I think I've been hit with malware.

Joined
Jan 17, 2013
Messages
594
Reaction score
17
Points
18
Location
Bribie Island Qld Australia.
Your Mac's Specs
iMac, 21.5",OSX, Mojave Late 2012. Processor 2.7 GHz Intel Core i5. Memory now has 16GB. + macbook
I'm on my macbook air with Sierra 10.12.6 and downloaded an update for flash player. I then had all these pop up windows and finished up with "searchitnow.info." I can't find it in app's and I've looked around for a solution but every site I've been on wants me to buy software to get rid of it. I've got 'Malwarebytes' but not sure what to do with it. I'd be glad to get some advice.
I updated Malwarebytes and scanned. It came up with a list, but I'm not sure if I should delete everything on it and I can't get a screen shot to upload on to the site. It's only 111Kb.
 
Last edited:
Joined
Nov 28, 2007
Messages
25,564
Reaction score
486
Points
83
Location
Blue Mountains NSW Australia
Your Mac's Specs
Silver M1 iMac 512/16/8/8 macOS 11.6
Many of us do not even consider using Flash and there is constantly hoax updates about for bogus Flash software. You have Malwarebytes for Mac in the Applications Folder? Double click and run Scan.
 
OP
H
Joined
Jan 17, 2013
Messages
594
Reaction score
17
Points
18
Location
Bribie Island Qld Australia.
Your Mac's Specs
iMac, 21.5",OSX, Mojave Late 2012. Processor 2.7 GHz Intel Core i5. Memory now has 16GB. + macbook
My last post to you disappeared after I'd posted it! Anyway I went back to Malwarebytes and ran another scan, this time it came up clean, so I assume it's cleared all the things it found, and not found anything else. Safari seems to be all right, but Google Chrome and Firefox both still have it. I don't want to simply make something else like Google my default browser, because I think that means that this thing will still be somewhere on my computer. Do you think I'm right?
 

dtravis7


Retired Staff
Joined
Jan 4, 2005
Messages
30,133
Reaction score
703
Points
113
Location
Modesto, Ca.
Your Mac's Specs
MacMini M-1 MacOS Monterey, iMac 2010 27"Quad I7 , MBPLate2011, iPad Pro10.5", iPhoneSE
On Firefox and Chrome check for PlugIns or Extensions and if you see any that you never installed remove them.
 
Joined
Oct 16, 2010
Messages
17,496
Reaction score
1,541
Points
113
Location
Brentwood Bay, BC, Canada
Your Mac's Specs
2011 27" iMac, 1TB(partitioned) SSD, 20GB, OS X 10.11.6 El Capitan
Safari seems to be all right, but Google Chrome and Firefox both still have it. I don't want to simply make something else like Google my default browser, because I think that means that this thing will still be somewhere on my computer. Do you think I'm right?


Shutdown and then bootup and try using all your browsers and see it they seem clear of any "extras".
 
OP
H
Joined
Jan 17, 2013
Messages
594
Reaction score
17
Points
18
Location
Bribie Island Qld Australia.
Your Mac's Specs
iMac, 21.5",OSX, Mojave Late 2012. Processor 2.7 GHz Intel Core i5. Memory now has 16GB. + macbook
Tried looking for extensions and/or plugins that I don't want but didn't see any.
I also did the shutdown and restart several times, but that made no difference either.
 

Rod


Joined
Jun 12, 2011
Messages
9,631
Reaction score
1,834
Points
113
Location
Melbourne, Australia and Ubud, Bali, Indonesia
Your Mac's Specs
2021 M1 MacBook Pro 14" macOS 14.4.1, Mid 2010MacBook 13" iPhone 13 Pro max, iPad 6, Apple Watch SE.
Hoody, I have been presented with this problem a couple of times over the years and my solution has been to completely remove the browser (in my case Firefox) then download a fresh copy and reinstal.
There are two issues with doing this:
You need to ensure you have removed all of the app's files. I use Clean My Mac3 for this but App Trap should do the job.
You need to be logged into either Google or Mozilla and ensure your preferences, bookmarks, extensions and passwords are all saved. I do not save my History.
So when you install the new copy logging in should load all of your saved data.
You might also like to try running DetectX Swift. It is a little more complex than Malwarebytes but it might solve the problem if it's a Malware issue.



