Q: How to get rid of pirrit adware PLEASE help

Download and run MalwareBytes. Malwarebytes was developed by one of our own colleagues here in ASC. It gets rave reviews and is about the most proven anti-malware software for Mac.

Sorry I read-read your post.

That's because MacKeeper is an app, not technically malware but a very bad one. It can really mess with your OS.

Uninstall it and see if that stops it.

Instructions to remove MacKeeper

https://mackeeper.com/uninstall_mackeeper

If Malwarebytes Anti-Malware for Mac did not take care of 'pirrit', open Malwarebytes again, click on HELP and from the drop down menu click on CONTACT SUPPORT.

Ciao.

macjack wrote:

 

Sorry I read-read your post.

That's because MacKeeper is an app, not technically malware but a very bad one. It can really mess with your OS.

Uninstall it and see if that stops it.

Instructions to remove MacKeeper

https://mackeeper.com/uninstall_mackeeper

MalwareBytes should still flag MacKeeper as a PUP (potentially unwanted program), but it's possible the OP removed it prior to posting. The Pirrit adware not being detected is another matter though. Hopefully Thomas will drop in here.

Reference your screen shot, have you followed the path displayed, and deleted the 4 files?

Hi,

had the same probs, i must have clicked on the 'mackeeper' link by mistake too (ahem..) Went nuts trying to sort this, almost melted my router!

Check this, if you have hidden accounts (UID 401s) then this might help.

https://github.com/aserper/osx.pirrit_removal

mackeeper - awful - accidentally clicked on something and it downloaded - brought a whole load of adware with it - pop-ups everywhere - prevented me accessing my internet banking, just got ads instead - everything slowed down. Uninstalled it following instructions on apple site, but it hung around. I had to go through all files  on my mac and delete anything vaguely related to it. Still there. Then did scan with Sophos anti virus, still there. Finally downloaded and ran Malwarebytes, which got the last residual mackeeper bits and related adware and deleted them. Wow, first time my mac has ever succumbed to malware. Beware mackeeper - but Malwarebytes seems very good (and real quick to use too).

I use Avast Mac security software I have just found exactly what u have on your mac, my youngest son, playing on Roblox clicked on the mackeeper ad/message re u have a virus... on that site & now i have it...got rid of it though using Avast. https://www.avast.com/free-mac-security  Very happy it found it.

This Avast seems to be very through, still using it doing whole scans or custom scans on my HD & it has stopped weird things with 'Smart mac ads' popping up in Chrome over other sites. Also an extension I was using, since deleted, Http everywhere - it might work for some but in my experience, man this thing me a lot of grief, slowness, & not loading pages...deleted it. I'll post further experiences & found bad stuff as I go here. Also I found malwarebytes  didn't find anything yet. I keep using it first then Avast. 8^)

Found tonight & deleted:

Mac Pirrit-D [Adw]

/Library/rustling/rustling

/Library/wavably/wavably

Never saw this topic before, but note that we've got a beta that will do a better job of detecting VSearch (aka Pirrit):

https://forums.malwarebytes.org/topic/188888-announcing-anti-malware-for-mac-125 -beta/

The scans with the beta take a little longer on the VSearch portion of the scan, since they've done some things to make it harder to detect, and we have to scan a larger number of files looking for it.

Note that the link I have given goes to my company's web site, and links on that page may promote my company's products.

Thomas Reed

Director of Mac Offerings, Malwarebytes