Do You Have Malware?

The Malware/Adware “Manual”

If you have any of the following “programs” on your Mac then you have Malware:

Spigot
Spigot is an adware company responsible for a number of different adware programs.

Crossrider
Crossrideris a very suspicious search engine, which has been accused for continuous redirects to unknown websites, altered search results, tracking of people's search sessions and similar problems that can't be ignored.

Genieo
Genieo is still pulling many ofthe same tricks – changing the search engine to Bing, and installing all kinds of junk that runs in the background and modifies browser behavior.

iLivid
iLivid takes over websites and automatically downloads unless you kill the browser window. It seems to like sites where you're expecting a download and exploits your expectation that you're getting the download you want.

OperatorMac
This adware will redirect you to different pages and inject content, such as an odd set of navigation controls floating over the page, into pages in your web browser.

WalletBee
WalletBee is promoted as a useful tool that’s supposed to help people save time and money. However, security experts have already attributed it to an adware or potentially unwanted program, which may initiate various undesirable operations, such as redirects, ads, and other things. In addition, it may also record your browsing activities and collect various information.

OneSearch
Onesearch is a program that’s bundled with other free software downloaded off of the Internet. Once installed it will set the homepage and search engine for any installed browsers to search.onesearch.org without your permission.

JDI Backup
just read this: http://www.backupreview.com/mypcbackup-justcloud-zipcloud/

Mac Keeper
MacKeeper provides questionable value to most users, can destabilize an otherwise stable Mac, and embeds itself so thoroughly into the operating system that removing it is an uncomfortable and weird process.

MegaBackup
MegaBackup exemplifies misleading software that attempts to convince Mac users to purchase the license under false pretenses.

Advanced Mac Cleaner
Advanced Mac Cleaner floods the victim’s experience with annoying warning messages. It dupes the user into thinking that their machine has got numerous problems hindering normal performance.

Shoppy
Shoppy is an adware program, that displays pop-up ads and advertisements on web pages that you visit. These advertisements will be shown as boxes containing various coupons that are available, as underlined keywords, pop-up ads or advertising banners.

ZipCloud
is some sort of cloud-storage service with a doubtful reputation. The OS X client is sometimes distributed along with the "SearchProtect" malware. Although ZipCloud may not be malicious itself, it should be deemed suspect by virtue of the company it keeps.

Please note the above is NOT a complete list - just a few of the bad guys we’ve come across. The list does continue to grow though and we will stay on top of it. How can you tell if you have any of these? Use Spotlight - that's the "magnifying glass" top right hand corner of your Mac - click on it and type in any of these bad guys name. If you get a hit on your computer than you have it.

Adware was unheard of on the Mac just a couple years ago. It’s now so prevalent that we install our CapMac Health Check, which detects Mal/Adware, on almost every computer that comes in for service.

Adware comes from bad download sites, however, the vast majority of adware seems to come from torrents, sites offering “free” video streaming, or pop ups (Flash Player). Why is the problem getting worse?

Obviously, the people behind all this are having success making money from it. Advertisers are spending lots of money to put ads on your computer screen, and often they don’t understand exactly who they’re doing business with or how their online advertising is going to work. Unethical hackers also frequently take advantage of advertising networks, using tricks to put ads in front of users’ eyes in such a way that they get paid for it. Worst of all are the advertisers who don’t care how they advertise, like the makers of certain junk Mac utility apps which are often promoted through adware.

What should I do in the meantime?

Avoiding adware is quite easy, if you’re careful about what you download.

• Have us install our HealthCheck program
• Never download anything from any third-party download site, because there may be an adware payload.
• Avoid “impulse downloads” - don’t download some cool-sounding app without doing a little research first.
• Only download apps directly from the developer’s site - do not click on the "Install Flash" pop-up!
• Neverengage in software or media piracy.
• Some torrents may be used for legitimate purposes, but I recommend avoiding torrents in general, since their primary use these days is piracy.
• Don’t go to questionable video streaming sites – get your video fix only from legit sources, such as iTunes, Amazon, Netflix, Hulu or the websites of the various TV networks and movie studios.
• Read the license agreement in any installer you run, and pay close attention to any mention of special offers. Even if there’s a check box to allow you to opt out of a special offer, quit the installer immediately and throw it away such check boxes are not always respected, and you may get the adware or other junk software installed regardless of what the check box says.

Installing anti-virus software won’t help as it doesn’t detect most adware, and if it does, it won’t be able to properly remove it. I’ve seen plenty of people who have gotten adware despite having anti-virus software installed, and I’ve also seen plenty of people whose anti-virus software completely failed to remove the adware. In fact, in at least one recent case, the anti-virus software screwed up the removal so badly that the Macwasn’t able to start up any longer. (This is a possible side-effect of the Genieo adware, if it is removed improperly.)