my mac has a virus

[Sossity]

I recently installed Citrix receiver, and filezilla on my mac, and I think one or both of them installed yahoo search as my default engine.

Every browser I open defaults to yahoo no matter what I do; I have gone into preferences, no suspicious extensions, cleared cookies, cache, restarted the same thing.

I uninstalled filezilla, and now when ever I open a browser, i get no internet connection, because it cannot find and default to yahoo search.

I wanted google to be my main search for my browsers.

 

[AlliFlowers]

When you install FileZilla there's a little checkbox that you must have missed. They really like pushing Yahoo. It's not a virus, per se. It's just annoying.

 

[keysofanxiety]

Run MalwareBytes for Mac. It'll take about a minute and should resolve the problem: https://www.malwarebytes.com/mac-download/

Let me know if there's still an issue by quoting this post.

 

[Meister]

It's not a virus.
Do what the others wrote.

 

[GGJstudios]

Your Mac doesn't have a virus, as there are none in the wild that run on OS X.

 

[gnasher729]

I recently installed Citrix receiver, and filezilla on my mac, and I think one or both of them installed yahoo search as my default engine.

So from the start, you tell us that you don't have a virus, you don't even suspect you have a virus. So could you please change the thread title?

 

[960design]

Not reading and unchecking a box from internet app installation is certainly how to destroy your Mac. By definition it would not be a virus, as it cannot self replicate within the *nix architecture.

Read the small print when installing stuff, or instead of being annoying it could pass all of your keystrokes to a foreign party. Checking on your bank balance, logging into iTunes, ect could prove quite expensive in the worst case or just permanently destroy your computer in the best case.

 

[Sossity]

So from the start, you tell us that you don't have a virus, you don't even suspect you have a virus. So could you please change the thread title?

I am not sure how to do that after the post has been up awhile.
[doublepost=1490757640][/doublepost]OK, to some, I know I goofed here, i don't need to be chastised, so if you can't offer actual helpful answers, don't respond. So according to one here, my computer is destroyed, so what do I do with it now? burn it?

I think I sorted it out anyways, I just went in created another administer account and deleted that account and made a fresh one, my browsers are normal now.

 

[Bruno09]

if you can't offer actual helpful answers, don't respond. So according to one here, my computer is destroyed, so what do I do with it now? burn it?

I think I sorted it out anyways, I just went in created another administer account and deleted that account and made a fresh one, my browsers are normal now.

Hi,

you did not need to do this.

The actual "helpful answer" was in post #3 : the "thing" that installed yahoo search as default engine is an adware/malware.

What you needed to do is exactly this :

1. install and run MalwareBytes to get rid of your malware(s)

2. go to the browser(s) Preferences to set back your default engine to what you want
[doublepost=1490775147][/doublepost]And remember this : your crapwares are installed at root level.

So, if you don't remove them now, they will continue their "work" in your new account...

 

[960design]

...So according to one here, my computer is destroyed, so what do I do with it now? burn it?

My mistake for the poor wording. I should have added can be destroyed. Script kiddies will package load destructive code into 'freebie' apps. It is this reason we like *nix ( mac / ubuntu ) operating systems and the security of the Apple Store. Prevents us from making silly mistakes and having to worry about silly people, for the most part.

Still requires a little bit of a sanity check on our part as users, but far safer than the wild west.

Most of the 'bad' stuff that can be added to a mac can be cleaned off with Malwarebytes. Be sure to get it from a safe location as those same bad people repackage MalwareBytes with keyloggers inside.

For example
Do not download from a mirror site like this one:
http://ccm.net/download/download-105-malwarebytes-anti-malware

Download from the main site:
https://www.malwarebytes.com/

PS. Be careful the bad guys often buy up the top level domains and spam malware out. For example, malwarebytes.co or malwarebytes.us or malwarebytes.net could be purchased by you for as little as $6.88US. You could then create a very similar front page and catch quite a few people into downloading spamware software to their computers.

 

[T'hain Esh Kelch]

I am not sure how to do that after the post has been up awhile.
[doublepost=1490757640][/doublepost]OK, to some, I know I goofed here, i don't need to be chastised, so if you can't offer actual helpful answers, don't respond. So according to one here, my computer is destroyed, so what do I do with it now? burn it?

I think I sorted it out anyways, I just went in created another administer account and deleted that account and made a fresh one, my browsers are normal now.

And yet you continue. There are plenty of correct answers, yet you pick the one that requires you to wear a tin foil hat. Good job.

 

[GGJstudios]

I am not sure how to do that after the post has been up awhile.

To edit the thread title, click the gear icon at the top of this thread. It's above the first post, to the right, beside "Most Liked Posts". On the dropdown list you will see "Edit Title".

