Pop-up window: Apple wants to make changes

Check Safari > Preferences > Websites > then the Plug-Ins panel on the bottom left corner. Look and see if you have anything there you don't recognize. I suggest too actually running Malwarebytes and see if it detects it. This one is pretty solid of at least finding a part of a file tied to any form of malware. The wording is definitely off as someone pointed out Apple Vs Finder. It's definitely something installed or piece of something attached to a program or file.

Prior to this happening do you remember if you downloaded or were prompted to update anything that wasn't done directly through the Mac App Store.

It's malware/adware. Do not enter your password.

Restart and hold down the Shift key. This will put the Mac into Safe Mode. Only specific items are allowed to load, meaning this garbage will not be able to pop up. Once in Safe Mode, then you'll be able to run MalwareBytes to remove it.

will show what installs were made on the date that an actual password was provided to this pop up?

If the person clicked cancel, the software wasn't install so I doubt macOS took note.

Run etrecheck. It lists the software installed in the last month. Not sure were it gets the dates.

etrecheck

Download etrecheck. Click on the download link at the bottom of the screen. http://etrecheck.com/

Run etrecheck. The first five runs are free.

How to post etrecheck findings:

1) click on "Share report"

2) click on "Copy report"

3) Paste the information into an ASC forum reply.

Using EtreCheck by etresoft, the author https://discussions.apple.com/docs/DOC-11591

Stamp of approval https://discussions.apple.com/docs/DOC-8181

I believe "Mac Auto Fixer" is the culprit. I noticed it was in my "startup" applications.

1. Navigate to System Preferences (looks like gears), User & Groups, Login Items, and delete Mac Auto Fixer.

2. Using Finder, Go to Applications and delete "Mac Auto Fixer."

Good Luck

1. Download Malwarebytes from https://www.malwarebytes.com. It is free to use a few times.

2. Run a scan using Malwarebytes. It may show you some threats that are "quarantined".

3. Follow Malwarebytes instructions to delete the threats.

At this point your problem may be solved. You may want to pay for a subscription to Malwarebytes, which will allow you to set up a regular schedule to automatically scan and identify new problems.

In my case I was getting three popups every day, and Malwarebytes showed three "Adware" threats. After deleting these three threats, I no longer get the popups.

I have the same problem. Called APPLE Support. They had me run Malweare bytes. It found 9 issues. And cleaned them out. Apple had me delete them, and empty the trash so I don't have a list. I will post again in a couple of days with the results.

I just had the same problem. To resolve, I first emptied the caches in Safari, then closed all apps. Re-opened Safari and went to Preferences -> Manage Website Data and deleted all cookies, etc that I didn't use or recognize. Closed Safari again and went to ~User -> Library -> Safari -> Databases and deleted all databases that I didn't use or recognize. Re-opened Safari and all other apps and the popup message no longer appears.

There’s a bit more to it. You’ve checked safari but also check for unknown programs installed to your Mac. If you haven’t run Malwarebytes. Check users and groups > login items

Basically you’re checking places programs can hide. Also check watch to see if the pop up happens on specific websites you may end up contacting that webmaster as they may not know their server is flooding out popups

Most of these aren’t actual popups but JavaScript so the way it comes up bypasses some blocks you may already have in pl

Like a novice idiot, I fell for this and entered my password after getting the "Apple wants to make changes" pop up. Then I checked the forums and found this thread. Needless to say I should have checked the forum first! Anyway, I have immediately changed my MAC access password. Then I ran Malwarebytes and deleted everything it detected. Then I cleared: Cache, history & website data. Here are a few links to help clean up your computer.

Free Antivirus Replacement & Anti-Malware Tool | Malwarebytes

https://nektony.com/blog/how-to-reset-safari-on-mac

https://macsecurity.net/view/188-remove-anysearchmanager-malware-from-mac

I've had the same problem for about two weeks. The open Safari browser disappears and a few seconds late, the pop-up appears, asking for a password. This morning, I took the advice of several posters and downloaded the trial version of Malwarebytes. After the first scan, Malwarebytes found and quarantined two files titled "com.ExploreSearchResults" and "com.ExploreSearchResults.plist"

I installed Malwarebytes and ran a scan; it showed some malware on my system. I deleted those files and have not had these pop ups since; that was three days ago. So... It's malware.

I used Malwarebytes the free version and if found and got rid of lots of weird files - no problems since:-)

I had this exact problem, which repeated every morning whether or not I shut down or restarted. I never entered any passwords, but today I installed the free Malwarebytes and a scan showed three ADWARE items, which I removed. I hope the problem is gone but should wait until tomorrow to be sure.

It appears this adware/malware is doing what a lot of newer ones do. It keeps changing the name of the files it uses to run. Some of these have a list of thousands of names it randomly chooses.

I've been following all of the topics of this malware, and even in the same topic, MalwareBytes finds different file names that when removed, clear up this "Apple wants to make changes" junk.