yesproductions

Q: Malware on mac

Hey I was streaming and accidentally clicked something I shouldn't have.

Now every time I try to open a tab or click on a link, I'm bombarded with pop-ups.

The only way I can avoid this is by right clicking and choosing "open in new tab"

 

I went through all my apps and deleted the one that looked suspicious and emptied the junk folder.

 

What else can I do to fix this?

 

I'm running OSX El Capitan version 10.11.1

iMac (21.5-inch Mid 2010)

Posted on Nov 7, 2015 12:37 PM

Close

Q: Malware on mac

  • All replies
  • Helpful answers

Page 1 Next
  • by Niel,Apple recommended

    Niel Niel Nov 8, 2015 2:48 PM in response to yesproductions
    Level 10 (313,523 points)
    Mac OS X
    Nov 8, 2015 2:48 PM in response to yesproductions

    Click here and follow the instructions, or if there’s a type of adware not covered by them on the computer, these ones. If you'd rather not remove it manually, you can instead run MalwareBytes for Mac.


    MalwareBytes is a removal tool and doesn't stop adware or other malware from getting onto the computer. To prevent future incidents, avoid downloading software from sources other than the Mac App Store or the developer websites.


    (135926)

  • by WZZZ,

    WZZZ WZZZ Nov 7, 2015 12:58 PM in response to yesproductions
    Level 6 (13,112 points)
    Mac OS X
    Nov 7, 2015 12:58 PM in response to yesproductions

    Or get Sophos, which now actively scans for adware before it can get installed.

     

    https://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-e dition.aspx

  • by pinkstones,

    pinkstones pinkstones Nov 7, 2015 2:25 PM in response to WZZZ
    Level 5 (4,209 points)
    Safari
    Nov 7, 2015 2:25 PM in response to WZZZ

    Macs don't need anti-virus software, it doesn't matter what flavor it goes by.  AVG, Avira, Avast, Kaspersky, Norton, Sophos.....it's all unnecessary.  It's as unnecessary and useless as MacKeeper, CleanMyMac, and all of the other fraudulent programs like them.

  • by WZZZ,

    WZZZ WZZZ Nov 7, 2015 3:31 PM in response to pinkstones
    Level 6 (13,112 points)
    Mac OS X
    Nov 7, 2015 3:31 PM in response to pinkstones

    pinkstones wrote:

     

    Macs don't need anti-virus software, it doesn't matter what flavor it goes by.  AVG, Avira, Avast, Kaspersky, Norton, Sophos.....it's all unnecessary.  It's as unnecessary and useless as MacKeeper, CleanMyMac, and all of the other fraudulent programs like them.

    Hmmm. Been drinking the ASC knee-jerk anti-AV Kool-Aid? I have some things to say about that cocksure anti-AV attitude, but not interested in getting into that one right now. Anyway, if you read again more carefully, you'll realize that I wasn't recommending Sophos for its A-V, rather because it scans on-access for adware. What this topic was about. Stops it before it can get into your system. A new feature.

  • by Linc Davis,

    Linc Davis Linc Davis Nov 7, 2015 4:59 PM in response to yesproductions
    Level 10 (208,000 points)
    Applications
    Nov 7, 2015 4:59 PM in response to yesproductions

    You may have installed ad-injection malware ("adware.")

    Don't use any kind of "anti-virus" or "anti-malware" product on a Mac, especially not "Sophos." There is never a need for it, and relying on it for protection makes you more vulnerable to attack, not less.

    Some of the most common types of adware can be removed by following Apple's instructions. If those instructions don't work for you, or if you have trouble following them, see below.

    This easy procedure will detect any kind of adware that I know of. Deactivating it is a separate, and even easier, procedure that doesn't involve downloading anything.

    Some legitimate software is ad-supported and may display ads in its own windows or in a web browser while it's running. That's not malware and it may not show up. Also, some websites carry intrusive popup ads that may be mistaken for adware.

    If none of your web browsers is working well enough to carry out these instructions, restart the computer in safe mode. That will disable the malware temporarily.

    Step 1

    Please triple-click the line below on this page to select it, then copy the text to the Clipboard by pressing the key combination command-C:

    ~/Library/LaunchAgents

    In the Finder, select

              Go â–¹ Go to Folder...

    from the menu bar and paste into the box that opens by pressing command-V. Press return. Either a folder named "LaunchAgents" will open, or you'll get a notice that the folder can't be found. If the folder isn't found, go to the next step.

    If the folder does open, press the key combination command-2 to select list view, if it's not already selected. Please don't skip this step.

