Skip navigation

I think i have malware on my mac

1097 Views 9 Replies Latest reply: Mar 22, 2013 3:13 PM by The hatter RSS
SamahKhan Calculating status...
Currently Being Moderated
Mar 18, 2013 12:55 PM

Hi,

Firefox had this banner that said to download the new HD flash player and i did, but then i found out that it was a virus. Now, random words on the internet are underlined and when i hover above it, an ad appears. Is it malware and how do i fix it?

  • The hatter Level 9 Level 9 (58,595 points)
    Currently Being Moderated
    Mar 18, 2013 1:09 PM (in response to SamahKhan)

    Never fall for these - never download flash except directly from http://getflash.com or Adobe or Apple.

     

    That you fell for a common ploy, a scam, duped into downloading malware.

     

    Okay, now how to remove it?

     

    Nuke it.

     

    Restore from backup. You do keep a backup of your system, hopefully a clone in fact.

     

    Assuming you didn't stumble into this forum by accident and have a laptop instead, you do have 65 lb Mac sitting there? Pull the hard drive, slap in a backup or new drive.

     

    Don't use that system.

     

    Use Mountain Lion? use Recovery Mode.

     

    None of that an option? ML does have Gatekeeper.

     

    There are people that keep tabs and posting FAQs and "More like this" on the right side of this page has some common threads. Thomas Reed is active here and Mac OS forum and elsewhere with tutorials and what currently is best.

     

    So going to #2 "malware" thread on the right turns up:

     

    See Thomas Reed's Mac Malware Guide.

  • The hatter Level 9 Level 9 (58,595 points)
    Currently Being Moderated
    Mar 18, 2013 1:49 PM (in response to SamahKhan)

    TimeMacine for data. Carbon Copy Cloner for your system - you can use one hard drive with two partitions.

     

    Having the system on say SSD and data on 2TB drive is proper method. Then one external and one internal drive for backups.

     

    That means you data is not just in one place.

     

    As for Lion, fine but now you need to either scrub your system or erase and reinstall. And that depends on what Mac model year and such and what OS did it ship with. And what steps Reed outlines for your type of malware.

  • Linc Davis Level 10 Level 10 (107,995 points)
    Currently Being Moderated
    Mar 18, 2013 10:22 PM (in response to SamahKhan)

    Most likely, you installed a malicious Firefox add-on. Disable all add-ons and test.

  • Tycoon24 Level 1 Level 1 (15 points)
    Currently Being Moderated
    Mar 21, 2013 10:17 AM (in response to SamahKhan)

    SamahKhan wrote:

     

    Hi,

    Firefox had this banner that said to download the new HD flash player and i did, but then i found out that it was a virus. Now, random words on the internet are underlined and when i hover above it, an ad appears. Is it malware and how do i fix it?

     

    First you should verify which version of Flash you're running, then compare that to the newest version of Flash Player. That should tell you if you have installed a legitimate version. If you're unsure how to do this, here's a guide that should help: http://www.intego.com/mac-security-blog/how-to-tell-if-adobe-flash-player-update -is-valid/ In the future, you should definitely only install those sorts of updates from Adobe. You should also run some form of antivirus scan to be sure your Mac isn't infected with malware, and if it is infected, just remove it and you should be good to go.

  • The hatter Level 9 Level 9 (58,595 points)
    Currently Being Moderated
    Mar 21, 2013 11:23 AM (in response to SamahKhan)

    there is an  PUPs (potentially unwanted program) adware from Yontoo that rewrites web pages with popups and injects itself, it also tries to fool the user and system to what it is. Intego and others don't call it a trojan others do.

     

    New Mac Yontoo adware trojan hitting OS X browsers (Windows also) a trojan?

    http://t.co/evRRGmOxTe ZDNet backdoor installer overwrites web pages

  • andyBall_uk Level 6 Level 6 (17,595 points)
    Currently Being Moderated
    Mar 22, 2013 2:37 PM (in response to The hatter)

    >>Never fall for these - never download flash except directly from http://getflash.com or Adobe or Apple.

     

    I'd avoid getflash.com,  it's just adverts &  a 'domain for sale' sign - if it ever links to something useful, there's no reason to trust it.

  • Grant Bennet-Alder Level 8 Level 8 (48,145 points)
    Currently Being Moderated
    Mar 22, 2013 2:40 PM (in response to andyBall_uk)

    I think the hatter intended to reference this, the official adobe flash download site:

     

    http://get.adobe.com/flashplayer

    Mac Pro (Early 2009), Mac OS X (10.6.8), & Server, PPC, & AppleTalk Printers
  • The hatter Level 9 Level 9 (58,595 points)
    Currently Being Moderated
    Mar 22, 2013 3:13 PM (in response to Grant Bennet-Alder)

    Yes, I just type the first part and should have said "getflash player" and always always be on Adobe web site!!

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.