Apple Intelligence now features Image Playground, Genmoji, Writing Tools enhancements, seamless support for ChatGPT, and visual intelligence.

Apple Intelligence has also begun language expansion with localized English support for Australia, Canada, Ireland, New Zealand, South Africa, and the U.K. Learn more >

You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Deleting Malware called AMC

There is an application that piggybacked on a video viewer I foolishly allowed to update itself called AMC or Advanced Mac Cleaner which throws up constant pop up ads that I don't want. Not making any legal representations about their product or their company. I just don't want it and I don't want their ads and their marketing strategy is, to put it mildly, rancid.


I am unable to 'trash' the AMC application. The system tells me it can't be deleted because it's open.


refer also to this thread which for some reason I couldn't post in.


need more disk space

Mac mini, OS X Mountain Lion (10.8.3)

Posted on Dec 27, 2015 4:31 PM

Reply
Question marked as Top-ranking reply
8 replies

Dec 28, 2015 8:37 AM in response to doktor_zaius

First, never use any kind of "anti-virus" or "anti-malware" software on a Mac. That's how you create problems, not how you solve them.

You installed a fake "utility" called "Advanced Mac Cleaner." Like any software that purports to automatically "clean up" or "speed up" a Mac, it's a scam, and some variants of it are ad-injection malware.

To remove it, please take the steps below. Some of the files listed may be absent in your case. Back up all data before proceeding.

Malware is always changing to get around the defenses against it. This procedure works as of now, as far as I know. It may not work in the future. Anyone finding this comment a few days or more after it was posted should look for a more recent discussion, or start a new one.

If you paid for the software with a credit card, consider reporting the charge to the bank as fraudulent.

Step 1

Triple-click anywhere in the line below on this page to select it:

~/Library/LaunchAgents

Right-click or control-click the highlighted line and select

Services Open

from the contextual menu.* A folder named "LaunchAgents" may open. If it does, look inside it for files with a name that begins in either of these ways:

com.pcv.

com.WebShoppy

Move any such file to the Trash.

*If you don't see the contextual menu item, copy the selected text to the Clipboard by pressing the key combination command-C. In the Finder, select

Go Go to Folder...

from the menu bar and paste into the box that opens by pressing command-V. You may not see what you pasted because a line break is included. Press return.

Step 2

Open this folder as in Step 1:

/Library/LaunchAgents

Inside it there may be one or more files with a name beginning in

com.WebTools

If so, move those files, and only those, to the Trash. You may be prompted for your administrator login password.

Don't delete the LaunchAgents folder or anything else inside it.

Log out or restart the computer.

Step 3

Open the Applications folder and move an item named "Advanced Mac Cleaner" (if it's present) to the Trash. Also remove any items with a name such as "Shoppy" or "WebShoppy." Empty the Trash.

Step 4

In the Extensions tab of the Safari preferences window, uninstall an extension named "XSearch" if it's present. Also remove any other extensions that you don't know you need. If in doubt, remove all of them. None is required for normal operation. You may have to do the equivalent in the Chrome and Firefox browsers, if you use either of those.

Step 5

The malware is now permanently inactivated, provided that you don't reinstall it. This step is optional.

Delete the following items, if they exist, as in Step 1:

/Library/Application Support/amc

~/Library/AdvancedMacCleaner

~/Library/Application Support/WebTools

There's no need to log out or restart after taking this step.

The problem may have started when you downloaded something, such as the application "FileZilla," from the "Sourceforge" website or some other Internet cesspit. Never visit that site again. All software should be downloaded only from the developer's website or from the Mac App Store, if applicable.

Dec 28, 2015 3:15 PM in response to doktor_zaius

Your question brings up the subject of removing adware. This is a general comment on that subject.

Under no circumstances should you ever allow anti-virus software to delete something for you.

The only tools that anyone needs to detect and remove adware are the Finder and a web browser, both of which you already have. Anyone who has enough computer skill to install adware can just as well remove it without using anything else.

Apple's general statements about malware protection are here and here, and here are its instructions for removing the most common types of ad-injection malware. Those statements don't mention any third-party "anti-virus" or "anti-malware" product. Apple's method for removing adware involves, as I say, only the Finder and a web browser.

You become infected with malware by downloading unknown software without doing research to determine whether it's safe. If you keep making that mistake, the same, and worse, will keep happening, and no anti-malware will rescue you. The only safety lies in safe computing practices.

The Windows/Android anti-malware industry had more than $75 billion in sales in 2014 [source: Gartner, Inc.] Its marketing strategy is to convince people that they're helpless against malware attack unless they use its products. But with all that anti-malware, the Windows and Android platforms are still infested with malware—most of it far more harmful than mere adware. The same can be expected to happen to the Mac platform if its users trust the same industry to protect them, instead of protecting themselves.