    There should be a column in the Finder window headed Date Modified. Click that heading twice to sort the contents by date with the newest at the top. If necessary, enlarge the window so that all of the contents are showing.

    Follow the instructions in this support article under the heading "Take a screenshot of a window." An image file with a name beginning in "Screen Shot" should be saved to the Desktop. Open the screenshot and make sure it's readable. If not, capture a smaller part of the screen showing only what needs to be shown.

    Start a reply to this message. Drag the image file into the editing window to upload it. You can also include text in the reply.

    Leave the folder open for now.

    Step 2

    Do as in Step 1 with this line:

    /Library/LaunchAgents

    The folder that may open will have the same name, but is not the same, as the one in Step 1. As in that step, the folder may not exist.

    Step 3

    Repeat with this line:

    /Library/LaunchDaemons

    This time the folder will be named "LaunchDaemons."

    Step 4

    Open the Safari preferences window and select the Extensions tab. If any extensions are listed, post a screenshot. If there are no extensions, or if you can't launch Safari, skip this step.

    Step 5

    If you use the Firefox or Chrome browser, open its extension list and do as in Step 4.

  • by WZZZ,

    WZZZ WZZZ Nov 8, 2015 5:36 AM in response to yesproductions
    Level 6 (13,112 points)
    Mac OS X
    Nov 8, 2015 5:36 AM in response to yesproductions

    MalwareBytes for Mac already recommended. Does the heavy lifting for you. Simplest, easiest, and, above all, safest solution. As this very wise contributor has said,

     

    Linc Davis wrote: You may do more damage by mucking around in directories and parts of the OS with which you are not familiar.

  • by etresoft,

    etresoft etresoft Nov 8, 2015 10:03 AM in response to pinkstones
    Level 7 (29,298 points)
    Mac OS X
    Nov 8, 2015 10:03 AM in response to pinkstones

    pinkstones wrote:

     

    Macs don't need anti-virus software, it doesn't matter what flavor it goes by.  AVG, Avira, Avast, Kaspersky, Norton, Sophos.....it's all unnecessary.  It's as unnecessary and useless as MacKeeper, CleanMyMac, and all of the other fraudulent programs like them.

    Hello pinkstones,

    That used to be my line a few years ago. I am starting to have second thoughts. For example, there was a big kerfuffle the other day about MacUpdate distributing adware-laden installers. But the person who discovered this was alerted by the BitDefender anti-virus program: https://twitter.com/curdaneta/status/660264409747628032

     

    Like you, I'm still not ready to start recommending antivirus software for the Mac. I think it was just the other day here on ASC that I saw someone with an EtreCheck report that listed both adware and WebRoot antivirus. Clearly the antivirus wasn't helping in that case. Back in the day, I always used to say that if a company ever came out with a decent antivirus product that didn't destabilize the user's machine and didn't spend 100% of its time checking for harmless Windows malware, I would reconsider my old anti-anti-virus position. Then MalwareBytes came along and put that to the test. So far, MalwareBytes doesn't destabilize machines and focuses exclusively on Mac-specific threats like newly rampant adware and a few malware products. I have used it and recommended it with good results, as have many other people.

     

    To make matters worse, as the problem with Mac and iOS malware has dramatically increased the past few years, Apple itself seems to be resting on its security laurels. Windows people always said the Mac's reputation for high security was just because no one was interested in hacking it. More and more, it is looking like those Windows naysayers were completely right.

     

    I think it is time that Apple customers start thinking about anti-malware products. If we can identify and recommend the good ones, like MalwareBytes, then perhaps the other vendors will notice and improve their products for Apple customers. Maybe even Apple would notice. Then we all win.

  • by pinkstones,

    pinkstones pinkstones Nov 8, 2015 10:11 AM in response to etresoft
    Level 5 (4,209 points)
    Safari
    Nov 8, 2015 10:11 AM in response to etresoft

    etresoft wrote:

     

    pinkstones wrote:

     

    Macs don't need anti-virus software, it doesn't matter what flavor it goes by.  AVG, Avira, Avast, Kaspersky, Norton, Sophos.....it's all unnecessary.  It's as unnecessary and useless as MacKeeper, CleanMyMac, and all of the other fraudulent programs like them.

