Let me begin with why I suspect I am having a virus on my Macbook. It has to do with Safari suddenly shutting down and directly after Apple asks me for admin and password. I do not provide it, I shut it down and have to do so 3 times before it closes. In most cases I would not be suspicious about this - yet there is some concern and I'll describe it now.
About 3 weeks ago I was in a hurry to upload something through ftp. But the trial time of my ftp program had expired and I didn't want to pay for a program I use 2 times per year. So I did a quick search on google and found a random program that I downloaded. I installed it a bit premature. As it was installing I realized that I was installing a bunch of other programs as well and I hit the panic button, killed the wifi and forced the installation to shut down. Meanwhile, I realized it was too late. A Safari window opens up - that was not Safari. It only looks like Safari. I shut it down and it opened up again.
I use F-Secure, and it immediately flagged that something was off. I did a full scan and it found some harmful code. I also found plugins in Safari and Chrome that was not there before, so I deleted them. Since then I've conducted a few more scans and F secure does not find anything new.
But now I suffer from Safari suddenly shutting down a few times per day. Immediately there is a window that asks for admin password from apple. I do not trust this.
The other day I also observed something strange. I was working on something when Safari suddenly switched to a different window by itself before it shut down. Directly after it was shut down it opened up again. I saw in the menu that bookmarks flashed 3 times as if the mouse was trying to click on it, but the menu did not open. Safari shuts down again. When I opened it I did a google search and got search results from Yahoo. Usually, I get google. So I went into the plugins again, and yes there was a new plugin that I deactivated and removed. Did a new scan but F-secure did not find anything new.
So I am suspecting there is something in my laptop that is harmful. Has anyone had this issue before?
Sorry for my reply. I'm also only an F-Secure user (their home solutions).
And I'm not an user of Mac.
But just as my own unofficial feelings and suggestions.
I think that one option is to contact their official Support Channels (chat as example):
and ask for support against 'undetected' malicious or rogue software.
Also, some kind of own tries to investigate further (some points to doublecheck):
->> does it possible to 'reset' your browser to default state (as part of browser functionality)?
and does it possible to safely change all of your passwords (system, accounts and your ftp-credentials too). Just as sure that it is not used by 'remote' people.
->> does it possible to recover what is your downloaded 'tricky' ftp program (or from where).
Thus, it will be possible to investigate more about (does it known 'rogue'-software or only website is 'tricky' with modified software; and as potential startpoint for F-Secure Support/Labs too; what if there are undetected unknown items).
->> it is also useful to known detection names for discovered malicious or suspicious software by F-Secure scans.
Just as potential src of connections between current view and 'known' items (if current impact is result of it). Since possible to understand what kind and type of rogue software it was.
->> maybe possible to perform scan by third-party application like Malwarebytes (as trial):
it can be useful against adware and some other remained items.
This topic has been closed due to inactivity. If you would like to discuss this topic further, please start a new post.
You can reference this topic in your post by adding this link:
Visit the Community
Check our Forums or How-to & FAQs for advice or answers
View User Guides
Refer to our getting started guides and product manuals
Talk to our Support agents and get answers to your questions