SecureMac.com
About SecureMac Advertise Security Consulting Mac Security Store Send Feedback

Site Information
Site Background
Who runs the site
Advertising
Security Consulting
Employment/Jobs
Feedback Form

SecureMac Software
PrivacyScan

 

Mac OS X Security
sudo buffer overflow exploit + fix
Disable Single User Boot Mode
Malevolence - Dumping Passwords
nidump security
Startup Security - Open Firmware Password Protection

Mac OS X Network Security
SAINT
Secure FTP Wrapper
Ettercap - sniffer interceptor logger
Snort - Network Intrusion Detection System
SSH Admin
SSH Helper
xnu - enable MAC Address spoofing


Mac OS X Virus

Mac OS X Firewalls
Firewalk Firewall Utility
NetBarrier X

Mac OS X App Sec.

Mac OS X Encryption
LittleSecrets
GPGMail - PGP Functionality

Mac OS X DoS

SecureMac Library
Mac Cable Modem Security
Mac Security Auditing
Mac OS X Security Understanding
Mac OS X Security Second Lessons
Mac OS X Security Third Lesson
Mac OS X Single User Mode Root Access
Mac OS X Shareware Firewalls
Mac OS X Secure Installation
Cable & DSL Connections - Security Measures
Better Safe than Sorry
Apple.com Security Resources
Marketing Macintosh Security Programs

CNet Adware Identification and Removal Guide for Mac OS X

The links for many popular Mac apps on CNET's download.com have been replaced with a "CNET installer" that installs toolbar adware and changes browser settings. This guide shows how to identify affected apps, how to avoid the toolbar installer, how to determine if it has been installed on your system, and how to remove it if so.

Adware can be a threat to user privacy, and is used to track a user's browsing habits online. For example, the permissions for one of the Google Chrome extensions shows what these toolbars can access:

How to identify affected apps

  1. To determine if a specific app is affected, go to the CNET download.com page for that app. If you see "CNET installer Enabled" listed on the "Download Now" button, it means that the app is affected and will download the toolbar installer if you click that button.
  2. If you see "CNET Secure Download" listed on the "Download Now" button, it means that the app is not affected, and will download correctly if you click that button.

How to avoid the toolbar installer

  1. If the app you are trying to download has "CNET installer Enabled" listed on the "Download Now" button, there should be a link below the button listed as "Direct Download Link." Clicking the direct download link will download the app, and not the toolbar installer.
  2. Alternatively, you can generally download the app directly from the developer's website by clicking "See full specifications" in the sidebar on the left side of the CNET download.com page for the app, then following the link listed for "Publisher web site."
  3. The easiest way to avoid adware installers like this is to only download software through the Mac App Store, or directly from the developer's website.

Determining if the toolbars have been installed on your system

There are a number of things that will change for your web browser if the toolbars have been installed on your system. First, the home page and default search engine will both be changed to Yahoo. Additionally, various icons will be added to your browser's toolbar. For example, on Safari the toolbar appears like this:

Removing the toolbars from your system

The first step is to remove the toolbar extensions for your browser:

Safari Users

  1. In Safari, click the Safari menu, then click Preferences.
  2. On the Preferences screen, click the Extensions tab.
  3. Click the "Uninstall" button for the Searchme, Amazon Shopping Assistant, Ebay Shopping Assistant, and Slick Savings extensions.

Chrome Users

  1. In Chrome, click the Window menu, then click Extensions.
  2. On the Extensions screen, click the trash icon next to the Amazon Shopping Assistant, Domain Error Assistant, Ebay Shopping Assistant, Searchme, and Slick Savings extensions to remove them.

Firefox Users

  1. In Firefox, click the Tools menu, then click Add-ons.
  2. Click the Extensions tab in the Add-ons Manager.
  3. Click the remove button for the Amazon Shopping Assistant, Ebay Shopping Assistant, Searchme, and Slick Savings extensions.

The next step is to reset your homepage and default search engine for your browser:

Safari Users

  1. In Safari, click the Safari menu, then click Preferences.
  2. On the Preferences screen, click the General tab.
  3. Select your favorite search engine from the menu next to "Default search engine," and enter a website for your Homepage.

Chrome Users

  1. In Chrome, click the Chrome menu, then click Preferences.
  2. On the Chrome Settings page that appears, choose your favorite search engine from the list under the "Search" section. To change your home page, go to the "On startup" section, and click "Set pages" next to "Open a specific page or set of pages." Delete the startup page beginning with http://search.yahoo.com/?fr=spigot-yhp-gcmac… by clicking the X button next to it. Enter a URL for the home page you would like to set, and click the OK button.

Firefox Users

  1. In Firefox, click the small downward pointing triangle icon in the search bar, then select your favorite search engine from the drop down menu.
  2. Then, click the Firefox menu and click Preferences.
  3. On the Preferences screen that appears, click the General tab, and enter a URL for the home page that you would like to set.

 



Security + OS
DiskLock
PowerBook Security Control Panel
Empower Pro
FileGuard
FreeGuard
FoolProof
Deus Lock Master
OnGuard
Keys Off
LockOut
MacOS Algorithm
Modem Security
Password Key
PGPuam
PPF
Shift Key Suite
Stealth Signal
SuperLock Lite
SuperLock Pro
Web-Confidential


Macintosh Viruses
Disinfectant
Sophos Anti-Virus
Norton AntiVirus
Nav 7 Nav 6 Nav X
Virex - Oct
VirusBarrier - Netupdate
vScan - Discontinued.

Mac Physical Security


Macintosh Firewalls
DoorStop Firewall
Firewall Q & A
IPNetSentry
NetBarrier
Norton Personal Firewall

Mac Spyware & Privacy
Monitorer
NetShred - Delete Files Safely

Network Security
MacAnalysis
Oyabun Tools
WDTech RAE
ToolDaemon

Application Security Issues
AIM - AOL Instant Messenger
Back Orifice
Eudora E-Mail Client
Internet Configure
IE 5.1, OE 5.1, Powerpoint, Excel Vulnerability
MS Personal webServer
NetBus
Outlook Express 4.5 Password Flaw
SubSeven
Sub7ME Server

Resource Info
AppleShare Server Info

Mac OS Encryption
EnScript
FGP
FileTwister
ForgotIt?
GenPass
MacLockSmith
My-Privacy
My Secret
PGPi
PGPhone
PGP Personal
PGP Freeware
PowerCrypt-dev
Private File
Quick Encrypt
SubRosa Utilities
Tresor

Deleting Files
Eraser Pro
ShredIt

Backups

Apple Hardware

MacOS DoS
Mac Attack


All material (c) 2014 SecureMac.com and respected owners