Hello,
I guess I have a virus on my macbook air. When I start Safari, it opens with an normal 'site/page' than it normally does. Also while p.e. I click on google so it starts to go to load, in the tool balk are weird descriptions. I see everywhere to just reset Safari, but that isn't possible.
I really hope someone could help me!
MacBook Air, iOS 9.2.1
No you don't, there are no viruses for Macs.
Download this (etrecheck) and run it, post the report here so we can see what is on your Mac
thanks, is this what you need?
EtreCheck version: 2.9.4 (254)
Report generated 2016-02-17 18:52:05
Download EtreCheck from http://etrecheck.com
Runtime 1:55
Performance: Excellent
Click the [Support] links for help with non-Apple products.
Click the [Details] links for more information about that line.
Click the [Remove] links to remove adware.
Click the [Check files] link for help with unknown files.
Problem: Other problem
Description:
safari
Hardware Information:ⓘ
MacBook Air (13-inch, Early 2015)
[Technical Specifications] - [User Guide] - [Warranty & Service]
MacBook Air - model: MacBookAir7,2
1 1.6 GHz Intel Core i5 CPU: 2-core
4 GB RAM Not upgradeable
BANK 0/DIMM0
2 GB DDR3 1600 MHz ok
BANK 1/DIMM0
2 GB DDR3 1600 MHz ok
Bluetooth: Good - Handoff/Airdrop2 supported
Wireless: en0: 802.11 a/b/g/n/ac
Battery: Health = Normal - Cycle count = 55
Video Information:ⓘ
Intel HD Graphics 6000
Color LCD 1440 x 900
System Software:ⓘ
OS X Yosemite 10.10.5 (14F1605) - Time since boot: about one hour
Disk Information:ⓘ
APPLE SSD SM0128G disk0 : (121,33 GB) (Solid State - TRIM: Yes)
EFI (disk0s1) <not mounted> : 210 MB
Recovery HD (disk0s3) <not mounted> [Recovery]: 650 MB
Macintosh HD (disk1) / : 120.11 GB (52.82 GB free)
Encrypted AES-XTS Unlocked
Core Storage: disk0s2 120.47 GB Online
USB Information:ⓘ
Apple Internal Memory Card Reader
Apple Inc. BRCM20702 Hub
Apple Inc. Bluetooth USB Host Controller
Thunderbolt Information:ⓘ
Apple Inc. thunderbolt_bus
Gatekeeper:ⓘ
Mac App Store and identified developers
Adware:ⓘ
/Library/LaunchAgents/com.SoftwareUpdater.agent.plist
~/Library/Application Support/Perfetnight
~/Library/LaunchAgents/Perfetnight.AppVemoral.plist
~/Library/LaunchAgents/Perfetnight.btvlit.plist
~/Library/LaunchAgents/Perfetnight.dolnwoad.plist
~/Library/LaunchAgents/Perfetnight.uadpte.plist
~/Library/LaunchAgents/com.SoftwareUpdater.agent.plist
7 adware files found. [Remove]
Unknown Files:ⓘ
/Library/LaunchAgents/com.EasyShopper.agent.plist
/Library/LaunchAgents/com.SoftwareUpdater.agent.plist
/Library/LaunchAgents/com.animalculinemusculoligamentous.agent.plist
/Library/LaunchAgents/com.praecava.agent.plist
/Library/LaunchDaemons/com.animalculinemusculoligamentous.daemon.plist
/Library/LaunchDaemons/com.animalculinemusculoligamentous.helper.plist
/Library/LaunchDaemons/com.praecava.daemon.plist
/Library/LaunchDaemons/com.praecava.helper.plist
~/Library/LaunchAgents/com.EasyShopper.agent.plist
~/Library/LaunchAgents/com.SoftwareUpdater.agent.plist
10 unknown files found. [Check files]
System Launch Agents:ⓘ
[loaded] 147 Apple tasks
[running] 65 Apple tasks
System Launch Daemons:ⓘ
[loaded] 182 Apple tasks
[running] 79 Apple tasks
Launch Agents:ⓘ
[failed] com.EasyShopper.agent.plist (2016-02-17) [Support] [Details]
[failed] com.SoftwareUpdater.agent.plist (2016-02-17) [Support] [Details]
[failed] com.animalculinemusculoligamentous.agent.plist (2015-11-22) [Support] [Details]
[failed] com.praecava.agent.plist (2015-11-22) [Support] [Details]
Launch Daemons:ⓘ
[loaded] com.adobe.fpsaud.plist (2016-01-29) [Support]
[loaded] com.animalculinemusculoligamentous.daemon.plist (2015-11-22) [Support]
[failed] com.animalculinemusculoligamentous.helper.plist (2015-11-22) [Support] [Details]
[loaded] com.ea.origin.ESHelper.plist (2015-10-30) [Support]
[running] com.mackeeper.MacKeeper.plugin.AntiTheft.daemon.plist (2015-11-22) [Support]
[loaded] com.microsoft.office.licensingV2.helper.plist (2015-12-06) [Support]
[loaded] com.praecava.daemon.plist (2015-11-22) [Support]
[failed] com.praecava.helper.plist (2015-11-22) [Support] [Details]
User Launch Agents:ⓘ
