coolgbb

Q: I have malware on my system. I need an application to identify it and remove it. Does anyone have any ideas? The malware is redirecting safari to mybinarysystem.com.

I have malware on my system. I need an application to identify it and remove it. Does anyone have any ideas? The malware is redirecting safari to mybinarysystem.com and popup advertising how to become a millionaire.

I use onyx to try to remove stuff from browser history and cache but it doesn't work either. This is crazy I thought macs were immune to this stuff or provided support  in the OS that allows you to mitigate this stuff. I am one step away from erasing my hard drive and all my work is on this device so that's a whole day and I don't know to what extent my system has been compromised. This has me very nervous I am usually very careful and was never unable to remove malware from a windows machine.

MacBook Pro, OS X Mavericks (10.9), 13inch

Posted on Oct 1, 2014 6:48 AM

Close

Q: I have malware on my system. I need an application to identify it and remove it. Does anyone have any ideas? The malware is redire ... more

  • All replies
  • Helpful answers

  • by Ralph Landry1,

    Ralph Landry1 Oct 1, 2014 6:51 AM in response to coolgbb
    Level 8 (41,782 points)
    Oct 1, 2014 6:51 AM in response to coolgbb

    Go to Thomas Reed's site http://www.thesafemac.com and see his link to his AdwareMedic software, see if that will do the trick for you.  Tom also has additional help with removing malware.

  • by John Galt,

    John Galt John Galt Oct 1, 2014 7:01 AM in response to coolgbb
    Level 9 (50,369 points)
    Mac OS X
    Oct 1, 2014 7:01 AM in response to coolgbb

    You don't need OnyX to remove browser history or cache files, or anything else for that matter.


    From what you describe, you may have inadvertently installed adware. Eradicating it is simple and you don't have to download or install anything to fix it. For an explanation or how this may have occurred, how to avoid it in the future, and for one possible solution read How to install adware.


  • by coolgbb,

    coolgbb coolgbb Oct 1, 2014 8:19 AM in response to John Galt
    Level 1 (15 points)
    Notebooks
    Oct 1, 2014 8:19 AM in response to John Galt

    Hello guys,

    Thanks for the help but still at a lost. Tried both of the suggestions and both came up negative for the adware that is affecting me.

  • by John Galt,

    John Galt John Galt Oct 1, 2014 8:32 AM in response to coolgbb
    Level 9 (50,369 points)
    Mac OS X
    Oct 1, 2014 8:32 AM in response to coolgbb

    Please post a screenshot of the anomaly.


    Due to a bug associated with this support site, image attachments may or may not appear. Try it anyway.

     


     

    Screenshots (Mac):

     

    To take a screenshot hold ⌘ Shift 4 to create a selection crosshair. Click and hold while you drag the crosshair over the area you wish to capture and then release the mouse or trackpad. You will hear a "camera shutter" sound. This will deposit a screenshot named "Screen Shot...." followed by a date and time on your Desktop.

     

     

    When you post your response, click the "camera" icon above the text field:


    ccc1d9a6bbfa2bcd11f062bbf381272e.png

     

    This will display a dialog box which enables you to choose the screenshot file (remember it's on your Desktop) and click the Insert Imagebutton. If you are not using full screen mode you can simply drag the image into the text entry field.

     

    ⌘ Shift 4 and then pressing the space bar captures the frontmost window.

     

    ⌘ Shift 3 captures the entire screen.

     

    Don't capture or upload any information you consider personal. To edit an existing screenshot, read How to edit a screenshot.

     

    Drag the screenshot to the Trash after you post your reply.




  • by coolgbb,

    coolgbb coolgbb Oct 1, 2014 8:54 AM in response to John Galt
    Level 1 (15 points)
    Notebooks
    Oct 1, 2014 8:54 AM in response to John Galt

    Hello,

    This is one of the redirects I just got. The redirect change after a while and switch to different sites.