Sent from my iPad using Mac-Forums
 
Joined
Oct 16, 2010
Messages
17,496
Reaction score
1,541
Points
113
Location
Brentwood Bay, BC, Canada
Your Mac's Specs
2011 27" iMac, 1TB(partitioned) SSD, 20GB, OS X 10.11.6 El Capitan
Joined
Jan 1, 2009
Messages
15,455
Reaction score
3,811
Points
113
Location
Winchester, VA
Your Mac's Specs
MBP 16" 2023 (M3 Pro), iPhone 15 Pro, plus ATVs, AWatch, MacMinis (multiple)
And if you still want to use Flash, you should ONLY update it from the System Preferences panel for Flash. Never click on any box offered by any website.
 
Joined
May 21, 2012
Messages
10,703
Reaction score
1,158
Points
113
Location
Rhode Island
Your Mac's Specs
M1 Mac Studio, 11" iPad Pro 3rdGen, iPhone 13 ProMax, Watch S7, 2018 15" MBP, AirPods Pro
I prefer only using Chrome if Flash is needed. Chrome updates Flash within its regular updates/upgrades, this way there is no need for me to do it.

I never install Flash or Java on my Macs.
 
Joined
Apr 26, 2008
Messages
2,963
Reaction score
120
Points
63
Location
Belgium
Your Mac's Specs
iPad Pro 12.9 latest iOS
+1 for Bob’s advice.

and the golden rule with regards to updates is still valid :
“ if you did not specifically went looking for it, don’t install it. “

Cheers ... McBie
 

Rod


Joined
Jun 12, 2011
Messages
9,631
Reaction score
1,834
Points
113
Location
Melbourne, Australia and Ubud, Bali, Indonesia
Your Mac's Specs
2021 M1 MacBook Pro 14" macOS 14.4.1, Mid 2010MacBook 13" iPhone 13 Pro max, iPad 6, Apple Watch SE.
Yes, I agree with Bob as well. I don't know how many times I've had notifications that i need to update Flash on sports sites in particular. I always ignore it and usually the notification goes away after a minute and the content plays as expected.
 
OP
H
Joined
Jan 17, 2013
Messages
594
Reaction score
17
Points
18
Location
Bribie Island Qld Australia.
Your Mac's Specs
iMac, 21.5",OSX, Mojave Late 2012. Processor 2.7 GHz Intel Core i5. Memory now has 16GB. + macbook
Thanks for all the replies.
Rod, I've downloaded and used Malwarebytes for a free trial of the full version and it got rid of some stuff, but I'm not sure what. It now comes up clean, but I've still got this malware. I've also tried the trial version of Clean My Mac 3 which found one threat described as adware. If I bought the full version, I'm wondering if it would solve this problem or am I hoping for the impossible? Answering my own question, yes probably.
Patrick,
I've looked through those and tried them but got nowhere, thanks.
Jake & Bob,
No more flash for me (when I get this sorted out) and I haven't had Java for ages.
McBie,
Yes I slipped up badly there, but it won't happen again.
All I want to do now is get this thing cleaned off my macbook.
 
Last edited:

Rod


Joined
Jun 12, 2011
Messages
9,631
Reaction score
1,834
Points
113
Location
Melbourne, Australia and Ubud, Bali, Indonesia
Your Mac's Specs
2021 M1 MacBook Pro 14" macOS 14.4.1, Mid 2010MacBook 13" iPhone 13 Pro max, iPad 6, Apple Watch SE.
I fully understand your frustration. Most of us on these forums have had similar problems from time to time and if you have the time and interest you will solve the problem. If however you don't have the time or interest and don't want to take the repair shop route then you could make a full Time Machine backup and reinstall the operating system from the Restore Partition using TM to restore folders and personal data. The down side is it takes a while to set up the way it was.
I think I would try uninstalling your browsers and reinstalling them first. You can export all of your bookmarks to Safari for safekeeping and reload them to the reinstalled versions.


