View Full Version : ClamXAV found issue on my Macbook Pro: what is it?

11-17-2015, 10:18 AM
Attached picture: what is this and how did I get it? I have not visited any abnormal sites, or any new sites.23257

11-17-2015, 03:28 PM
Installed any software such as Premium Opinion or similar?

And avoid downloading any software from CNET and Softonic. They ove loading you up with these little 'extras'.

11-17-2015, 03:45 PM
This is a tracking program that may or may not have other "talents". ClamXAV should have done a good job of removing it.

According to this site: http://www.hotforsecurity.com/blog/top-5-malware-for-mac-os-x-users-should-know-about-996.html

"The OpinionSpy family of spyware is usually installed by a number of freely-distributed applications such as screen-savers and audio / video converters. The installer utility of these applications will fetch the spyware package, install it and run is with root privileges. Trojan.OSX.OpinionSpy.A poses as a marketing research tool, but it does more than collecting users’ browsing habits and preferences: it also opens backdoors and shuffles through a great number of documents found on both local and remote drives. The Trojan poses a great danger to the user’s privacy and to the security of the stored data."

So you probably installed some innocent looking app that brought a nice "gift" along with it.


11-17-2015, 04:35 PM
ONLY download Mac apps from one of the rowing three places!

1. The Mac App Store
2. The developer's own website
3. MacUpdate.com

11-17-2015, 09:52 PM
Chas_m - just an FYI - nickyr pointed me to this article. It seems MacUpdate.com is given in to allowing "gifts" to be added their downloads:


I have dropped them off my "nice" list.


11-18-2015, 12:01 AM
chas and I had a little debate over this about six months or so ago and I could not find that article at the time. Good one Lisa.

11-18-2015, 12:28 AM
The reason you couldn't find it six months ago, Harry, is because this article is from November. Six months ago, it wasn't happening.

Nonetheless, I'm disappointed to learn that MacUpdate may have bought into the junkware epidemic, and will take this up with the site owners at my first opportunity.

11-18-2015, 06:16 AM
This is the alert I was thinking of. Twelve months ago actually:-


11-18-2015, 06:56 AM
Is it possible that I downloaded it from "savefrom", which downloads YouTube videos? That is the only place I can think of that I used recently that was not the usual three websites I browse.

11-18-2015, 11:15 AM
Anything is possible and as I have recently found out, MacUpdate could also be the culprit if you have downloaded from them.