Q: Virus on MacBook Air - Popups, links, and videos showing up where they aren't supposed to.. please help???

Mind sharing what you think are suspicious things?

I don't see anything there to be concerned about.

Do you have Geneio installed on your Mac?

For direction to find out and to uninstall it, read http://www.thesafemac.com/arg-genieo/

Allan

You probably installed the "DownLite" trojan, perhaps under a different name. Remove it as follows.

Triple-click anywhere in the line below on this page to select it:

/Library/Application Support/VSearch

Right-click or control-click the line and select

Services ▹ Reveal in Finder (or just Reveal)

from the contextual menu.* A folder should open with an item named "VSearch" selected. Drag the selected item to the Trash. You may be prompted for your administrator login password.

Repeat with each of these lines:

/Library/LaunchAgents/com.vsearch.agent.plist
/Library/LaunchDaemons/com.vsearch.daemon.plist
/Library/LaunchDaemons/com.vsearch.helper.plist
/Library/LaunchDaemons/Jack.plist
/Library/PrivilegedHelperTools/Jack
/System/Library/Frameworks/VSearch.framework

Some of these items may be absent, in which case you'll get a message that the file can't be found. Skip that item and go on to the next one.

Restart and empty the Trash. Don't try to empty the Trash until you have restarted.

From the Safari menu bar, select

Safari ▹ Preferences... ▹ Extensions

Uninstall any extensions you don't know you need, including any that have the word "Spigot" in the description. If in doubt, uninstall all extensions. Do the equivalent for the Firefox and Chrome browsers, if you use either of those.

This trojan is distributed on illegal websites that traffic in pirated movies. If you, or anyone else who uses the computer, visit such sites and follow prompts to install software, you can expect much worse to happen in the future.

You may be wondering why you didn't get a warning from Gatekeeper about installing software from an unknown developer, as you should have. The reason is that the DownLite developer has a codesigning certificate issued by Apple, which causes Gatekeeper to give the installer a pass. Apple could revoke the certificate, but as of this writing, has not done so, even though it's aware of the problem. It must be said that this failure of oversight is inexcusable and has seriously compromised the value of Gatekeeper and the Developer ID program. You cannot rely on Gatekeeper alone to protect you from harmful software.

*If you don't see the contextual menu item, copy the selected text to the Clipboard by pressing the key combination  command-C. In the Finder, select

Go ▹ Go to Folder...

from the menu bar and paste into the box that opens by pressing command-V. You won't see what you pasted because a line break is included. Press return.

That's the "GoPhoto" trojan. It's an extension for Safari and Chrome, and an add-on for Firefox. Remove it from the first two, and if you use Firefox see below.

Remove gophoto.it | Firefox Support Forum

This worked perfectly for me. Thanks.

Linc Davis, THAT WORKED. As of October 8th 2014, almost midnight, LINC DAVIS's first suggestion worked like a charm.

I've had this laptop for all of THREE months, from Day 1 it was giving me multiple pop up ads. I got used to closing them over and over, but I was literally closing ads EVERY SINGLE time I opened a new page. If I clicked anywhere, a new tab would open with MacKeeper and MacBook Lock and Wix and Purifier, just to name a few.... On Amazon, windows popped open the minute the page loaded, one large on on the far right, all the way to the bottom of the page, one price comparison ad that ran across the bottom, and then a very slow and LOUD video ad that creeped up on the far left. That's just Amazon. Don't get me started on all the other ones. If I went to Victoria's Secret to do some shopping, it would open new tabs with ****. It was like living an unfathomable embarrassing nightmare, letting my mom look at it to try and fix it. Luckily, no naked people showed up that time, but she (who is a computer genius, underneath her mother/housewife hat) was so overwhelmed with the ads, and couldn't find anything else (that I hadn't already tried) that would fix it.

I didn't find anything about GoPhoto anywhere, but I found almost all of those "VSearch" in my Library. And swiftly deleted them away with a vengeance. Thank you Linc Davis for saving the lives of myself, my children, and my computer. I will watch Netflix WITHOUT closing a pop-up and having to reopen the fullscreen mode every. fifteen. minutes.

Excuse the dramatic emphasis. You'd be happy too.

Totally worked for me, thanks a lot!

I have similar problem , can you please explain again how to fix it.