Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: sarahevans100
sarahevans100 Author
User level: Level 1
0 points

Help with removal of malware

Hi all,

So the truth is I am anti-piracy but did turn a blind eye when my husband downloading a couple of things from a torrent site. Stupid really for a house that watches about 4 movies a year. But anyway - you've heard it before, we now have malware. I tried Adware medic, and it found nothing and have since read on this forum that its best to not install third party 'solutions', which I felt uncomfortable with anyway. Someone suggested our modem/router was corrupted, as the same pop ups were happening on our iphones, but only when accessing the internet via the home wifi (it doesn't happen when using the cellular network). Reformatting the modem did work for a while, so I thought that was the issue, but its back and no amount of reformatting will fix it.

The malware works by opening another tab in both safari and chrome when you click on links on a legit page. The new tab opens a range of ad sites, primarily for things like mac keeper, sportsbet and adcash - super annoying but at least its better than the ***** sites which were being inflicted on me the first time.

So of course, no more torrent sites will every be accessed from this house, but how do I get my lovely clean computer back? Other posts with a very similar sounding problem have been solved by Linc Davis using a technique to find the Vsearch trojan, and this may be my issue but under a different name as none of the previous pathways suggested bring anything up for me when I try and reveal in finder. Any suggested would be most appreciated! Computer is all back up.

MacBook Pro, OS X Mavericks (10.9.5)

Posted on Jun 30, 2015 1:26 AM

Reply
6 replies
User profile for user: WZZZ
WZZZ
User level: Level 6
13,220 points

Jun 30, 2015 5:45 AM in response to sarahevans100

Rather than going to all that trouble, I would get Sophos (free) and run a full scan of the drive. See if it finds what you allowed and remove it. (It may not find it, if it's something that is new and yet to be cataloged--probably unlikely--in which case you can then try Ogelthorpe's suggestion. If you want, after doing this, it can easily be uninstalled. It comes with an uninstaller, which you will see in the Applications folder.


It also sounds like adware. Run AdwareMedic. (Try this first, in fact).

Reply
User profile for user: thomas_r.
thomas_r.
User level: Level 7
31,989 points

Jun 30, 2015 6:18 AM in response to sarahevans100

sarahevans100 wrote:


I tried Adware medic, and it found nothing and have since read on this forum that its best to not install third party 'solutions', which I felt uncomfortable with anyway.


Care should always be taken with downloading third-party software. However, note that certain folks on these forums take that advice a bit too far. If you never download third-party apps, there are a lot of things you'll never be able to do with your computer... why buy it if you're not going to fully use it? There's nothing wrong with using AdwareMedic, but don't take my word for it; discuss it with an Apple support tech. They are familiar with the app and can advise you. They should be considered the authorities in the case of conflicting advice from strangers on a forum like this one.


All that said, in your case, it sounds like the issue is not something AdwareMedic can fix.


Someone suggested our modem/router was corrupted, as the same pop ups were happening on our iphones, but only when accessing the internet via the home wifi (it doesn't happen when using the cellular network). Reformatting the modem did work for a while, so I thought that was the issue, but its back and no amount of reformatting will fix it.


Yes, if the problem is happening on multiple devices, including iPhones, and only when connected to your home wifi, it's definitely a problem with your network. Further, the problem may not be fixable simply by resetting the network hardware to factory settings. Whether it does or not depends on the device. In some cases, additional steps may be needed to remove the malicious changes that have been made.


For more information on troubleshooting this, see:


http://www.adwaremedic.com/kb/hackedrouter.php


(Fair disclosure: I may receive compensation from links to my sites, TheSafeMac.com and AdwareMedic.com.)

Reply

Help with removal of malware

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up