Removing Malware

Buttercup · October 1, 2020, 3:04am

There is a similar thread to this from which I got some useful advice but my questions are different so I’m posting this.
I carelessly downloaded a rogue copy of Flash Player while hastily searching for a uTube video. Yahoo took over my Firefox browser until an internet search pointed me to FractionData malware.
A. disposed of that, did a safe startup and hunted for suspicious file fragments and anything added on the same day as the Flash D/L. Then I ran Malwarebytes Free. It only found one file: Adware.operatorMac; quarantined that and searched for fragments.
B. checked extensions/add-ons to both Safari and Firefox and removed any offenders, restarting after.
C. Activity Monitor has very little CPU in use.

Now I’d like to know if I should install a virus protection program or just not do anything careless again. I’m normally super-cautious. If so, what is recommended, please? I don’t mind buying one if that’s best.
I don’t normally use Safari as I find it terribly slow. Is that an indicator that something is wrong?
Firefox, my preferred browser, is slow to start but responds quickly once it’s running. Is that normal? There have been no more page hijackings.
Other apps. such as TextEdit and mail, have been slow to start and sluggish in use, as well.
While searching for info on Adobe I came across a reference to security flaws in Acrobat Reader, which I use frequently. Would those have been fixed by updates?
https://www.macobserver.com/news/adobe-acrobat-reader-flaw-macos/

CVE-ID
CVE-2020-9613
Learn more at National Vulnerability Database (NVD)
• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a security bypass vulnerability. Successful exploitation could lead to security feature bypass.
I found a record of 2020.006.20042 having D/L in March (?) Would that have been fixed in later updates, please?
Running 10.12.6 2009 MacBook Pro.
Would sincerely appreciate advice, especially about the need for a virus protection program.

I do have an unsullied backup as i don’t leave the backup drive connected and hadn’t done one since the problem.

Thank you.
I’ll be off-line for a couple of hours but will respond then.

DogKnight · October 1, 2020, 2:50pm

Seems like you’ve followed most of the steps to remove it.
Good resource here: Remove FractionData browser hijacker (Virus Removal Guide)

Generally, it can’t hurt too much to have some security software installed. Malwarebytes, kaspersky, or other reputable vendors. You may have to base your choice over system requirements given you are running a slightly older version of MacOS.
Definitely recommend you make sure to update all programs to the latest versions. Security related updates are included as often as new features in many programs.

Buttercup · October 2, 2020, 12:49am

Thanks for the reply DogKnight. Malwarebytes is the site where I got some of the info and the free download. I’ll look into a a subscription/purchase of something preventative. If I understand correctly the free version of Malwarebytes currently on the system will only identify an intruder after the fact, not block it or clean it up?
I do update programs when I am aware of an update but will systematically check everything now.
Pages says there’s an update but I’d have to go to an Apple store to do it.
Are word-processing programs vulnerable or would they just act as a carrier for something introduced elsewhere?
My laptop is very slow. Do you think Clean My Mac, recommended on this forum several times, would help that?
Thanks again for your response. I appreciate it.

JRWhy · October 4, 2020, 5:11am

I have Kaspersky Internet Security installed on my Mac …just to be on the safe side. It gives excellent protection from all kinds of malware/viruses etc. and only costs $9.89 for 1 device for 1 year. You can also get a licence to cover 3 devices (Mac, Windows and Android) for 1 year for $12.50 from saveonit.com.au. In case you’re wondering…yes, that site is completely legit and the only connection I have with it is just as a repeat customer and can thoroughly recommend it.

Also an app called “Onyx” is available to clean up old files and check and repair disk permissions which can slow down a computer

Buttercup · October 5, 2020, 6:01am

Thank you JRWhy. I’ll look into that. Sounds very reasonable for the time.
I’ll also look into Onyx as there are bits and pieces all over the place and it’s a slow process looking for them one-by-one.

DogKnight · October 6, 2020, 5:53am

Seems like they are selling off OEM licenses. Designed to be sold/packaged with a computer purchase. They would be legit, just be aware that there is occasionally stipulations around technical support that is available to those with OEM licenses. From memory, with Kaspersky it was limited to email support. Phone support was not included.
However its been a few years since I last worked there, let alone dealt with support.

Buttercup · October 7, 2020, 4:32am

Just ordered Total Security and apparently Live Chat is available for assistance.

Thank you all for the assistance.