mac adaware removal tool

[pcpete]

We had a system with conduit and Genieo that was giving us a tough time removing it. I gave myself root access(spare me the lecture) and manually deleted everything i could find regarding them via the command line. Of course we started off with the basics of resetting safari. Nothing was working. We tried the following tool and it cleaned it up

http://www.bitdefender.com/solutions/adware-removal-tool.html

It was a life savor, now I can go home!

 

[phaZed]

You're not alone. I can count on one hand over the past 3-4 years I have had to perform a mac virus/adware removal but in the past week and a half I have had 9 macs come in for this same stuff.

There was a mix of client-installed software that was mislabeled and some that really do look like a website drive-by attack.

Check out The Safe Mac - Reports have been spiking

 

[anonymous Mac Tech]

Problem is the coders of Genieo and Conduit have Apple developer privileges so these things are not blocked during installation because they are considered an "identified developer" and slide right by the system preferences default allowing on software only from the app store and "identified developers". Pretty easy to get by anything when you are considered trusted. Don't know why Apple doesn't slam the door on them? Also, there is still a pretty gray area out there on what is considered "adware" as most of us know. Also, with a new flash update needed every week that is how these machines are getting "infected". Clients need to be educated that the only way they should be doing a flash update is through system preferences. But, even this is cumbersome for casual users. But these threats are still easily removed. Just about every file is located in either ~/Library/LaunchAgents/ or /Library/LaunchAgents/. Don't need terminal or root access to get to them. Do a simple "Finder-> Go/go to folder" and type in the path or even copy and paste the path for that matter and you are done in about 5 minutes. It is all just common sense knowing what should be in those folders even not knowing exact file names. Just need to remember to delete the launchd (if it exists) file first and restart before removing the other files or it will brick the system.

 

[Markverhyden]

Well I've got my first call from an Apple customer that is complaining about browser popups. So I'll have to see what is going on. I'm leaning towards install adblocker or something similar for all users since I doubt the AV stuff will pickup on those types of threats.

 

[altrenda]

Yep, I see it in my users all the time. Adware Medic seems to do the job.

 

[johnrobert]

Second for AdwareMedic just tried it on heavily infected Safari and it fixed it

 

[Galdorf]

Getting alot more macs in for spyware cleaning usually i only see one once a year for hard drive replacement ,more people are switching from pc to mac from windows 8 turning them off from pc`s.
You would think there would be more adware cleaning tools more and more mac`s are getting over loaded with spyware.

 

[altrenda]

Getting alot more macs in for spyware cleaning usually i only see one once a year for hard drive replacement ,more people are switching from pc to mac from windows 8 turning them off from pc`s.
You would think there would be more adware cleaning tools more and more mac`s are getting over loaded with spyware.

Overloaded? What are you seeing?
I just removed a secure-alert hijack from Safari today, it was almost laughable to remove.
I am seeing simple browser hijacks on several machines, but nothing major.

 

[atlasmike]

My first Mac is coming in on Monday. My customer opened an email that was infected now she has pop ups and stuff. What are some tools you guys trust for malware removal on macs?

 

[Markverhyden]

Adware medic. That's what I used for my customer I mentioned above.

 

[Cambridge PC Support]

Had my first ever Mac infection a coupla days ago. I don't usually go near Macs but I thought I'd give it a go.

As recommended, I did Adware Medic, then Bitdefender and then installed the free Sophos AV.

All sorted and happy customer

 

[atlasmike]

Adware medic. That's what I used for my customer I mentioned above.

it seemed to be a very quick scan and found nothing. I guess it is all good.

 

[Markverhyden]

it seemed to be a very quick scan and found nothing. I guess it is all good.

Not necessarily. Even if nothing was found a delayed installer might have been installed. Just need to keep an eye out on things. The machine I mentioned above did not do anything as soon as a browser was launched. Sometimes it took 10 minutes or more for the beast to kick off it flood of popups. Did you get a copy of the email attachment or link?