    Hello pinkstones,

    That used to be my line a few years ago. I am starting to have second thoughts. For example, there was a big kerfuffle the other day about MacUpdate distributing adware-laden installers. But the person who discovered this was alerted by the BitDefender anti-virus program: https://twitter.com/curdaneta/status/660264409747628032

     

    Like you, I'm still not ready to start recommending antivirus software for the Mac. I think it was just the other day here on ASC that I saw someone with an EtreCheck report that listed both adware and WebRoot antivirus. Clearly the antivirus wasn't helping in that case. Back in the day, I always used to say that if a company ever came out with a decent antivirus product that didn't destabilize the user's machine and didn't spend 100% of its time checking for harmless Windows malware, I would reconsider my old anti-anti-virus position. Then MalwareBytes came along and put that to the test. So far, MalwareBytes doesn't destabilize machines and focuses exclusively on Mac-specific threats like newly rampant adware and a few malware products. I have used it and recommended it with good results, as have many other people.

     

    To make matters worse, as the problem with Mac and iOS malware has dramatically increased the past few years, Apple itself seems to be resting on its security laurels. Windows people always said the Mac's reputation for high security was just because no one was interested in hacking it. More and more, it is looking like those Windows naysayers were completely right.

     

    I think it is time that Apple customers start thinking about anti-malware products. If we can identify and recommend the good ones, like MalwareBytes, then perhaps the other vendors will notice and improve their products for Apple customers. Maybe even Apple would notice. Then we all win.

     

    I always recommend Malwarebytes to people complaining of malware/adware on their systems.  I've had to use it myself before to get rid of stuff I didn't even know was there.  However, I don't consider it anti-virus software, and maybe that's a bit pedantic, but it doesn't actively scan your computer for threats, you use it after the fact to get rid of the threat(s).  I don't class it the same way I do AVG/Avast/Avira/Kaspersky/Norton/Sophos.

  • by etresoft,

    etresoft etresoft Nov 8, 2015 10:22 AM in response to pinkstones
    Level 7 (29,298 points)
    Mac OS X
    Nov 8, 2015 10:22 AM in response to pinkstones

    pinkstones wrote:

     

    I always recommend Malwarebytes to people complaining of malware/adware on their systems.  I've had to use it myself before to get rid of stuff I didn't even know was there.  However, I don't consider it anti-virus software, and maybe that's a bit pedantic, but it doesn't actively scan your computer for threats, you use it after the fact to get rid of the threat(s).  I don't class it the same way I do AVG/Avast/Avira/Kaspersky/Norton/Sophos.

    Yes. I agree. But things are starting to get complicated. MalwareBytes actually does scan for malware. It just doesn't destabilize or slow down your system.

     

    I think those fine distinctions in behaviour just confuse most people. Personally, I would prefer to just lump all of them into the same category of products and recommend the ones we like the best. That is what we do with all other categories. I think that approach benefits everyone. For example, I know a number of people here on ASC are fond of the new Affinity suite of graphic design tools that have recently been ported from Windows. Right now, I'm happy with Logoist, Pixelmator, and iDraw/Graphic. But I'm still paying attention to Affinity. If there comes a day when I need more than what my current software provides, I now know what might be a good alternative. I would like to see the same thing happen for malware. If we can be prepared to let go of old ideas about AV the same way we seem to be doing with Adobe, we all benefit. I'm not saying anyone must do this or that. I'm just saying consider all possible futures and be prepared to change with the times.

  • by Linc Davis,

    Linc Davis Linc Davis Nov 8, 2015 11:38 AM in response to yesproductions
    Level 10 (208,000 points)
    Applications
    Nov 8, 2015 11:38 AM in response to yesproductions

    Your question brings up the subject of removing adware. This is a general comment on that subject.

    Under no circumstances should you ever allow anti-virus software to delete something for you.

    The only tools that anyone needs to detect and remove adware are the Finder and a web browser, both of which you already have. Anyone who has enough computer skill to install adware can just as well remove it without using anything else.

    Apple's general statements about malware protection are here and here, and here are its instructions for removing the most common types of ad-injection malware. Those statements don't mention any third-party "anti-virus" or "anti-malware" product. Apple's method for removing adware involves only the Finder and a web browser, as stated above.

    You become infected with malware by downloading unknown software without doing research to determine whether it's safe. If you keep making that mistake, the same, and worse, will keep happening, and no anti-malware will rescue you. Your own intelligence and caution are the only reliable defense.

    The Windows/Android anti-malware industry had more than $75 billion in sales in 2014 [source: Gartner, Inc.] Its marketing strategy is to convince people that they're helpless against malware attack unless they use its products. But with all that anti-malware, the Windows and Android platforms are still infested with malware—most of it far more harmful than mere adware. The same can be expected to happen to the Mac platform if its users trust the same industry to protect them, instead of protecting themselves.

    You are not helpless, and you don't have to give full control of your computer—and your data—to strangers in order to be rid of adware.

