Virus in osx
Thread Starter
Virus in osx
So, this is not a tale of how whilst visiting a transvestite donkey witch porn website a virus was downloaded, but on a totally innocent mountain walking website……Trying to view a series of mountain views, an Adobe message box came up to say that i didn't have the latest version to view the series of photos. All kosher and that went well, but thereafter i have been plagued with pop up pages (despite being blocked in settings) of various ads for 'getting rid of viruses', 'cleaning up your slow mac' and so on. The virus seems to be (e.tre456_worm_osx) and despite running ClamX no viruses were found, despite clearing all cookies, doing clearings with Onyx, and of course getting rid of the Adobe download, it's still happening, seemingly set off by pressing either the page down button, or the space bar which brings up various new windows…VERY ANNOYING indeed. Anyone have a clue as to what to do ? Is this all it's doing ? Any help appreciated chaps.
Probably not much help for your problem but I also get occasional problems with totally innocent websites.
Mostly it's a plant or re-direct type problem looking for me to buy something
I suspect that the innocent website (with cheap virus potection) has been slightly hacked.
The real danger to me is now clicking on those links that try to get me to buy something I wasn't looking for.
PS I never try to improve my ability to view something by clicking on something in the site that asks for it. Figuring if they can't make it simple to match my quick scan than forget it.
Mostly it's a plant or re-direct type problem looking for me to buy something
I suspect that the innocent website (with cheap virus potection) has been slightly hacked.
The real danger to me is now clicking on those links that try to get me to buy something I wasn't looking for.
PS I never try to improve my ability to view something by clicking on something in the site that asks for it. Figuring if they can't make it simple to match my quick scan than forget it.
Join Date: Nov 2015
Location: Here
Posts: 318
Likes: 0
Received 0 Likes
on
0 Posts
I'm still new to Apple kit so bit of a random thought, can you use Time Machine to put your device back to how it was before you visited the website that has caused you problems?
Perhaps set up an online chat with Apple support - I find them very good.
Perhaps set up an online chat with Apple support - I find them very good.
Chief Tardis Technician
Join Date: Jan 2001
Location: Western Australia S31.715 E115.737
Age: 71
Posts: 554
Likes: 0
Received 0 Likes
on
0 Posts
This may be of help.
https://malwaretips.com/blogs/remove-mac-os-x-virus/
google for browser hijack, lots of stuff out there.
https://malwaretips.com/blogs/remove-mac-os-x-virus/
google for browser hijack, lots of stuff out there.
Join Date: Apr 2016
Location: localhost
Age: 25
Posts: 220
Likes: 0
Received 0 Likes
on
0 Posts
Again, not much help for your present situation but for future reference: NEVER click on any unsolicited pop up asking you to scan/download anything, saying piece of software x is out of date. They are becoming increasingly common and of greater danger.
I would recommend you back up what you can and factory reset the laptop which may be inconvenient but in my experience is the only way to rid yourself of the blight.
I would recommend you back up what you can and factory reset the laptop which may be inconvenient but in my experience is the only way to rid yourself of the blight.
Hippopotomonstrosesquipidelian title
Join Date: Oct 2006
Location: is everything
Posts: 1,826
Likes: 0
Received 0 Likes
on
0 Posts
As others said, it looks like malware got itself installed by social engineering: it persuaded you to do it. Malwarebytes for Mac should be able to kill it.
https://www.malwarebytes.com/antimalware/mac/
https://www.malwarebytes.com/antimalware/mac/
Thread Starter
Thankyou for all the advice chaps! As i'm travelling at the moment, the blocking of anything is at best difficult. Apart from the steps taken in the OP, I also deleted Safari and all it's associated files and then re-installed it, sadly to the same state as before. Mr Bushfiva's link seems to have provided the solution (fingers crossed).
The culprits were 'Adware.Awesome Screenshot' and 'Adware.Crossrider' hidden away in the launch items where 'MyShopMate' and 'Software-Updater.agent were causing browsing havoc. The effects have been sporadically persistent , even when logging into pprune, the moment the cursor touched the box up popped another window of supposed linked content. Thankfully DIDN'T do anything whilst checking e-mails. This is my 1st experience with malware, and in general i'm pretty careful. My laptop is an older Apple MBP running Mountain Lion, serves me very well in most cases, but now and again certain websites can't function as they are set up to liase with the more up to date OS's etc, and i do get messages saying that i need to upgrade to the latest version of XYZ to use the facilities. How do 'we' tell the good from the bad in such cases ?
Thanks again for help.
The culprits were 'Adware.Awesome Screenshot' and 'Adware.Crossrider' hidden away in the launch items where 'MyShopMate' and 'Software-Updater.agent were causing browsing havoc. The effects have been sporadically persistent , even when logging into pprune, the moment the cursor touched the box up popped another window of supposed linked content. Thankfully DIDN'T do anything whilst checking e-mails. This is my 1st experience with malware, and in general i'm pretty careful. My laptop is an older Apple MBP running Mountain Lion, serves me very well in most cases, but now and again certain websites can't function as they are set up to liase with the more up to date OS's etc, and i do get messages saying that i need to upgrade to the latest version of XYZ to use the facilities. How do 'we' tell the good from the bad in such cases ?
Thanks again for help.
Join Date: Apr 2016
Location: localhost
Age: 25
Posts: 220
Likes: 0
Received 0 Likes
on
0 Posts
Ultimately, it is getting more and more difficult to tell these malware pop ups apart from the real mccoy. I advise, if you get a pop up saying, for example, to update your Adobe Flash player; you go to the Adobe website (without clicking on said popup) and download any update there.
Hope this helps and glad you're getting it sorted
EDIT: this thread may help: http://www.pprune.org/computer-inter...urity-faq.html
Hope this helps and glad you're getting it sorted
EDIT: this thread may help: http://www.pprune.org/computer-inter...urity-faq.html