     

    Screen Shot 2014-10-01 at 11.46.27 AM.png

  • by John Galt,

    John Galt John Galt Oct 1, 2014 9:10 AM in response to coolgbb
    Level 9 (50,369 points)
    Mac OS X
    Oct 1, 2014 9:10 AM in response to coolgbb

    The next step will determine if the redirects are being caused by your MacBook Pro, or a device or service external to it.

     

    Shut down your Mac and then boot OS X Recovery: using two fingers hold both the and r keys while starting the Mac with a third finger. At the Mac OS X Utilities screen, select Get Help Online.

     

    Browse your usual websites and determine if the same redirects occur. Reply with your observations, then reboot normally.

  • by coolgbb,

    coolgbb coolgbb Oct 1, 2014 10:29 AM in response to John Galt
    Level 1 (15 points)
    Notebooks
    Oct 1, 2014 10:29 AM in response to John Galt

    Thanks John,

    I did that and was redirected again. I am still not convinced however that the issue is external to my mac somehow because I tried to access the same resource from a windows machine, while everything else(provider, wifi etc) remained the same. On booting to the recovery utility the settings for joining the network are not lost so I am not sure how that proves that the issue is external. I also changed my dns settings to opendns on my router.

  • by coolgbb,

    coolgbb coolgbb Oct 1, 2014 10:49 AM in response to coolgbb
    Level 1 (15 points)
    Notebooks
    Oct 1, 2014 10:49 AM in response to coolgbb

    So I am trying to access the resource now and what, the problem is not showing up now. Amazing!

  • by thomas_r.,

    thomas_r. thomas_r. Oct 2, 2014 11:49 AM in response to coolgbb
    Level 7 (30,944 points)
    Mac OS X
    Oct 2, 2014 11:49 AM in response to coolgbb

    coolgbb wrote:

     

    I did that and was redirected again.

     

    If you were redirected while in recovery mode, it's definitely not caused by anything on your Mac. In that state, your network settings are determined by the network hardware you're connecting to. Since you've changed to OpenDNS in your router and that's not fixing it, it's not a DNS issue. The only other options are a problem with one specific site (or a couple sites) that you're using or a problem with your network hardware. In the latter case, you'll need to troubleshoot that hardware, as it has probably been hacked. Resetting your wireless router and/or internet modem to factory settings may help, but not all hacks are that easily remedied. You'll need to consult with the manufacturer of the hardware, if you own it, or your internet service provider if you don't.

  • by Ralph Landry1,

    Ralph Landry1 Oct 2, 2014 12:22 PM in response to thomas_r.
    Level 8 (41,782 points)
    Oct 2, 2014 12:22 PM in response to thomas_r.

    Thomas, seePossible virus another user says thanks to you for your work and site...maybe I should just find a way to auto post your site since I refer to it so often

  • by thomas_r.,

    thomas_r. thomas_r. Oct 2, 2014 3:57 PM in response to Ralph Landry1
    Level 7 (30,944 points)
    Mac OS X
    Oct 2, 2014 3:57 PM in response to Ralph Landry1

     

     

    Thanks, Ralph!

  • by coolgbb,

    coolgbb coolgbb Oct 30, 2014 7:58 PM in response to thomas_r.
    Level 1 (15 points)
    Notebooks
    Oct 30, 2014 7:58 PM in response to thomas_r.

    Its been a while since I replied about this issue and I am truly grateful for all the help and advise I received. Thanks very much. However in conclusion to this redirecting issue what I ended up doing is installing the mcafee plugin http://www.siteadvisor.com/final/mac.html. All of the redirects stop after I did this. I am not really convinced that that is why it stop. I was really frantic about ending the redirects and I had loads of stuff to do so I was just glad it stopped when it did so I could continue my work.

    Mean while I have also upgraded to yosemite and I plan to some day son reformat my hard drive and give my mac a clean install. Thanks again.