Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

killmoms

macrumors 68040
Original poster
Jun 23, 2003
3,754
55
Durham, NC
Hi all, long-time Mac user here, but I've never had to deal with someone who inadvertently installed malware disguised as legit software before.

I have a friend who's… not super technically-inclined, let's just say. She wanted WhatsApp on her computer for messaging people, not realizing that there is no WhatsApp desktop client for OS X. She downloaded something purporting to be WhatsApp (it's just "WhatsApp.dmg" according to her, and I'm not crazy about the idea of her opening it again to try to find out more). Now she's got "Ads by MacMin" appearing on web pages and lots of those "embedded text ads" on websites that definitely don't have them by default (like in the middle of Tumblr posts). She lives in Paris so I can't sit down in front of her machine locally and try to figure out what's going on, I'm trying to direct the cleanup operation from across the Atlantic. Google searches haven't been super-fruitful for this specific thing so I'm flying a little blind here—not even really sure what specific thing has been installed.

What I'd like to know is if anyone has any experience with either Sophos or Avast's free virus scanner/malware removal tools. Would installing either of these likely find this mess and clean it up? Which of the two is easier to get rid of after a successful cleanup—or, alternatively, which is lighter weight to run long-term (because I don't entirely trust her not to do something like this again)? Any help would be greatly appreciated.
 
Last edited:
If both sides have decent internet connectivity, you can use a screen-sharing service such as join.me. You'd be able to take control of her screen and address the issue remotely.

I've found join.me easier to get running than, say, Apple's screen sharing.
 
What I'd like to know is if anyone has any experience with either Sophos or Avast's free virus scanner/malware removal tools. Would installing either of these likely find this mess and clean it up? Which of the two is easier to get rid of after a successful cleanup—or, alternatively, which is lighter weight to run long-term (because I don't entirely trust her not to do something like this again)? Any help would be greatly appreciated.

In the vast majority of these cases, Adware Medic will resolve the issue. adwaremedic.com.
 
Teamviewer to see whats going on then Adwaremedic. Then let us know if that hasn't sorted it but if you can get her to install Teamviewer then send you the access code you'll be able to see if there are any unusual-looking login items etc left behind...
 
Im not an expert like many others here, but I would talk her through making a new user account and test to see if the problem goes away.

A lot of these Adware issues are sometimes buried in the users account holders home directory.

If making a new account fixes the problem, she can move her critic le data to the new account and delete the old one. If the new account doesn't help, just delete it. It's a decent diagnostic tool.

Also make sure to check for rouge Safari extensions.

I too give a vote for Adwaremedic.
 
....I have a friend who's… not super technically-inclined, let's just say.....

Also go into System Preferences/Security & Privacy/General tab and select Allow apps downloaded from: Mac App Store. The open the App store and show here how it works so she can only get Apps through it.
 
+1 for AdwareMedic.
After AdwareMedic I would check the extensions of her browser. If there are any that she does not use then uninstall them. Last but not least, download EasyFind (http://www.devontechnologies.com/download/products.html) (it is free) and in Search type all the keywords linked to adware. When found, delete them. Reboot.

P.S.: Don't forget to make her install AdBlock on her computer!
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.