You are not helpless, and you don't have to give full control of your computer—and your data—to strangers in order to be rid of adware.

These are generalities. Regarding the "malwarebytes" product in particular, you may be told that there are no reports that is has caused damage. In fact, there are such reports; for example:

I found malware or adware on my system the other day. I removed it with Maleware Bytes and since then Safari has not worked proper at all.

preferences pane will not load

Read that report and draw your own conclusions—not anyone else's conclusions.

The developer itself admitted that the Windows version of the product has been known to delete essential system files.

Whether the software damages the system or not, it prompts for your password in order to take full adminstrative control, and connects via the Internet to a server controlled by the developer. The developer's privacy policy, linked directly to the product page, reads in part as follows:

"Without limiting the Privacy Policy, you agree that Malwarebytes may track certain data it obtains from your Computer including data about any malicious software or other threats flagged by the Software, data about your license, data about what version of the Software you are using and what operating conditions it runs under and data concerning your geographic location."

(Emphasis added.) So the developer admits to tracking your location, as well as other unspecified data, and gives itself the legal right to collect any data it chooses. How it uses that right, you don't know. By running the software, you accept these terms.

It's sometimes said that the Malwarebytes product only removes adware rather than malware as such (if there's a difference), and that it therefore shouldn't be stigmatized as anti-malware. The developer's own description does distinguish between adware and malware, and specifically mentions removing malware as a selling point six times. A self-described employee of the developer wrote in an ASC discussion, "Actually, it's also a malware removal app..." (emphasis added.)

The question then is: as a security-conscious computer user, do you want to take risks where there is no benefit?

Dec 28, 2015 5:13 PM in response to WZZZ

WZZZ said : "Malwarebytes anti-malware for Macwill not create any problems. It is safe and effective, recommended by Apple support techs. What may create problems instead of solving them is mucking around in files that are unfamiliar to you by following convoluted instructions from some anonymous user who happens to post here."


Somehow, this post shows that I clicked it as " This helped me ". That's not the case. I'm trying to decide for myself what the proper course of action is for the subject matter.


(Will a moderator please remove, ishrugged's , "This helped me", tick? Thank you.)

Dec 29, 2015 10:27 AM in response to ishrugged

The proper course of action is not to mess around with system files that could cause damage or at least not solve your problem if removed incorrectly, and download a widely-used program to take care of it for you. You can do a search on these forums for MalwareBytes if you don't trust it, and you will find many success stories, and only one or two posters (who haven't tried it) railing against it for unknown reasons.

Dec 29, 2015 10:37 AM in response to ishrugged

Somehow, this post shows that I clicked it as " This helped me ". That's not the case. I'm trying to decide for myself what the proper course of action is for the subject matter.


(Will a moderator please remove, ishrugged's , "This helped me", tick? Thank you.)

Even the hosts can't change a Solved or Helpful mark. You may not have clicked on "This helped me" at all. Before, only the person who started a topic could mark any post as Solved or Helpful. In a somewhat recent update to Jive (the software these forums run on), anyone can click "This helped me". After a certain number of clicks (five, I think), that post will be awarded a Helpful star even without the OP (Original Poster) touching it.

Dec 30, 2015 7:34 AM in response to WZZZ

The boilerplate posted by Mr. Davis, which begins "...Your question brings up the subject of removing adware...." is replete with misrepresentations, unsubstantiated or false inferences, and many inaccuracies regarding Malwarebytes anti-malware for Mac.


--preferences pane will not load PLEASE READ THROUGH THE ENTIRE LINKED THREAD, where it will become clear that MBAM could not possibly have been responsible for this user's issue. Believing that MBAM is responsible for this user's issue is like saying that the sounding of a car horn just at the moment of a thunderclap is responsible for the thunderclap. Nonsense.


>>"Apple's general statements about malware protection are here and here, and here are its instructions for removing the most common types of ad-injection malware. Those statements don't mention any third-party "anti-virus" or "anti-malware" product. Apple's method for removing adware involves, as I say, only the Finder and a web browser."


First, Apple may not mention the use of any third party to remove adware, but neither do they say that such a program should not be used. They do say that, in general, one should only download and run "trusted" programs. MBAM has been used countless times with no adverse effects. It is overwhelmingly recommended by high level contributors to this site, ASC, as well as having garnered overwhelmingly positive reviews wherever it is mentioned. In fact, it is well known that many Apple support technicians recommend it in telephone support conversations or in Apple Stores.


In addition, Apple's instructions for adware removal are out of date. The article linked above by this poster is dated August 2015. Adware is constantly changing, and MBAM keeps abreast of those changes. Apple does not.


>> "The developer itself admitted that the Windows version of the product has been known to delete essential system files."


