Helpful Links Regarding Malware Problems
If you are having an immediate problem with ads popping up see The Safe Mac » Adware Removal Guide, remove adware that displays pop-up ads and graphics on your Mac, and AdwareMedic. If you require anti-virus protection Thomas Reed recommends using ClamXAV. (Thank you to Thomas Reed for this recommendation.) You might consider adding this Safari extensions: Adblock Plus 1.8.9.
Open Safari, select Preferences from the Safari menu. Click on Extensions icon in the toolbar. Disable all Extensions. If this stops your problem, then re-enable them one by one until the problem returns. Now remove that extension as it is causing the problem.
The following comes from user stevejobsfan0123. I have made minor changes to adapt to this presentation.
Fix Some Browser Pop-ups That Take Over Safari.
Common pop-ups include a message saying the government has seized your computer and you must pay to have it released (often called "Moneypak"), or a phony message saying that your computer has been infected, and you need to call a tech support number (sometimes claiming to be Apple) to get it resolved. First, understand that these pop-ups are not caused by a virus and your computer has not been affected. This "hijack" is limited to your web browser. Also understand that these messages are scams, so do not pay any money, call the listed number, or provide any personal information. This article will outline the solution to dismiss the pop-up.
Quit Safari
Usually, these pop-ups will not go away by either clicking "OK" or "Cancel." Furthermore, several menus in the menu bar may become disabled and show in gray, including the option to quit Safari. You will likely have to force quit Safari. To do this, press Command + option + esc, select Safari, and press Force Quit.
Relaunch Safari
If you relaunch Safari, the page will reopen. To prevent this from happening, hold down the 'Shift' key while opening Safari. This will prevent windows from the last time Safari was running from reopening.
This will not work in all cases. The shift key must be held at the right time, and in some cases, even if done correctly, the window reappears. In these circumstances, after force quitting Safari, turn off Wi-Fi or disconnect Ethernet, depending on how you connect to the Internet. Then relaunch Safari normally. It will try to reload the malicious webpage, but without a connection, it won't be able to. Navigate away from that page by entering a different URL, i.e. www.apple.com, and trying to load it. Now you can reconnect to the Internet, and the page you entered will appear rather than the malicious one.
. In the recent past, it was something called InstallerT, which I understand is some kind of ad-ware injection software and is most likely connected with URL sites not representing a "true" purpose, such as "Genio", or something like that. I have followed the recommendations found on this forum and have removed these infestations, but now I have found something else. I can't describe how it got onto my MacBook pro, but it has the names of "AppT", "MegaBackup", and "Oliverto", whatever they are. I did a little on-line research and found out that "MegaBackup" is a MicroSoft PC app and has no counterpart for the Mac OSX systems, so I assume that this is another "ad-ware virus" attempt at an invasion. I think I have removed these offending elements by simplily moving them to my Trash and choosing "Secure Delete". I would like to know if this is efficient or that I need to take additional steps. In the end, I find all this to be a bit tiresome, like getting telemarketer calls at the most inappropriate times. Thanks in advance...