[loaded] Perfetnight.AppVemoral.plist (2016-02-17) Adware! [Remove]
~/Library/Application Support/Perfetnight/Perfetnight.app/Contents/MacOS/AppEH
[loaded] Perfetnight.btvlit.plist (2016-02-17) Adware! [Remove]
~/Library/Application Support/Perfetnight/Perfetnight.app/Contents/MacOS/AppEH
[loaded] Perfetnight.dolnwoad.plist (2016-02-17) Adware! [Remove]
~/Library/Application Support/Perfetnight/Perfetnight.app/Contents/MacOS/AppEH
[loaded] Perfetnight.uadpte.plist (2016-02-17) Adware! [Remove]
~/Library/Application Support/Perfetnight/Perfetnight.app/Contents/MacOS/AppEH
[failed] com.EasyShopper.agent.plist (2016-02-17) [Support] [Details]
[failed] com.SoftwareUpdater.agent.plist (2016-02-17) [Support] [Details]
[loaded] com.bittorrent.uTorrent.plist (2016-02-10) [Support]
[loaded] com.google.keystone.agent.plist (2015-12-15) [Support]
[failed] com.jdibackup.ZipCloud.autostart.plist (2016-02-17) [Support] [Details]
[failed] com.jdibackup.ZipCloud.notify.plist (2016-02-17) [Support] [Details]
[running] com.pcv.hlpramcn.plist (2016-02-17) [Support]
[running] com.spotify.webhelper.plist (2016-02-17) [Support]
User Login Items:ⓘ
None
Other Apps:ⓘ
[running] com.apple.xpc.launchd.oneshot.0x10000002.Google Chrome (2016-02-11)
[running] com.apple.xpc.launchd.oneshot.0x10000003.App Cleaner (2015-12-16)
[running] com.apple.xpc.launchd.oneshot.0x1000000a.Spotify (2015-12-09)
[running] com.apple.xpc.launchd.oneshot.0x1000000b.uTorrent (2015-11-12)
[running] com.apple.xpc.launchd.oneshot.0x10000011.EtreCheck (2016-02-14)
Internet Plug-ins:ⓘ
Silverlight: 5.1.41212.0 - SDK 10.6 (2016-02-15) [Support]
FlashPlayer-10.6: 20.0.0.306 - SDK 10.6 (2016-02-10) [Support]
QuickTime Plugin: 7.7.3 (2016-02-17)
Flash Player: 20.0.0.306 - SDK 10.6 (2016-02-10) [Support]
Default Browser: 600 - SDK 10.10 (2015-07-17)
Safari Extensions:ⓘ
1Password (2016-02-15)
AdBlock (2015-11-24)
OneNote Clipper (2016-02-15)
Perfetnight (2016-02-17)
3rd Party Preference Panes:ⓘ
Flash Player (2016-01-29) [Support]
Time Machine:ⓘ
Time Machine not configured!
Top Processes by CPU:ⓘ
15% WindowServer
3% fontd
2% kernel_task
0% Dock
0% cloudpaird
Top Processes by Memory:ⓘ
733 MB com.apple.WebKit.WebContent(5)
554 MB kernel_task
221 MB Safari
127 MB Google Chrome Helper(2)
123 MB Google Chrome
Virtual Memory Information:ⓘ
56 MB Free RAM
3.94 GB Used RAM (859 MB Cached)
0 B Swap Used
Diagnostics Information:ⓘ
Feb 17, 2016, 05:42:50 PM Self test - passed
Feb 15, 2016, 07:39:23 PM ~/Library/Logs/DiagnosticReports/nwjs Helper_2016-02-15-193923_[redacted].crash
io.nwjs.nw.helper - /Volumes/VOLUME/Popcorn Time Community.app/Contents/Frameworks/nwjs Helper.app/Contents/MacOS/nwjs Helper
You may have installed ad-injection malware ("adware").
Don't use any kind of "anti-virus" or "anti-malware" product on a Mac. There is never a need for it, and relying on it for protection makes you more vulnerable to attack, not less.
Some of the most common types of adware can be removed by following Apple's instructions.
If you're not already running the latest version of OS X ("El Capitan"), updating or upgrading in the App Store may cause the adware to be removed automatically. Back up all data before taking that step. If you're already running the latest version of El Capitan, you can nevertheless download the current updater from the Apple Support Downloads page and run it. Again, some kinds of malware will be removed. That may be all you need to do as far as removal is concerned, but you'll still need to make changes to the way you use the computer to protect yourself from further attacks.
If the above steps don't work for you, see below.
This easy procedure will detect any kind of adware that I know of. Deactivating it is a separate, and even easier, procedure.
Some legitimate software is ad-supported and may display ads in its own windows or in a web browser while it's running. That's not malware and it may not show up. Also, some websites carry intrusive popup ads that may be mistaken for adware.
If none of your web browsers is working well enough to carry out these instructions, restart the computer in safe mode. That will disable the malware temporarily.
