Hi all, long-time Mac user here, but I've never had to deal with someone who inadvertently installed malware disguised as legit software before. I have a friend who's… not super technically-inclined, let's just say. She wanted WhatsApp on her computer for messaging people, not realizing that there is no WhatsApp desktop client for OS X. She downloaded something purporting to be WhatsApp (it's just "WhatsApp.dmg" according to her, and I'm not crazy about the idea of her opening it again to try to find out more). Now she's got "Ads by MacMin" appearing on web pages and lots of those "embedded text ads" on websites that definitely don't have them by default (like in the middle of Tumblr posts). She lives in Paris so I can't sit down in front of her machine locally and try to figure out what's going on, I'm trying to direct the cleanup operation from across the Atlantic. Google searches haven't been super-fruitful for this specific thing so I'm flying a little blind here—not even really sure what specific thing has been installed. What I'd like to know is if anyone has any experience with either Sophos or Avast's free virus scanner/malware removal tools. Would installing either of these likely find this mess and clean it up? Which of the two is easier to get rid of after a successful cleanup—or, alternatively, which is lighter weight to run long-term (because I don't entirely trust her not to do something like this again)? Any help would be greatly appreciated.