    These are generalities. Regarding the "malwarebytes" product in particular, you may be told that there are no reports that is has caused damage. In fact, there are such reports; for example:

    I found malware or adware on my system the other day. I removed it with Maleware Bytes and since then Safari has not worked proper at all.

    preferences pane will not load

    Read that report and draw your own conclusions—not anyone else's conclusions.

    The developer itself admitted that the Windows version of the product has been known to delete essential system files.

    Whether the software damages the system or not, it prompts for your password in order to take full adminstrative control, and connects via the Internet to a server controlled by the developer. The developer's privacy policy, linked directly to the product page, reads in part as follows:

    "Without limiting the Privacy Policy, you agree that Malwarebytes may track certain data it obtains from your Computer including data about any malicious software or other threats flagged by the Software, data about your license, data about what version of the Software you are using and what operating conditions it runs under and data concerning your geographic location."

    (Emphasis added.) So the developer admits to tracking your location, as well as other unspecified data, and gives itself the legal right to collect any data it chooses. How it uses that right, you don't know. By running the software, you accept these terms.

    It's sometimes said that the Malwarebytes product only removes adware rather than malware as such (if there's a difference), and that it therefore shouldn't be stigmatized as anti-malware. The developer's own description does distinguish between adware and malware, and specifically mentions removing malware as a selling point six times. A self-described employee of the developer wrote in an ASC discussion, "Actually, it's also a malware removal app..." (emphasis added.)

    The question then is: as a security-conscious computer user, do you want to take risks where there is no benefit?

  • by WZZZ,

    WZZZ WZZZ Nov 8, 2015 12:09 PM in response to etresoft
    Level 6 (13,112 points)
    Mac OS X
    Nov 8, 2015 12:09 PM in response to etresoft

    I've been running Sophos for a few years now. I haven't found that it slows anything down appreciably. In the latest version, the 9.4, however, do not select Scan inside archives and compressed files. Doing so may, depending on what else is open, cause serious slow-downs or freezes. Other than that, no problems.

     

    I also have Knock-Knock, which scans for persistently installed items. Automatically links to VirusTotal.

     

    https://objective-see.com/products/knockknock.html

  • by etresoft,

    etresoft etresoft Nov 8, 2015 12:33 PM in response to WZZZ
    Level 7 (29,298 points)
    Mac OS X
    Nov 8, 2015 12:33 PM in response to WZZZ

    WZZZ wrote:

     

    I've been running Sophos for a few years now. I haven't found that it slows anything down appreciably. In the latest version, the 9.4, however, do not select Scan inside archives and compressed files. Doing so may, depending on what else is open, cause serious slow-downs or freezes. Other than that, no problems.

    Thomas used to be a big fan of Sophos, then he kind of soured on them and made his own. I will keep your recommendation in mind. But at this time, I'm still in wait-and-see mode. I used to be required to run Symantec Endpoint Protection on my .gov computer. Since it was corporate IT, I ran Snow Leopard for a long time and never really had any trouble. By some miracle, I was able to upgrade to Mavericks, but SEP was not ready for that. It didn't give me much confidence that SEP would be able to detect the latest malware when they can't even see Apple OS updates coming and prepare for them. When SEP finally did function "properly" (i.e. not trying to scan Time Machine (twice) every time I backed up) it had a significant impact on performance. It was like my old Windows days again.

     

    I also have Knock-Knock, which scans for persistently installed items. Automatically links to VirusTotal.

     

    https://objective-see.com/products/knockknock.html

    Yes. I have heard of this. I thought it might have been abandoned, but it has recently been updated. There are a number of similar tools. The anti-malware category is starting to get crowded. The only thing I use for myself it Suspicious Package (http://www.mothersruin.com/software/SuspiciousPackage/).

  • by yesproductions,

    yesproductions yesproductions Nov 8, 2015 2:52 PM in response to yesproductions
    Level 1 (0 points)
    Nov 8, 2015 2:52 PM in response to yesproductions

    Thanks everyone for the great feedback!

    I ended up using Malwarebytes. Found a bunch of malware so it was definitely useful. Also, It was quick, easy and fixed the issues I was having.

     

    I know better now than to poke around on sketchy sites.

  • by ~Bee,

    ~Bee ~Bee Nov 8, 2015 6:26 PM in response to yesproductions
    Level 7 (31,792 points)
    Mac OS X
    Nov 8, 2015 6:26 PM in response to yesproductions

    Exactly!

    That's what 99% of us have been saying all along!

     

    Thanks everyone for the great feedback!

    I ended up using Malwarebytes. Found a bunch of malware so it was definitely useful. Also, It was quick, easy and fixed the issues I was having.

     

    So happy you're all sorted now.

     

Page 1 Next