Check for Malware on MacAir M1

Yes still valid way to check for Malware / Adware and so is Etrecheck

Suggest downloading the Application Etrecheck directly from a Trusted Developer and well Respected ASC Contributor. The application is free or paid from added features. Run the application with Full Disc Access ( Security & Privacy - Full Disc Access ). It will take a Snap Shot -  both the hardware and software. The Report will Not Reveal Any Personal Information. Post back the Full Report - copy and paste - using the Additional Text Icon ( 3rd Icon to last )

We can have a look at the report for possible issues and may have possible suggestions to resolve the issues.

My Option does not matter.

The fact that both will perform for the intended usage. That is all that matters and they are well crafted specifically for macOS.

Malwarebytes for Mac. or  Etrecheck  will both remove Malware and Adware. Both are direct links to Trusted Developer and well Respected ASC Contributor.

The fact one has to check for Malware / Adware is worrisome. There are no known Viruses in the wild that self replicate and affect macOS. There are Malware and Adware that does affect macOS and are often times downloaded as part of an Application from Third Party UnTrusted Site and get installed along with the Application.

Yes. Malwarebytes an excellent app. The free version is sufficient for most people and can be run occasionally when you suspect you might have picked up some adware or malware.

The same goes for Etrecheck. It's probably the best diagnostic tool we, as end users like yourself, have to evaluate the health of a Mac.

My Bad ;-(( forgot the link Suggest downloading the Application >>>> Etrecheck <<<<< directly from a Trusted Developer and well Respected ASC Contributor. The application is free or paid from added features. Run the application with Full Disc Access ( Security & Privacy - Full Disc Access ). It will take a Snap Shot -  both the hardware and software. The Report will Not Reveal Any Personal Information. Post back the Full Report - copy and paste - using the Additional Text Icon ( 3rd Icon to last )

The Etrecheck website is easy to find.

Please note that if you keep your OS ip to date and exercise sensible practices, you don’t need to run any antimalware programs. Your mac has very good built-in security.

Read up on this very informative post by a well respected member of the community

https://discussions.apple.com/docs/DOC-8841

“Popups and warnings”…

It would probably help if you could tell us what those said. In recent versions of macOS security has been heightened immensely. Many normal things require user to give explicit permission. The OS itself is read-only, which negates many opportunities for malware. Applications that are not digitally signed won’t run, by default.

This is just the built-in security and does not mean there is anything wrong.

I suggest the next time you see anything that you fear may be a problem you make a screenshot and post it here.

Tamlouie wrote:

So I clicked find in Finder and it showed a lot of icon/files. I could not delete the main Rapport Icon because it stated it was open. I was able to move all the other files in the bin to the trash, but can't remove the extensions because it states each are open.

Boot into Safe Mode according to Start up your Mac in safe mode - Apple Support and sdo the deleting from there. Then reboot normally.

NOTE: Safe Mode boot can take up to 10 minutes as it's doing the following; 

• Verifies your startup disk and attempts to repair directory issues, if needed

• Loads only required kernel extensions (prevents 3rd party kernel/extensions from loading)

• Prevents Startup Items and Login Items from opening automatically

• Disables user-installed fonts 

• Deletes font caches, kernel cache, and other system cache files

Yes Etrecheck only !

Tamlouie wrote:

Am I missing something?

No. It is not unusual for system modifications like this to be completely abandoned by their developer. Something that was so relentlessly pushed by banks and ISPs, such as this Trusteer software, is even more likely to be dropped and forgotten about, leaving many thousands of people in the lurch.

I'd like to uninstall Trusteer for sure.

From your EtreCheck report, it looks like Trusteer isn't actually running. In addition to being uninstallable, it is also broken. Go figure.

You can manually remove the files it installed. In the Finder, go to the Go menu and choose Go to folder. Then, in the Go to the folder window, enter one of the file names below and click the Go button. This will open a Finder window with the file selected. Drag the file to the trash. Repeat for the next file.

/Library/LaunchDaemons/com.trusteer.rooks.rooksd.plist

/Library/LaunchAgents/com.trusteer.rapport.rapportd.plist

You also have these two Safari extensions installed. You can remove these inside Safari itself. Choose Preferences from the Safari menu and click on the Extensions tab. If these files don't appear, then just ignore them. They may be so old and broken that Safari has already ignored them.

Rapport Content Blocker

Rapport Extension

The designation of Trusted Developer, perhaps @ Luis. S or @ Etresoft can jump in to correct me where I am incorrect.

Trusted Developer means the developer has applied to Apple for a Developers Licence that has special requirements and must be approve by Apple. Once Approved by Apple and Digital Certificate is issued by Apple for the Developer to include this with the Software.

P. Phillips wrote:

The designation of Trusted Developer, perhaps @ Luis. S or @ Etresoft can jump in to correct me where I am incorrect.

Trusted Developer means the developer has applied to Apple for a Developers Licence that has special requirements and must be approve by Apple. Once Approved by Apple and Digital Certificate is issued by Apple for the Developer to include this with the Software.

I'm afraid there is no official definition of a "Trusted Developer" from Apple. Anyone with a credit card that has $100 available can open an Apple developer account and write software. Apple has some automated routines to check software being published and make sure it isn't malware. Apple's App Stores have significant technical restrictions with the goal of limiting the damage that a malicious or buggy app could do. And finally, Apple has a manual "App Review" process for apps in its App Stores. For apps that aren't in the App Store, there is only a basic anti-malware scan. That doesn't mean that apps that aren't in the App Store are untrustworthy. I can assure you that Apple never, ever "trusts" a 3rd party developer.

I wrote a User Tip on How to spot fake apps, junk apps, scam apps, and abandoned apps. There are instruction there on how to tell if a developer is a scammer or has stopped supporting an app. Unfortunately, there are some developers who tick all the boxes for trustworthiness, but are just highly successful scammers.