First, this is totally irrelevant. MBAM, a separate program, may be under the umbrella of Malwarebytes, but it is developed and updated by Thomas Reed. Malwarebytes also has a product for Windows (by the way, highly recommended among all the various A-V programs for Windows), and it should be noted that the problem linked by this poster was reported in APRIL 2013. It was a single incident and long ago resolved. And, to repeat, this is totally irrelevant to anything about the Mac version, WHICH IS WHAT WE ARE DISCUSSING HERE.


>>Whether the software damages the system or not, it prompts for your password in order to take full adminstrative control, and connects via the Internet to a server controlled by the developer. The developer's privacy policy, linked directly to the product page, reads in part as follows:

ALL THIS IS TOTAL NONSENSE: First, I just removed every single file from MBAM and created a fresh installation. The only time I was prompted for my password was to move the application into the Applications folder. THIS IS NORMAL APPLE PROCEDURE FOR MOVING ANY APPLICATION IN TO ONES APPLICATION FOLDER. IN NO WAY DID I GRANT FULL ADMINISTRATIVE CONTROL TO THE PROGRAM. BY GIVING MY ADMIN PASSWORD, WHAT I DID WAS TO GRANT PERMISSION TO MY SYSTEM TO ALLOW MY APPLICATIONS FOLDER TO INSTALL THE PROGRAM. NOTHING MORE.


Next, re. MBAM's privacy policy, here is the full section regarding collection of data from the EULA to which I had to agree. Please take note of the underlined and bolded. It is clear that data is collected only to be used with regard to increasing the effectiveness of the program. MBAM does not compromise my privacy. I am extremely privacy and security conscious. If there were any possibility that my privacy was being compromised by this program, I wouldn't allow it within a thousand miles of my computer.


7. Privacy Policy. By entering into this Agreement you agree to the terms of Malwarebytes’ privacy policy, which can be found at https://www.malwarebytes.org/privacy/ (as may be updated from time to time, the “Privacy Policy”). More information concerning what data is collected and used by Malwarebytes and how it is used is available in the Privacy Policy. Without limiting the Privacy Policy, you agree that Malwarebytes may track certain data it obtains from your Device, including data about any malicious software, exploits or other threats flagged by the Software (including but not limited to potential sources of such threats, such as payload files, file format and recent URL’s visited), data about your license, data about what version of the Software you are using and what operating conditions it runs under and data concerning your geographic location. This information is collected and used for the purpose of tracking malicious software, exploits and other threats, and evaluating and improving Malwarebytes’ products and services. We may share data relating to malicious software, exploits or other threats flagged by the Software with third parties. In the event that any user who operates the Software as permitted under this Agreement (including, if you are a Malwarebytes for Business customer, your Authorized Users) makes a complaint or claim based on the tracking or collection of data in accordance with this Section 6, you agree that you are solely responsible for addressing any such complaints or claims.

Here is a full explanation of MBAM's privacy policy.

It begins:

We believe you have the right to a malware-free existence. We also believe just as strongly that you have the right to privacy. That's why we support (and contribute to) the Electronic Frontier Foundation (EFF) and other organizations devoted to protecting online privacy. This fundamental belief shapes our privacy policy below.

>>The developer's own description does distinguish between adware and malware, and specifically mentions removing malware as a selling point six times. A self-described employee of the developer wrote in an ASC discussion, "Actually, it's also a malware removal app..." (emphasis added.)

This is a completely out of date remark created to disparage any kind of anti-malware program, especially those that do on-access scanning, which MBAM does not, or which make system modifications, which MBAM does not. It is only a post-infection scanner. The program started its life solely as adware removal. It now scans for keyloggers, known malware, and potentially unwanted programs, like the nefarious MacKeeper. WHAT'S WRONG WITH THAT??? Why wouldn't anyone want to know about other kinds of infections besides adware? It does not remove anything on its own. You have the final choice as to what to remove. The only possible problem with MBAM might be if someone, thinking that it makes them bullet proof, allows it to let them become complacent about what sites they visit, or what they download. And no anti-malware program can scan for or remove malware until it's known and cataloged.


>>The question then is: as a security-conscious computer user, do you want to take risks where there is no benefit?


This comment is preposterous. As already explained, there are no privacy or security downsides to using MBAM. NO BENEFIT??? How can it be said that a program for removal of various kinds of infections, including the ubiquitous and increasing presence of adware, to which Macs are vulnerable, and overwhelmingly applauded by so many, including even Apple Support reps, has no benefit?


Finally, the poster responsible for this boilerplate has, by self-admission, never tested MBAM on his own system in order to determine if anything he says is true. Besides that, this is in violation of the Terms of Use of ASC.


5. Test your answer. When possible, make sure your Submission works on your own computer before you post it.

When possible: Clearly, there is no reason why this poster is unable to do this.

Deleting Malware called AMC

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.