![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Mac malware advice
May. 21st, 2021 10:43 amI have spent a few hours over the last two days trying to remove SearchBaron malware from Kirsten's Mac.
The final step, and one that I had to figure out rather than following Web tutorials, was to note that SearchBaron contrives, for each page you visit after searching with it, to add a custom Chrome search engine with that page's URL as the keyword. Which means that, if you click in the search bar from such a page, you end up at SearchBaron rather than Google.
'Reset settings' in Chrome does not delete the custom search engines, nor is there obviously a UI element for deleting them all at once.
If you scroll down to the bottom of the (obviously very long if the machine has been infected for any length of time) list you can click delete repeatedly rather than having to reposition the mouse after deleting each one manually.
There is a Chrome extension that prevents pages from setting custom search engines, which I've installed on that Mac.
Can anyone reading this think of a better (more google-juice) place I could put this writeup; I tried adding a comment on the macsecurity.net post about SearchBaron but their comment engine isn't working.
Mac malware removal has an especially bad case of malicious search-engine optimisation around it, which would be challenging to compete with.
The final step, and one that I had to figure out rather than following Web tutorials, was to note that SearchBaron contrives, for each page you visit after searching with it, to add a custom Chrome search engine with that page's URL as the keyword. Which means that, if you click in the search bar from such a page, you end up at SearchBaron rather than Google.
'Reset settings' in Chrome does not delete the custom search engines, nor is there obviously a UI element for deleting them all at once.
If you scroll down to the bottom of the (obviously very long if the machine has been infected for any length of time) list you can click delete repeatedly rather than having to reposition the mouse after deleting each one manually.
There is a Chrome extension that prevents pages from setting custom search engines, which I've installed on that Mac.
Can anyone reading this think of a better (more google-juice) place I could put this writeup; I tried adding a comment on the macsecurity.net post about SearchBaron but their comment engine isn't working.
Mac malware removal has an especially bad case of malicious search-engine optimisation around it, which would be challenging to compete with.