Step 1
Please triple-click the line below on this page to select it, then copy the text to the Clipboard by pressing the key combination command-C:
~/Library/LaunchAgents
In the Finder, select
Go ▹ Go to Folder...
from the menu bar and paste into the box that opens by pressing command-V. Press return. Either a folder named "LaunchAgents" will open, or you'll get a notice that the folder can't be found. If the folder isn't found, go to the next step.
If the folder does open, press the key combination command-2 to select list view, if it's not already selected. Please don't skip this step.
There should be a column in the Finder window headed Date Modified. Click that heading twice to sort the contents by date with the newest at the top. If necessary, enlarge the window so that all of the contents are showing.
Follow the instructions in this support article under the heading "Take a screenshot of a window." An image file with a name beginning in "Screen Shot" should be saved to the Desktop. Open the screenshot and make sure it's readable. If not, capture a smaller part of the screen showing only what needs to be shown.
Start a reply to this message. Drag the image file into the editing window to upload it. You can also include text in the reply.
Leave the folder open for now.
Step 2
Do as in Step 1 with this line:
/Library/LaunchAgents
The folder that may open will have the same name, but is not the same, as the one in Step 1. As in that step, the folder may not exist.
Step 3
Repeat with this line:
/Library/LaunchDaemons
This time the folder will be named "LaunchDaemons."
Step 4
Open the Safari preferences window and select the Extensions tab. If any extensions are listed, post a screenshot. If there are no extensions, or if you can't launch Safari, skip this step.
Step 5
If you use the Firefox or Chrome browser, open its extension list and do as in Step 4.
Uninstall MacKeeper. In all likelihood it is causing the problems that you think are being caused by a virus.
You have a bunch of adware on your Mac. To remove it download at https://www.malwarebytes.org/mac-download/
My Macbook Aire 13 inch 2012 has suddenly developped a problem with Safari. When I open Safari a small pge appears which says
"due to a third party application your operating system is crached.
Contact support for immediate help and then a 1-888 number
If I click the blue OK panel there is a loud noise and the message repeats.
That is a spam message.
Try force quitting Safari and then restarting Safari with the Shift key depressed.
Simply force quit Safari, then restart Safari while holding the shift key.
Rebecca,
You have a LOT of adware installed on your computer. Malwarebytes Anti-Malware for Mac can help you get rid of that, as Allan has indicated.
However, there's one component of one piece of adware you have that I have yet to get my hands on, and I'd like to see a copy for analysis, if you don't mind. If you're willing to provide a copy of that sample, please e-mail me at treed at malwarebytes dot org. (Sorry to obfuscate the address like that, just don't want the spam bots finding it.)
If you're not willing, no worries, I'm sure I'll find a copy soon.
Thomas Reed
Director of Mac Offerings, Malwarebytes
@Hi everyone! I am new to this but I encountered the same problem and it seems like the malware or adware is something called EasyShopper... I don't know how to remove it I followed Linc Davis's instructions and found the name. Below I have attached what the name is and if any of you could help me get rid of it I will greatly appreciate it.
Did you try using Malwarebytes?
Malwarebytes Anti-Malware for Mac 10.8 and later
What should I do if Malwarebytes Anti-Malware for Mac didn't solve my problem?
Thanks! That actually took care of the problem!
You are welcome.
Hi, my problem is "ABOUT BLANK" in safari. Thank you for your help.
A
You may have installed a Safari extension called "AdBlock Plus." If so, please disable it in the Extensions pane of the Safari preferences window and test. If the problem is resolved, uninstall the extension, or refer to its developer for support or an update.
If you're using the Chrome or Firefox browser, do the equivalent in its settings.
B
"CleanMyMac" is a scam and a common cause of instability and poor performance. Depending on what version you have, the developer's instructions may not completely remove it. Please follow those instructions, then do as below.
Back up all data before proceeding.
Triple-click anywhere in the line below on this page to select it:
/Library/LaunchDaemons/com.macpaw.CleanMyMac3.Agent.plist
Right-click or control-click the highlighted line and select
Services ▹ Reveal in Finder (or just Reveal)
from the contextual menu.* A folder may open with an item selected. If it does, move the selected item to the Trash. You may be prompted for your administrator login password.
Repeat with this line:
/Library/PrivilegedHelperTools/com.macpaw.CleanMyMac3.Agent
Restart the computer and empty the Trash.
You may also have to remove one or more of these items in the same way:
~/Library/LaunchAgents/com.macpaw.CleanMyMac.helperTool.plist
~/Library/LaunchAgents/com.macpaw.CleanMyMac.volumeWatcher.plist
~/Library/LaunchAgents/com.macpaw.CleanMyMac3.Scheduler.plist
Never again install "CleanMyMac" or anything like it.
*If you don't see the contextual menu item, copy the selected text to the Clipboard by pressing the key combination command-C. In the Finder, select
Go ▹ Go to Folder...
from the menu bar and paste into the box that opens by pressing command-V. You may not see what you pasted because a line break is included. Press return.
hi this fixed my problem on my macbook pro with loadoages problem on safari and google chrome which bothers me so much thank you may God bless you 😀
Virus on 'safari', can't get rid of it
