User profile for user: Akphotog83
Akphotog83 Author
User level: Level 1
18 points

how to remove weknow.ac from safari

Friend has Macbook. Managed to get weknow.ac installed from a fake adobe flash update.


Has highjacked Safari and she won't use any other browser. I deleted all the stuff I can see from the applications folder that look like secondary installs. But browser homepage can't be reset - blocked from changes.


I googled and found a ton of programs to do this but all have to be bought. Is there a manual procedure? And if not, what's the best removal program to install to get this done now and the next time she does this?


Thanks.

MacBook Pro (15-inch Late 2008)

Posted on Jul 7, 2018 12:51 AM

Reply
Question marked as Top-ranking reply
User profile for user: jpt42
jpt42
User level: Level 1
13 points

Posted on Jul 19, 2018 1:11 PM

I was running Malwarebytes when my Mac got infected. Malwarebytes was able to quarantine it but that didn't fix the browser issue. Their customer service department was able to help out about how to fix the browser issue once the other files were quarantined. Here was their advice:


Thomas Reed(Malwarebytes Support)

Jul 19, 05:48 PDT

Jim,


It looks like you have an adware-related configuration profile installed, which is preventing you from changing your home page setting.


To remove this, open System Preferences, then click the Profiles icon. You should see either two or three different items listed. One of them appears to be legitimate, but the other two (they may be combined into one entry) are not. You can identify which is bad by looking at the information for each profile. The bad entry (or entries) will say "com.myshopcoupon" somewhere, and should also refer to "weknow.ac". Any such entries should be removed. Leave the profile that refers to "com.Infomaniak", as I believe that one is legitimate.


After removing the profile, you'll need to fix the home page settings.

View in context

Similar questions

26 replies
Question marked as Top-ranking reply
User profile for user: jpt42
jpt42
User level: Level 1
13 points

Jul 19, 2018 1:11 PM in response to kelley249

I was running Malwarebytes when my Mac got infected. Malwarebytes was able to quarantine it but that didn't fix the browser issue. Their customer service department was able to help out about how to fix the browser issue once the other files were quarantined. Here was their advice:


Thomas Reed(Malwarebytes Support)

Jul 19, 05:48 PDT

Jim,


It looks like you have an adware-related configuration profile installed, which is preventing you from changing your home page setting.


To remove this, open System Preferences, then click the Profiles icon. You should see either two or three different items listed. One of them appears to be legitimate, but the other two (they may be combined into one entry) are not. You can identify which is bad by looking at the information for each profile. The bad entry (or entries) will say "com.myshopcoupon" somewhere, and should also refer to "weknow.ac". Any such entries should be removed. Leave the profile that refers to "com.Infomaniak", as I believe that one is legitimate.


After removing the profile, you'll need to fix the home page settings.

Reply
User profile for user: Akphotog83
Akphotog83 Author
User level: Level 1
18 points

Jul 8, 2018 12:56 AM in response to kelley249

The suggestion Eric Root gave worked for me. I didn't have manual instructions either so I went through some of the sites listed on the link Eric provided.


This one had what I was looking for: Remove www.weknow.ac from Mac OS - SecureMacOS

After I went through the manual instructions listed I still needed to download and install MalwareBytes. Running it found more problems related to this. It's not inexpensive, but worth it to get the removal completed and to have ongoing real-time protection. (The system I was working on belongs to a friend who doesn't seem to understand she can't just click on a link without reading everything first...)


After I ran MalwareBytes scans a couple of times to confirm the system was clean and reset the home page back to what she was used to seeing, it was good to go. At which time I repeated all this on her desktop system. She doesn't use that one as much and it was not infected, but better safe than sorry.


Good luck with yours...

Lance

Reply
User profile for user: ibrahimswift52
ibrahimswift52
User level: Level 1
4 points

Aug 20, 2018 4:06 AM in response to tonysopranus

its the same thing here for my clients Mac, he bought mac on my advise that it would never be effected with virus/trojans but now Mac is also not spared by internet threats. I tried all the steps available on internet and only could disable the searchengine hijacking on chrome/safari but the homepage is still stuck on weknow.ac search bar. No matter what, in libary/launchagents,agents,launchdaemons. Whichever is suspicious as per recent date modified, deleted all but nothing worked. Instead of creating a support case in Google chrome, I am doing it here because its Mac and it is applying the same settings on every browser installed.

Reply
User profile for user: jdleveque
jdleveque
User level: Level 1
4 points

Sep 25, 2018 2:12 PM in response to Eric Root

Neither of those links go anywhere. The shorter one goes to a search and on Yahoo which we don't use at all. The longer one I get this error message" 503 Service Temporarily Unavailable" and I have tried it on different browsers.

When I search for weknow on Google and try to follow the steps there is no trace of weknow on the computer.

We have spoken to 3 level 2 techs at Apple and even they are at a loss. Each time spending almost an hour on the phone. Again these were the level 2 techs, not level 1. We are at a complete loss at how to remove this virus which has taken over all of our browsers.


Please help.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

how to remove weknow.ac from safari

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up