Related Products Sidebar Malware Adware

I suggest scanning with MalwareBytes. Malwarebytes was developed by one of our own colleagues here in ASC. It gets rave reviews and is about the most proven anti-malware software for Mac. if you have any remaining adware it will remove it.

Optibuy agent came back - which is infuriating, as it requires a sudo password to delete, you'd think it needed permission to install.

Looks like the above opportunists might be right, time to try an anti-virus solution.

smitsc05 wrote:

Optibuy agent came back - which is infuriating, as it requires a sudo password to delete, you'd think it needed permission to install.

Looks like the above opportunists might be right, time to try an anti-virus solution.

Most AV products are not worth the bytes their coded with. As already suggested in this thread, try Malwarebytes. And no, I don't work for that company, either. Like macjack, I know from years of experience that its reliable, easy to use and has, unlike most AV programs, no negative impact on your system.

I have also been infected with this adware and I've been fighting it for days.

I keep killing OptiBuy processes from the command line, and they keep coming back.

I've also removed OptiBuy files from /Applications and /Library/LaunchDaemons and /Library/Application Support . It just keeps coming back!

TampaWolverine wrote:

It just keeps coming back!

Please try removing this using Malwarebytes for Mac, as some of the other folks have suggested. It's a free download, no need to purchase anything.

I'm particularly interested in finding out whether that solves the problem or not, as this is not behavior that I have previously seen with this particular adware (Crossrider). I believe it should, but if it doesn't, please let me know so I can investigate.

Thomas Reed

Director of Mac Offerings, Malwarebytes

Thomas, I installed Malwarebytes on May 24th, and seems to have removed the malware. It's has not come back since Wednesday evening.

I was a little hesitant to install another "free" application after getting this malware disguised as a Flash update, but this seems to be a legitimate and helpful product. Thank you.

As Apple CSR suggested, I installed the Malwarebytes and scanned my iMac. I get the message that my system is clean. But in Safari browser, especially when I use Yahoo & Yahoo mail, I still get the Flash update request, automatic redirection to weird websites....Do not know how to solve this issue...Seems like even the Malwarebytes does not work for me

I went through this Optibuy / MacKeeper / Megabackup agony for 3-4 hours last night. Never happened before on my Mac. Only Chrome was infected, not Safari. I think it all started with a (fake) Flash Update notice. Pretty clever, since one is familiar with the real one popping up occasionally and harmlessly. What is really vicious about this is that if you google these words, you get dozens of results that look like scammer sites that will probably only prolong or worsen the situation. Try searching for optibuy and look at the URLs of the websites that come up. Someone put a great deal of thought into this and acquired a lot of domain names like howtoremove.guide and pcrisk.com and it-help.info etc. etc. almost endlessly. Gresham's law at work on our beautiful internet. Truly sad. I already knew about and trusted Malwarebytes from the Windows world, and that did take care of it. But I had to run it, restart, and run it again a couple of times. It found other junk the first time, and then found optibuy the second time. For those that Malwarebytes did not seem to help, this may be useful. Some of the fake popups are just coming from the fake "help" sites. Close them and don't go there again. It's possible to find a few serious discussions online, but be VERY selective.

Hi Thomas,

Could you help me with my problem. Whenever I click a link on chrome or Safari, It opens a new opo-up where the address keeps changing. Some of the instances are:- goodmacfaster.club; spotscenered.info; securefastmac. But all the pages the heading is usually MacKeeper and eventually the pop-up shows another pop-up dialog saying that my mac is infected and requires cleaning and closing the window is not advised.

I have tried every possible solution that is out there. Scanning with malwarebytes has not yielded any result. I have reset Chrome to default settings. Changed the home page address [which strangely was search.conduit.], uninstalled chrome and installed again. Deleted all extensions on both Chrome and Safari. Cleared cache and history. But the problem still persists. Please help me.

Where are your instructions for getting rid of the crap? I absolutely do not want to install something else. This is absolutely ridiculous enough without adding more aggravation.

Thanks for your help, this is maddening.

Jacqui

In Malwarebytes, choose Contact Support from the Help menu, and describe the problem in the e-mail. This will send some info privately about what's on your system, and I or someone else at Malwarebytes will take a look. That will let us see if there's something new out there that you might be infected with, or if it's likely to be caused by something else.

Safari/Browsers - Eliminating browser redirects and advertisements

Safari/Browsers - Eliminating browser redirects and advertisements (2)