Safely getting a file from a Mac computer with malware

3

A family member has a MacBook Pro with a file I need on it, but it’s pretty clear the Mac has some sort of malware on it.

Regular Internet browsing—mostly via Google Chrome—opens up ad tabs on responsible sites like Google, the computer runs extremely slow, there are a number of weird problems with it, and it’s main user basically downloads everything and anything that looks interesting on the Internet, including JAR files.

I’m trying to access the file from my Mac, which I keep clean, and I’m worried about infecting my computer. Yes, I understand Mac malware is rare, but it’s almost certainly there, and I’d like to know how to safely use a file from that machine.

I believe the computer is running Mac OS X 10.7, though I will update this post once I’m certain of that. The Mac I’m trying to copy the file to is running Mac OS X 10.6.8. The file itself is a .prproj (Adobe Premiere Pro) file, and the only application that will be running it (on either computer)—besides “Finder”—is “Adobe Premiere Pro.”

TheEnvironmentalist

Posted 2015-03-22T06:37:00.747

Reputation: 171

1Please edit your question to add details as to what version of Mac OS X the system is running, what browser this behavior shows up in and such. None of this behavior sounds correct, but I find it hard to believe it’s malware. – JakeGould – 2015-03-22T06:41:27.787

Chrome, mostly. Strange processes are constantly running, many behaviors on the computer trigger ads, and the main user regularly runs JAR files downloaded off of the internet, which even with Java's built-in safety features, is more than enough to allow changes to core functionality. – TheEnvironmentalist – 2015-03-22T06:50:15.560

1@JakeGould I am the last person to normally suspect malware on a Mac, but frankly this main user tends to be quite irresponsible with normal security precautions, and even after reinstallation of trouble programs (I mentioned ads are popping up in Chrome) the problem reappears. – TheEnvironmentalist – 2015-03-22T06:54:37.953

1Just posted an answer. Seems like Macs are not vulnerable to “malware” as much as “adware” and there are multiple/free ways to tackle this issue. All free. Some point and click and others more detailed in their manual forensics. Hope this helps. It definitely just educated me! – JakeGould – 2015-03-22T07:00:59.360

Answers

2

A family member has a MacBook Pro with a file I need on it, but it’s pretty clear the Mac has some sort of malware on it.

Regular Internet browsing—mostly via Google Chrome—opens up ad tabs on responsible sites like Google, the computer runs extremely slow, there are a number of weird problems with it, and it’s main user basically downloads everything and anything that looks interesting on the Internet, including JAR files.

I was initially skeptical of there being any “malware” in Mac OS X, but it does seem that Mac OS X is prone to “adware” as described in this official Apple support article:

Ad-injection software is advertising-supported software that can come from third-party download sites. Software that you download from such sites may have been customized to install both the software you want and the ad-injection software. If your Mac has ad-injection software installed, you might see pop-up windows, ads, and graphics while surfing the web, even if "Block pop-up windows" is selected in Safari preferences. Ad-injection software might also change your homepage and preferred search engine.

The list of the specific files mentioned in that article might seem like a lot of stuff to deal with. But I would trust that list to be accurate and—if you are comfortable with the command line—you should be able to clean up that mess within an hour or so.

If not, AdwareMedic seems like a decent “donationware” solution that is updated fairly regularly. And Sophos Anti-Virus for Mac OS X seems like another good option—since they offer a free “home” version—and has detailed usage instructions as well.

Which is all to say, without knowing how the adware burrows it’s way into the system, your best bet is to do your relative a “solid” an clean up their system for them. And once it’s all nice and clean, grab the file you need and move onto other things.

JakeGould

Posted 2015-03-22T06:37:00.747

Reputation: 38 217

Asked: 2015-03-22T06:37:00.747

Viewed: 121 times

Active: 2015-03-22T07:10:39.480