virus not detected by adwaremedic

Can you supply a screen shot of that trouble shooting message?

Ciao.

Most often BitTorrent, iCloud, Dropbox, or some other cloud-data application is involved in cases of mysterious bandwidth use by a Mac. If you use iCloud, uncheck at least iCloud Drive in its preference pane and see whether there's any change. If you use third-party network backup or file-sync software, disable that. If you use a torrent client, remove it.

Otherwise, if you're running OS X 10.9 or later, you can see which processes are most active on the network.

Launch the Activity Monitor application in any of the following ways:

☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)

☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.

☞ Open LaunchPad and start typing the name.

Select All Processes from the View menu, if not already selected, and also select the Network tab.

Click the heading of the Sent Bytes column in the process table to sort the entries by bandwidth usage. You may have to click it twice to get the highest value at the top. What is it, and what is the process? Repeat with the Rcvd Bytes column.

hollybeck27 wrote:

I recently clicked on what appeared to be a .pdf file attachment in an email that instead opened up a browser tab that didn't load any content. I realized when the browser tab opened that something was wrong.

Do you still have a copy of the e-mail message? If you have already deleted it, and it is no longer in your Trash mailbox, does your father still have a copy of that message?

If you can come up with a copy of the message somehow, and can forward it to me (thomas at thesafemac.com), I'll look at at and let you know what the attachment is and whether you need to be concerned about opening it.

If you're unsure about sending a stranger online an e-mail message, see my site:

http://www.thesafemac.com/

I'm a security researcher, and looking at stuff like this is what I do.

(Fair disclosure: I may receive compensation from links to my sites, TheSafeMac.com and AdwareMedic.com.)

You may be able to reduce your bandwidth consumption by taking some or all of the steps below.

Open the Spotlight pane in System Preferences and select the Search Results tab. Uncheck the boxes marked as follows:

Bing Web Searches

Allow Spotlight Suggestions in Spotlight and Look up

In the iCloud preference pane, uncheck the box marked Safari.

From the Safari menu bar, select

Safari ▹ Preferences...

and select the Search tab in the window that opens. Uncheck these boxes:

Include Spotlight Suggestions

Enable Quick Website Search

Preload Top Hit in the background

hollybeck27 wrote:

i found the email and forwarded it to you. thanks

Got it. Just for the edification of everyone else trying to help solve the problem, I'll copy my response here:

Those aren't actually attachments, they're links to something on some website. What they link to, I'm not sure... either they are no longer working, or they are set to only work under specific conditions (for example, within the country that the scam is meant to be used in). All I get when I visit those links is a blank page. If I'm understanding you correctly, that's also what happened for you.

There's no known way at this time for anything malicious to be installed on your computer just by visiting a website. As long as clicking these links didn't result in something being downloaded, or if it did you didn't open whatever was downloaded, this cannot affect you in any way, and is not the cause of the subsequent problems.

As far as those subsequent problems are concerned, I'd recommend downloading a copy of EtreCheck:

http://etresoft.com/etrecheck

Run that and then post the report it generates here. (You can also send it to me if you like, but you'll get more eyes looking at it by posting here.)

I don't really see anything concerning in that report.

Looking at the Network tab in Activity Monitor (found in the Utilities folder in your Applications folder), do you see any really high Sent or Received (Rcvd) numbers for any processes? If not, do you have any Windows or Android devices also connecting to your network? Is your wireless network locked down with a password, or is it wide open for anyone to connect to?