certified software in this way has not been checked for safety by Apple, unless it comes to the App Store, but you can be reasonably sure that it has not been changed by someone other than the developer. His identity is known to Apple, so it could be held legally responsible if it distributes malicious software. Which may not mean much if the developer lives in a country with a weak legal system (see below).

  Access controller does not depend on a database of known malware. He has, however, the same limitations as XProtect and in addition the following:

  ☞ It can easily be turned off or overridden by the user.

  ☞ A malware attacker could find a way around it, or could take control of a certificate of signing of code under false pretenses or could simply ignore the consequences of the distribution of malware Tryggvason.

  ☞ Developer App store could find a way around the Apple control, or the control may fail due to human error.

  Apple took too long to revoke some known attackers codesigning certificates, thus diluting the value of the keeper and the program developer ID. These variances do not involve the App Store products, however.

  For the reasons given, App Store, and, to a lesser extent - other applications recognized by signed Gatekeeper, are safer than others, but they cannot be considered to be absolutely sure. "Sand" applications could make to access to private data, such as your contacts, or for access to the network. Think that before granting access. Security sandbox is based on user input. Never click through any application for leave without thinking.

  4. by starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background. He checks and removes, malware that corresponds to a database of recognition held by Apple. To ensure that MRT will be executed when the database is updated, the App Store tab in system preferences and check the box marked

  Install the system data files and security updates

  If it is not already done.

  As XProtect, MRT is effective against known threats, but not against strangers. It alerts you if it detects malware, but otherwise, it has no user interface.

  5. the built-in Mac OS x security features reduce the risk of malware attack, but they are not and will never be complete protection. Malware is a problem of human behavior, not a behavior machine, and none only of technological solution will solve. Software protect you from trust only will make you more vulnerable.

  The best defense is always going to be your own intelligence. Except perhaps feats of Java, all the known malware, circulating on the Internet wearing reached a completely setting installation to update to OS X 10.6 or later takes the form of so-called "Trojans", which may have no effect if the victim is deceived in their execution. The threat thus amounts to a battle of wits between you and cybercriminals. If you are better informed, they think you are, you win. In effect, it means that you always stay in the shelter of practical computing. How do you know when you leave the safe harbor? Here are a few signs warning of danger.

  Software from a reliable source

  ☞ Software with a brand, such as Adobe Flash Player, does not come directly from the Web site. Don't be fooled an alert of any website for updating Flash, or your browser, or other software. A real alert that Flash is outdated and blocked is shown on this support page. In this case, follow the instructions on the support page. Furthermore, assume that the alert is false and that someone is trying to rip you off to install malicious software. If you see these alerts on more than one Web site, ask for instructions.

  ☞ Software any is distributed via BitTorrent or Usenet, or on a Web site that distributes pirated music and movies.

  ☞ Rogue sites Web such as CNET Download MacUpdate, Soft32, Softonic and SourceForge distribute free applications that have been packaged in a superfluous "install".

  ☞ The software is advertised through spam or intrusive web ads. Any announcement, on any site, which includes a direct link to a download should be ignored.

  Software that is clearly illegal or doing something illegal

  Commercial software ☞ high-end such as Photoshop is "cracked" or "free."

  ☞ An application helps you violates copyright law, for example to circumvent the copy protection on a commercial software, or streamed media recording to be reused without permission. All the 'YouTube downloaders' are in this category, but not all are necessarily malicious.

  Conditional or unsolicited offer from strangers

  ☞ A phone calling or a web page you indicates that you have a "virus" and offers to remove. (Some reputable sites warned visitors who have been infected with the malware "DNSChanger" legitimately. The exception to this rule applies.)

  ☞ A web site offers a free content like music or video, but for use, you must install a "codec", 'plug-in', 'player' 'Downloader', 'extractor', or 'certificate' which comes from the same site, or a stranger.

  ☞ You win a prize in a competition that you are never entered.

  ☞ someone on a forum like this is eager to help you, but only if you download an application of your choice.

  ☞ a 'FREE WI - FI!' network presents itself in a public place like an airport, but is not provided by management.

  ☞ Online everything that you expect to pay is 'free '.

  Unexpected events

  ☞ a file is downloaded automatically when you visit a web page, without any further action on your part. delete any file without opening it.

  ☞ You open what you think, it is a document and you receive an alert that it is "an application downloaded from the Internet." Click Cancel and delete the file. Even if you don't get the alert, you still need to delete any file that is not what you expected it to be.

