thermitefist wrote:
ok ill try the F-secures removal tool. and the file name and path are /Library/Application Support/Apple/.SafariArchive.tar.gz and i couldnt find anything there.
That is an invisible file that is left over from updating Safari and of no danger to anybody. It's put there in case anything goes wrong with the update so that the installer can revert back to the older version. All it means is that Safari was, at one point, infected by the Flashback Trojan, but was rendered harmless when you replaced it. You may have experienced some Safari crashes at the time as early versions were buggy in that respect. I would have thought that the installer would delete it upon successful installation, but I see that I have one, as well.
It's not really necessary, but there are a couple of ways to get rid of it.
You can make invisible files visible temporarily which will allow you to find and trash the file and then make them invisible again (unless you would like to leave them that way). Several third party utilities will do this for you or there are terminal commands available in this article http://www.mikesel.info/show-hidden-files-mac-os-x-10-7-lion/.
Or you could just delete it by opening the Terminal app (found in /Applications/Utilities/) then copy and paste the following command into the window after the "$ " prompt:
rm -f /Library/Application\ Support/Apple/.SafariArchive.tar.gz
followed by the return key.
The only confirmation you will get if it works is the return of the "$ " prompt. If it fails it will give you an error message.
i also looked in the original file that it infected which is /Applications/Safari.app/Contents/Resources/.MacareanOfTime.xsl and there was nothing there either
I'll have to think and look into this a bit more.