Malware assistance requested

I'm quite reticent to use third party software

So you should be. There is no need to download anything to solve this problem.

You may have installed one or more of the common types of ad-injection malware. Follow the instructions on this Apple Support page to remove it. It's been reported that some variants of the "VSearch" malware block access to the page. If that happens, start in safe mode by holding down the shift key at the startup chime, then try again.

Back up all data before making any changes.

One of the steps in the article is to remove malicious Safari extensions. Do the equivalent in the Chrome and Firefox browsers, if you use either of those. If Safari crashes on launch, skip that step and come back to it after you've done everything else.

If you don't find any of the files or extensions listed, or if removing them doesn't stop the ad injection, ask for further instructions.

Make sure you don't repeat the mistake that led you to install the malware. Chances are you got it from an Internet cesspit such as "Softonic," "CNET Download," or "SourceForge." Never visit any of those sites again. You might also have downloaded it from an ad in a page on some other site. The ad would probably have included a large green button labeled "Download" or "Download Now" in white letters. The button is designed to confuse people who intend to download something else on the same page. If you ever download a file that isn't obviously what you expected, delete it immediately.

Malware is also found on websites that traffic in pirated content such as video. If you, or anyone else who uses the computer, visit such sites and follow prompts to install software, you can expect more of the same, and worse, to follow. Never install any software that you downloaded from a bittorrent, or that was downloaded by someone else from an unknown source.

In the Security & Privacy pane of System Preferences, select the General tab. The radio button marked Anywhere should not be selected. If it is, click the lock icon to unlock the settings, then select one of the other buttons. After that, don't ignore a warning that you are about to run or install an application from an unknown developer.

Still in System Preferences, open the App Store or Software Update pane and check the box marked

Install system data files and security updates (OS X 10.10 or later)

or

Download updates automatically (OS X 10.9 or earlier)

if it's not already checked.

When you see a beachball cursor or the slowness is especially bad, note the exact time: hour, minute, second.

These instructions must be carried out as an administrator. If you have only one user account, you are the administrator.

Launch the Console application in any of the following ways:

☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)

☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.

☞ Open LaunchPad and start typing the name.

The title of the Console window should be All Messages. If it isn't, select

SYSTEM LOG QUERIES ▹ All Messages

from the log list on the left. If you don't see that list, select

View ▹ Show Log List

from the menu bar at the top of the screen.

Each message in the log begins with the date and time when it was entered. Scroll back to the time you noted above.

Select the messages entered from then until the end of the episode, or until they start to repeat, whichever comes first.

Copy the messages to the Clipboard by pressing the key combination command-C. Paste into a reply to this message by pressing command-V.

The log contains a vast amount of information, almost all of it useless for solving any particular problem. When posting a log extract, be selective. A few dozen lines are almost always more than enough.

Please don't indiscriminately dump thousands of lines from the log into this discussion.

Please don't post screenshots of log messages—post the text.

Some private information, such as your name, may appear in the log. Anonymize before posting.

When you post the log extract, you might see an error message on the web page: "You have included content in your post that is not permitted," or "The message contains invalid characters." That's a bug in the forum software. Please post the text on Pastebin, then post a link here to the page you created.

Myst00009 wrote:

I had created a guest login for her to use, but honestly I just didn't consider the effect that this could have on the system.

If she was only able to use a non-admin user account, she shouldn't have been able to do anything that would affect the whole system. Unless there was some point when she actually had access to and admin account, or if she were able to guess or locate an admin account password (if it were on a sticky note near the computer, for example), the only changes she would have been able to make would affect only the account you gave her to use.

Download a copy of EtreCheck:

http://etrecheck.com

It was created by a regular contributor here and is trustworthy. Run it and post a copy of the report it generates here. That will give us more information about what's going on with your system.