  ☞ An application does something you don't expect, such as permission to access your contacts, your location or the Internet without obvious reason.

  ☞ Software is attached to the email you na not ask, even if it is (or seems to come) by a person of trust.

  I do not leave the safe harbour that once will necessarily lead to disasters, but make a habit of it will weaken your defenses against malicious software attacks. None of the above scenarios must, at the very least, make you uncomfortable.

  6. Java on the Web (not to be confused with JavaScript, to which it is not related, despite the similarity of names) is a weak point in the security of any system. Java is, among other things, a platform to run complex applications in a web page. That was always a bad idea, and Java developers have proved unable to apply it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been a type virus Windows affecting OS X. simply load a page with Java malicious content could be harmful.

  Fortunately, client-side Java on the Web is outdated and largely disappeared. Only a few outdated sites still use it. Try to accelerate the process of extinction by avoiding these sites, if you have a choice. Forget to play games or other uses not Java essentials.

  Java is not included in OS X 10.7 and later versions. Discrete Java installers are distributed by Apple and Oracle (the developer of Java). Do not use one unless you need it. Most of the people don't. If Java is installed, turn it off- not the JavaScript in your browser.

  Whatever the version, experience has shown that Java on the Web is not reliable. If you must use a Java applet for a job on a specific site, Enable Java only for the site in Safari. Never activate Java for a public Web site that carries the third-party advertising. Use only on websites that are well known, protected by login and secure without ads. In Safari 6 or later, you will see a padlock icon in the address bar when you visit a secure site.

  7. another perennial weak point is Adobe Flash Player. Like Java, Flash is declining well deserved, but content Flash is still much more widespread than the contents of Java on the Web. If you choose to install the Flash plugin, you can reduce your exposure to Flash by checking the box marked

  Stop the plug-ins to save energy

  in the Advanced tab of the preferences of Safari window, if not already done. Consider also installing an extension Safari as "ClickToFlash" or "ClickToPlugin." They will prevent the Flash content automatically load and are initially not Flash video is substituted for Flash on YouTube and perhaps a few other sites. I tested the extensions and found them safe, but you should always do your own research before you decide whether to trust any third party software.

  8. remain within the sphere of security, and you will be as safe from malware you can be practically. The rest of this comment is what you must do to protect you.

  Never install any AV or products 'Internet security' for Mac if you have a choice, because they are all worse than useless. If you are required by a (wrong) institutional policy to install some kind of AV, choose one of the free apps in the Mac App Store, nothing else.

  Why you should not use products AV?

  ☞ To recognize malware, software depends on a database of known threats, which is always at least one day to day. This technique is a proven failure, as a major supplier of AV software has admitted. Most of the attacks are "zero-day" - that is, previously unknown. Recognition-based AV does not defend against such attacks, and the enterprise IT industry comes to realize that the traditional AV software is worthless.

  ☞ design is based generally on the nonexistent threat that malware can be injected at any time, anywhere in the file system. Malware is downloaded from the network; He is not of the blue leaves. To meet this threat does not exist, a commercial AV software changes or low level functions of the operating system, which is a waste of resources and a frequent cause of instability, bugs, poor performance, and duplicates.

  ☞ changing the operating system, the software can also create weaknessesthat could be exploited by malicious attackers.

  ☞ especially, a false sense of security is dangerous. This fact relates to all AV software it will never be any changes elsewhere.

  9. a free AV product from the Mac App Store is safe as long as you don't let it delete or move files. Ignore all the warnings that it can give you on "heuristic" or "phishing." These warnings, if they are not simply false positives, see the text of e-mail messages or updates cached web pages, not malware.

  An AV application is not necessary and may not be invoked for protection against malware for OS X. It is useful, or even not at all, only to detect malware Windows and even for this use it is not really effective, because the new Windows malware makes its appearance much faster than OS X malware.

  Windows malware cannot hurt you directly (unless, of course, you use Windows). Just do not pass to someone else. A malicious link in the e-mail is usually easy to recognize by the name alone. A concrete example:

       London Terror Moovie.avi [124 spaces] Checked By Norton Antivirus.exe

  You don't need software to tell you it's a horse Trojan for Windows. Software may be able to tell what trojan is, but who cares? In practice, there is no reason to use a recognition software, unless an organizational strategy requires. Malware Windows is so widespread that you must assume that it is in each attachment until proof to the contrary. Nevertheless, a free AV product on the App Store can serve a purpose if it fulfills a misinformed network administrator that says you must have some sort of application AV. An App Store product will not change the operating system; in fact, it does nothing, unless you run it.

