I hate to confess, but I made a terrible mistake… and it is embarrassing to write about it. The other day, I was looking for a math worksheet for my daughter. I went on a legit website, and clicked on the image to print. I was redirected on a page to update Adobe Flash. I never do that kind of things. It always smells fishy. But this time, my daughter is next to me whining. My son is playing with his noisy electric circuit. I have a online meeting coming up soon. I didn’t think too much… and I clicked on “update!” As it started to do things, I was thinking “not good…” I tried to cancel, but too late. Safari redirected me to searchmine.net.
I was hoping it was not a big deal. I googled how to remove searchmine, and did a few things: get rid of any weird application, cleared caches, private information, extensions, looked at homepage, installed Malwarebytes, Avast, ComboCleaner (free to scan, but not to remove threats. What a scam! Hey ComboCleaner, if you’re not free, just say it!). SearchMine was still there.
Last thing to do: remove Mac OS profile configuration. BUT I was not able to do it. Profiles was greyed out:
Only solution: use command lines since I was admin on my machine. First, list the profiles:
sudo profile -L
The list was like:
_computerlevel attribute: profileIdentifier: some sort of ID _computerlevel attribute: profileIdentifier: some sort of ID _computerlevel attribute: profileIdentifier: com.mycouponsmart.safari.XXXXXXXXXXXXXXXXXXXXXX _computerlevel attribute: profileIdentifier: some sort of ID
Finally I see the culprit… To get rid of it, I removed it with this command line:
sudo profiles -R -p com.mycouponsmart.safari.XXXXXXXXXXXXXXXXXXXXXX
And that’s it! no more searchmine! Here are the lessons I have learned:
- Hate Adobe Flash!
- Hate myself for clicking on “Update.” I should have followed my instinct… If needed, go to the official website to download what you need.
- Never assume you are too smart to avoid malwares.
- Never assume Mac OS is free from malwares.