Sent from my iPhone
 
OP
H
Joined
Jan 17, 2013
Messages
594
Reaction score
17
Points
18
Location
Bribie Island Qld Australia.
Your Mac's Specs
iMac, 21.5",OSX, Mojave Late 2012. Processor 2.7 GHz Intel Core i5. Memory now has 16GB. + macbook
Rod,
Thanks again. I tried Detectx Swift but I don't know what to delete. Here's a screen shot of the result. If I can't sort it out from here, it'll have to be the apple store :[ Screen Shot 2019-03-25 at 08.29.22.jpg
All the help so far is much appreciated.
 
Joined
Jan 1, 2009
Messages
15,455
Reaction score
3,811
Points
113
Location
Winchester, VA
Your Mac's Specs
MBP 16" 2023 (M3 Pro), iPhone 15 Pro, plus ATVs, AWatch, MacMinis (multiple)
When I run Detectx Swift, it returns zero, which means to me that ALL of those items are suspect. The ones with a leading "." are being hidden from you as a casual user, which is very suspect. None of them are present on my clean system. I think if you want to see what is triggering the alert, you can check on the arrow to the left of each item and it may expand. Given I haven't gotten any alerts, I can't test that for you.

If you have a current backup, I'd say just let DetectX delete all of them. If you don't have a current backup, make one, then run DetectX again and let it do its thing. If DetectX and the deletion of the suspect files then fixes the problem, make another new backup before you do anything else. From what I have read, it's particularly hard to really expunge it, but let's see what DetectX can do first.
 

krs


Joined
Sep 16, 2008
Messages
3,555
Reaction score
610
Points
113
Location
Canada
Many of us do not even consider using Flash......

I keep reading that...."don't use Flash"...and I agree, but ...........

what application can one use instead of Flash?

I have not come across an alternative and I often run into websites that require Flash to play some of the content.

I only update Flash from the Adobe website, so I haven't had any problems, but I would like to avoid using Flash completely and would love to know how.
 
Joined
Jan 1, 2009
Messages
15,455
Reaction score
3,811
Points
113
Location
Winchester, VA
Your Mac's Specs
MBP 16" 2023 (M3 Pro), iPhone 15 Pro, plus ATVs, AWatch, MacMinis (multiple)
I just go without Flash. If a site has only Flash, I just don't get the video. I can live with that. More and more sites are dropping Flash in favor of more recent and efficient formats that don't need a third party player.
 
OP
H
Joined
Jan 17, 2013
Messages
594
Reaction score
17
Points
18
Location
Bribie Island Qld Australia.
Your Mac's Specs
iMac, 21.5",OSX, Mojave Late 2012. Processor 2.7 GHz Intel Core i5. Memory now has 16GB. + macbook
I don't know what's going on here, but I got this reply from Jake (MacInWin). It hasn't come up on here.
When I run Detectx Swift, it returns zero, which means to me that ALL of those items are suspect. The ones with a leading "." are being hidden from you as a casual user, which is very suspect. None of them are present on my clean system. I think if you want to see what is triggering the alert, you can check on the arrow to the left of each item and it may expand. Given I haven't gotten any alerts, I can't test that for you.

If you have a current backup, I'd say just let DetectX delete all of them. If you don't have a current backup, make one, then run DetectX again and let it do its thing. If DetectX and the deletion of the suspect files then fixes the problem, make another new backup before you do anything else. From what I have read, it's particularly hard to really expunge it, but let's see what DetectX can do first.

I'll have a try at that and see what happens.
 
Joined
Jan 1, 2009
Messages
15,455
Reaction score
3,811
Points
113
Location
Winchester, VA
Your Mac's Specs
MBP 16" 2023 (M3 Pro), iPhone 15 Pro, plus ATVs, AWatch, MacMinis (multiple)
Pete, it is post #16. Don't know why you can't see it here.
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top