  If you are just curious to know if a file is considered malware by the AV engines, you can download it from the "VirusTotal" site, where it will be tested against most of them without charge. A negative result is evidence of what whether, for the reasons given above. I do not recommend doing this with a file that may contain private information.

  10. There seems to be a common belief that the firewall Application acts as a barrier to infection, or prevents operation of malware. He does not. It blocks incoming connections to some network services you are using, such as file sharing. It is disabled by default, and you should leave it like that if you're behind a router on a private home or office network. Activate only when you are on an untrusted network, for example a public Wi - Fi hotspot, where you do not want to provide services. Disable services that you don't use in the sharing preferences window. All are disabled by default.

  11. as a Mac user, you don't have to live in fear that your computer may be infected whenever you install the software, read emails, or visit a web page. But nor can you assume that you will always be free from exploitation, no matter what you do. Internet browsing, it's like walking the streets of a big city. It can be as safe or as dangerous that you choose to do so. The greatest harm done by software AV is precisely its selling point: it makes people feel safe. They can then feel sufficiently safe to take risks, which the software does not protect them. Nothing can reduce the need for safe computing practices.

• A PC can operate effectively WITHOUT the need for anti-virus software?

  Come to think if the first PC I've had and the worms Blaster threatened everyone...

  I do not just shoot when to install my anti-virus software, I need to close my Windows Firewall... 2 + 2 = and Yes, when I did I got the virus of shit...

  If only I had not installed the Norton... do you not think that any PC can operate without the need for anti-virus software knowing that you must close

  the Windows firewall and use theres rather...?

  I wonder!

  Hello

  It would be unwise to try to start without antivirus/antispyware are has just too many real threats and
  methods for malware to attack the system. If you attempt to do if of course you have redundant and
  current backups.

  Here's what I use and recommend: (these are all free and very effective versions.)

  Avast and Prevx proved extremely reliable and compatible with all I have
  launched on them. Microsoft Security Essentials and Prevx have also proven to be very
  reliable and compatible. Use MSE or Avast and Prevx, Prevx 3 but not all.

  Avast Home free - stop any shields is not necessary except leave the file system, Web,.
  Operational network (Script and behavior are also recommended in Ver 6 +).

  Prevx - Home - free

  Windows Firewall

  Windows Defender (is not necessary if you use MSE)

  Protected IE - mode

  IE 8 - SmartScreen filter WE (IE 7 phishing filter)

  I also IE always start with asset if filter InPrivate IE 8.
  (It may temporarily turn off with the little icon to the left of the + bottom
  right of IE)

  Two versions of Avast are available 6.x and 4.8 x

  Avast - home - free - 6.x stop shields you do not use (except files, Web, network, &)
  Shields of behavior) - double click on the icon in the Notification area - real time Orange - click on the
  Shield that you want to stop - STOP. To stop the Orange icon to show an error indicator-
  Click on the Orange icon - top right - settings - click on the status bar - uncheck shields you
  disabled - click OK
  http://www.avast.com/free-antivirus-download

  Avast 4.8 x - home - free - stop shields, you don't need except leaving Standard, Web,.
  and the network running. (Double-click the blue icon - look OK. - upper left - Shields details
  Finish those you don't use).
  http://www.avast.com/free-antivirus-download#TAB4

  Or use Microsoft Security Essentials - free
  http://www.Microsoft.com/Security_Essentials/

  Prevx works well alongside MSE or Avast

  Prevx - home - free small, fast, exceptional protection CLOUD, working with other security
  programs. It is a single scanner, VERY EFFICIENT, if it finds something come back here
  or use Google to see how to remove.
  http://www.prevx.com/   <-->
  http://info.prevx.com/downloadcsi.asp  <-->

  Choice of PCmag editor - Prevx-
  http://www.PCMag.com/Article2/0, 2817,2346862,00.asp

  Also get Malwarebytes - free - use as scanner only. If you ever think malware and that
  would be unusual with Avast and occasional Prevx running with the exception of a low level cookie
  (not much), to UPDATE and then run it as a scanner. I have a lot of scanners and they
  never find anything of note that I started to use this configuration.
  http://www.Malwarebytes.org/products/malwarebytes_free

  I hope this helps and happy holidays!

  Rob Brown - Microsoft MVP<- profile="" -="" windows="" expert="" -="" consumer="" :="" bicycle="" -="" mark="" twain="" said="" it="">