When you open a downloaded application, File Quarantine checks if it matches any of the malware definitions in the XProtect file. If it does, you’ll see a nastier warning message that says running the file will damage your computer and informing you which malware definition it matches. You can even open this file and see the list of malicious applications Mac OS X is checking for when you open downloaded application files. Back in 2009, Apple made File Quarantine also check downloaded application files against a list stored in the System/Library/Core Services/CoreTypes.bundle/Contents/Resources/ist file on your Mac.