 

[Sossity]

And yet you continue. There are plenty of correct answers, yet you pick the one that requires you to wear a tin foil hat. Good job.

what the heck are you talking about? go away with smart remarks if you cant be helpful. I was not asking you, unlike the others you are of no help but being trollish.

And yes that hat looks quite good thank you.

I continue yes, I have been a member here for a while, so I think I am allowed to get some feedback, and I am working on the suggestions. So don't tell me off.
[doublepost=1490899922][/doublepost]

My mistake for the poor wording. I should have added can be destroyed. Script kiddies will package load destructive code into 'freebie' apps. It is this reason we like *nix ( mac / ubuntu ) operating systems and the security of the Apple Store. Prevents us from making silly mistakes and having to worry about silly people, for the most part.

Still requires a little bit of a sanity check on our part as users, but far safer than the wild west.

Most of the 'bad' stuff that can be added to a mac can be cleaned off with Malwarebytes. Be sure to get it from a safe location as those same bad people repackage MalwareBytes with keyloggers inside.

For example
Do not download from a mirror site like this one:
http://ccm.net/download/download-105-malwarebytes-anti-malware

Download from the main site:
https://www.malwarebytes.com/

PS. Be careful the bad guys often buy up the top level domains and spam malware out. For example, malwarebytes.co or malwarebytes.us or malwarebytes.net could be purchased by you for as little as $6.88US. You could then create a very similar front page and catch quite a few people into downloading spamware software to their computers.

Thanks for the links and info, I downloaded the app. Little disappointing, I though macs were immune to this sort of thing, it just like a windows machine then.

 

[Sossity]

Ran malware bytes on my Mac, it found nothing.

 

[960design]

Ran malware bytes on my Mac, it found nothing.

So no malware, you've just picked Yahoo as your default search engine.

On chrome:
Click Chrome > Preferences > Search > Google

 

[Ulenspiegel]

It's a Search.yahoo.com browser hijacker. Some sites distribute these browser hijackers using a deceptive software marketing method called 'bundling' - a method that allows installation of third-party apps together with other software.

What you have to do:
1. Uninstall all the recently installed, suspicious, unknown to you extensions/add-ons in your browsers. (Like: "Amazon Shopping Assistant by Spigot", "Domain Error Assistant", "Ebay Shopping Assistant by Spigot" and "Slick Savings").
2. Reset the search engine in your browsers to Google and your homepage back to your preferred one.
3. Download and install EasyFind to look for leftovers (optional).

Good luck.

 

[Sossity]

It's a Search.yahoo.com browser hijacker. Some sites distribute these browser hijackers using a deceptive software marketing method called 'bundling' - a method that allows installation of third-party apps together with other software.

What you have to do:
1. Uninstall all the recently installed, suspicious, unknown to you extensions/add-ons in your browsers. (Like: "Amazon Shopping Assistant by Spigot", "Domain Error Assistant", "Ebay Shopping Assistant by Spigot" and "Slick Savings").
2. Reset the search engine in your browsers to Google and your homepage back to your preferred one.
3. Download and install EasyFind to look for leftovers (optional).

Good luck.

Thank you, I think I already have easy find, what would I type in for it to look for?

 

[Ulenspiegel]

Thank you, I think I already have easy find, what would I type in for it to look for?

Sossity, have you done all the steps in my post? It is important to uninstall all the suspicious extensions from all your browsers.
Please try with the name of the browser extensions that you have uninstalled.

 

[Sossity]

Sossity, have you done all the steps in my post? It is important to uninstall all the suspicious extensions from all your browsers.
Please try with the name of the browser extensions that you have uninstalled.

Yes, I did, there were no suspicious extensions, all looked normal.

 

[Ulenspiegel]

And your browsers are not redirected anymore?

 

[Sossity]

And your browsers are not redirected anymore?

correct they seem normal now

 

[Ulenspiegel]

Ok, then.
Nevertheless run Malwarebytes one more time (update before doing it).

 

[Rok73]

Thanks for the links and info, I downloaded the app. Little disappointing, I though macs were immune to this sort of thing, it just like a windows machine then.

macOS as well as Windows aren't immune to the user not reading stuff carefully while installing software. It's not the OS's fault.

 

[Sossity]

macOS as well as Windows aren't immune to the user not reading stuff carefully while installing software. It's not the OS's fault.

OK, now that you have finished shaking and pointing your finger at me, yes I goofed, now you can leave my thread now, your comment is of no help, just to gloat and hear yourself, feel better now? trying to make me feel dumb? I have since fixed the problem thank you very much.

good bye!
[doublepost=1491361812][/doublepost]

Ok, then.
Nevertheless run Malwarebytes one more time (update before doing it).

Ran it again, found nothing so far fingers crossed it seems OK now. Thank you for your help.

 

[Ulenspiegel]

You are welcome.