Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

how to get rid of iAdware ?

gauchogolfer said:
How did your friend get infected with something that came out in 2006 and has since been patched?
Click to expand...

Good point! I have to believe that many of the "I got a virus on my Mac..." stories are pure fantasy or misunderstanding or (in rare cases) someone who's just trying to cause panic among Mac users. It's always "a friend" or "a friend of a friend" or very few details on exactly what happened.

Most of the time a new Mac user cries "Virus!", it's because something is happening they don't understand and they're unfamiliar with the differences between Windows and Mac OS X. If you read the dozens of threads in these forums with "virus" or "adware" or "trojan" or "malware" in the subject line, probably 90% of the time it's just someone who doesn't understand how to use their new Mac and they came from the Windows environment where viruses are rampant.
 
ggjstudios said:
Good point! I have to believe that many of the "I got a virus on my Mac..." stories are pure fantasy or misunderstanding or (in rare cases) someone who's just trying to cause panic among Mac users. It's always "a friend" or "a friend of a friend" or very few details on exactly what happened.

Most of the time a new Mac user cries "Virus!", it's because something is happening they don't understand and they're unfamiliar with the differences between Windows and Mac OS X. If you read the dozens of threads in these forums with "virus" or "adware" or "trojan" or "malware" in the subject line, probably 90% of the time it's just someone who doesn't understand how to use their new Mac and they came from the Windows environment where viruses are rampant.
Click to expand...

OK, I have been a mac user since the LC, programing computers for 25 years, and now develop for the mac, and own shares in the company. I'm no noob!
I was as amazed as you.
He has the latest version of leopard.
He almost definitely caught it downloading porn or from warez sites.
I think he might actually be infected by a second one that is causing native instruments Traktor to behave strange then every now and then cause a popup to buy anti virus software(he showed me this months ago, I put it down to coincidence and a software glitch and sent him on his way).

The one we encountered last night sends him to a domain such as 'googleadware.com' (i forget the exact name) after clicking on adwords in google. A search around the net revealed it was the iadware 'proof of concept'.

So yeah, how damn annoying, I dont want this crap to exist as much as the next person, but unfortunately it does exist.
I trashed a unix executable file in "internet plugins" called internet.prefs (or similar) and he told me he was cured but it could have been a fob off so he could go to bed as I had been trying to kill it for two hours.
 
gauchogolfer said:
How did your friend get infected with something that came out in 2006 and has since been patched?
Click to expand...

I have no idea, one can only presume it is some sort of variant. To make it weirder, I think he has had this adware for 3 months, yet I find very little on the net about it other than stuff written in 2006.

Also, someone/something called 'thompson' popped up on his network months ago, I told him jokingly it was probably his neighbor stealing his net access. He has since moved and thomson still pops up on the network. He is riddled!
 
Thomson is the default name on the BT HomeHub, it appears on my media player whenever I look for network shared drives.
Your friend is using BT Broadband is he?
 
A bit more detail on the Traktor problem:

All the elements on the UI dance around all over the place, then (every now and then a popup(i presume javascript )) warning of viruses and recommending a place to buy it.


The other problem is with google, it has taken over the links on google.com sending him on a journey through multiple urls, a button in the top right says "continue" (or similar), 5 to 10 seconds later (if he isnt caught in an infinite loop) he is taken to some crapy links site where the owner makes money from clickthroughs I can only presume.
 
errorinside said:
Thomson is the default name on the BT HomeHub, it appears on my media player whenever I look for network shared drives.
Your friend is using BT Broadband is he?
Click to expand...

gifford said:
Thats that one explained then, yes he is on BT Broadband.
Click to expand...

This is an example of what I was talking about. Further investigation usually (not always) reveals that the problems had nothing to do with any virus, but rather the user's lack of understanding of what's happening. If you don't understand what's happening on a Mac, a virus should NOT be your first suspicion, but rather, your last.

As for the UI problem, it's possible he has downloaded and installed a trojan while surfing porn sites. He needs to take inventory of all the apps installed and running. Activity Monitor should help with what's running. Maybe he can send some screen captures, so more experienced users can take a look.

As for the redirecting problem, has he checked to make sure his DNS servers are correct?
 
ggjstudios said:
This is an example of what I was talking about. Further investigation usually (not always) reveals that the problems had nothing to do with any virus, but rather the user's lack of understanding of what's happening. If you don't understand what's happening on a Mac, a virus should NOT be your first suspicion, but rather, your last.
Click to expand...

The thomson bit was just chucked in there as 'something else that was noticed'. I know for a FACT he had an adware problem because I of 25 years experience have diagnosed it as such. No offense but I'm finding your comments mildly condescending. Also, I never said 'virus'. I said 'adware'.

ggjstudios said:
As for the UI problem, it's possible he has downloaded and installed a trojan while surfing porn sites. He needs to take inventory of all the apps installed and running. Activity Monitor should help with what's running. Maybe he can send some screen captures, so more experienced users can take a look.

As for the redirecting problem, has he checked to make sure his DNS servers are correct?
Click to expand...

Well I think I may have killed it last night by removing the unix exec, I shall delve deeper next time I get my mits on his macbook.
 
gifford said:
T No offense but I'm finding your comments mildly condescending. Also, I never said 'virus'. I said 'adware'.
Click to expand...

I mean no condescension at all. And I'm not saying that in this case, there isn't adware involved. I'm just pointing out that in the vast majority of (but not all) cases, someone will point a finger at viruses or malware of some sort, when the issue turns out to be something far less sinister.
 
ggjstudios said:
I mean no condescension at all. And I'm not saying that in this case, there isn't adware involved. I'm just pointing out that in the vast majority of (but not all) cases, someone will point a finger at viruses or malware of some sort, when the issue turns out to be something far less sinister.
Click to expand...


I dont know what the true definition of adware is, but I do know whatever this is its popping adverts up in places there shouldn't be, back in system 7 I used to call this sort of thing adware.

But I do understand your point, I'm sure many viri are miss diagnosed, thats why I ignored him for 3 months as I thought he was just being a dumbass.
 
gifford said:
I dont know what the true definition of adware is, but I do know whatever this is its popping adverts up in places there shouldn't be, back in system 7 I used to call this sort of thing adware.

But I do understand your point, I'm sure many viri are miss diagnosed, thats why I ignored him for 3 months as I thought he was just being a dumbass.
Click to expand...

LOL... that made my day.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back