The Safe Mac

Follow The Safe Mac on Twitter to stay advised of the latest Mac security news!


Adware Removal Guide

Published November 7th, 2013 at 3:36 PM EDT, modified July 25th, 2014 at 12:07 PM EDT

adware

Adware has been a plague on the Windows world for years. Unfortunately, this plague has begun to spread to the Mac as well. There are a number of different programs out there that serve no useful purpose except to shove ads in your face, all just to make money for the developer of the adware. Because it lives in the borderline between malware and legit software, though, detection by anti-virus software can be very hit-or-miss. This can make removal difficult.

Where does it come from?

Adware often comes packaged in installers for other software. Most often, this is because something was downloaded illegally from a torrent or piracy site. Sometimes it is because it has been added to a legit piece of software by an unscrupulous download site. (Even well-known download sites, such as Download.com and Softonic, have resorted to this kind of unethical behavior, and should never be used.) Other times it is because a developer has opted to use an adware-riddled installer, provided with incentives from the adware creator, to distribute their software. It could even be installed through deceit, by pretending to be something that it is not in order to trick the user into installing it. (This last type is usually the only type that is detected as malware by anti-virus software.)

What are the symptoms?

The most typical symptom of such adware is the display of advertisements on your Mac where none should exist. Adware also will often change your browser’s home page and search engine settings, and may even cause redirects from legit sites to sites constructed for the financial benefit of the adware developer. It can also cause secondary problems, such as web pages displaying incorrectly (due to insertion of foreign HTML code) or browser crashes.

However, problems with unwanted ads in the web browser are not necessarily caused by adware on your computer. They could also be caused by a compromised network or a problem with the site itself.

Step 1: Run the Adware Removal Tool

Download and run The Safe Mac’s Adware Removal Tool. It will scan your system and remove any known adware automatically. Be sure to pay attention to all prompts, as you may need to decide whether or not to delete certain preference files, or may need to restart the computer and then run the script again. Read the prompts carefully, and be sure you understand and follow all instructions.

If you feel uncomfortable running a script downloaded from a website that you may not have ever heard of before today – which is perfectly reasonable – then you can try the manual removal instructions instead. If you opt for manual removal, be sure to follow the directions very carefully! Be aware that, for some adware, there is some risk involved with manual removal if you accidentally delete the wrong thing or don’t follow the instructions carefully. Some adware can cause your system to crash and be unable to start back up if the instructions aren’t followed carefully!

Step 2: Check for other causes

If you don’t find any signs of adware, your problems may not actually be caused by adware at all. You may be on a compromised network, or an ad-supported wifi network. You may also be looking at a site that has been hacked, or even just an ordinary bad site. For help figuring out where the problem might be, see the Other Causes page in this guide.

Step 3: Report new adware

If you have followed the instructions in the first two steps carefully, but you found no adware in step 1 and the tests in step 2 indicate that the problem is due to adware, you can download the TSM System Reporter and use it to scan your system and send me a report. This is important for detecting new adware.

Don’t be shy about sending reports if you think you may have something new. However, please do not send me reports if you have not completed both steps 1 and 2! I get a lot of reports from people who have not done so, and those reports often show adware that would have been removed by the Adware Removal Tool. You will save yourself (and me) a lot of time by following the directions the first time, rather than waiting for a response from me telling you to go back and follow the directions!

Note that this page is a work-in-progress, and probably always will be. If you find adware not described on these pages, or find that known adware is behaving in ways other than as described here, please contact me!


This page and all contents (unless otherwise noted) copyright 2011-2014 by Thomas Reed.
For questions or comments, please contact me.