RightCoupon issues!

[ThreeSwords]

Hey, I am having real trouble getting rid of this poxy thing!  I have used Malwarebytes, which got rid of another one that I had.  But this RightCoupon just doesn't seem to want to go. 

 

I have followed every guide I can find by googling and it simply will not shift.  It even has a settings option to turn it off and it still hangs around like a ball bag!

 

It only appears on sites such as eBay, Amazon etc.  Shopping sites.  

 

Can anyone help me?  I wouldn't half mind if it offered me decent gear but it's all stuff anyway haha!

 

Thanks in advance.

[ThreeSwords]

It is even coming up on this forum!  It's like they are trying to mess with my mind.  

[AdvancedSetup]

So are you using a PC or a Macintosh computer?

[ThreeSwords]

Hey sorry I'm on a MacBook Air

[AdvancedSetup]

Okay thanks. I've asked Thomas to take a look. He'll get to you as soon as he can.

 

Cheers

[treed]

Hi,

 

Is this happening in one specific browser and not in any others? Or is it happening in all browsers?

 

Can you send a system snapshot taken with Malwarebytes Anti-Malware for Mac? To do so, open Malwarebytes Anti-Malware for Mac and choose Take System Snapshot from the Scanner menu. Then, in the window that opens, select all the text (Edit → Select All), copy it and paste into a reply to this message.

[ThreeSwords]

Thanks for taking the time to look at this guys!

 

It was happening in both Safari and Chrome.  I don't really use Safari much, but I followed the steps I found on Apple forums and it fixed the issue on Safari but remains a problem in Chrome which is my main browser.  It basically happens on any shopping site.  Amazon, eBay, MyProtein etc.

 

Snapshot below.

 

Malwarebytes Anti-Malware 1.1.3.72 system report - 19 January 2016 19:24:33 GMT

Mac OS X version Version 10.10.5 (Build 14F1509)

System uptime: 0d 00:08:37

 

Safari extensions

---------------

(

)

 

Chrome extensions

---------------

(

    "Name: Google Slides",

    "Modified: 2015-10-21 18:15:37 +0000",

    "/Users/Dean/Library/Application Support/Google/Chrome/Default/Extensions/aapocclcgogkmnckokdopfmhonfmgoek",

    "Name: Google Sheets",

    "Modified: 2015-10-21 18:15:36 +0000",

    "/Users/Dean/Library/Application Support/Google/Chrome/Default/Extensions/felcaaldnbdncclmgdcncolpebgiejap",

    "Name: Google Docs Offline",

    "Modified: 2015-11-19 22:19:21 +0000",

    "/Users/Dean/Library/Application Support/Google/Chrome/Default/Extensions/ghbmnnjooekpmoecnnnilnnbdlolhkhi",

    "Name: AdBlock",

    "Modified: 2016-01-13 20:47:16 +0000",

    "/Users/Dean/Library/Application Support/Google/Chrome/Default/Extensions/gighmmpiobklfepjocnamgkkbiglidom",

    "Name: Avast Online Security",

    "Modified: 2016-01-15 23:32:22 +0000",

    "/Users/Dean/Library/Application Support/Google/Chrome/Default/Extensions/gomekmidlodglbbmalcneegieacbdmki",

    "Name: Facebook Invite All Friends PRO 2016",

    "Modified: 2016-01-05 22:27:17 +0000",

    "/Users/Dean/Library/Application Support/Google/Chrome/Default/Extensions/jjgfeibcphdoepjnmplpgbnpkngnmdmn",

    "Name: [unknown Chrome extension format]",

    "Modified: 2016-01-15 21:54:44 +0000",

    "/Users/Dean/Library/Application Support/Google/Chrome/External Extensions/ddokeinkhjjkiehmaanleebfomemminh.json",

    "Name: [unknown Chrome extension format]",

    "Modified: 2016-01-15 23:14:25 +0000",

    "/Users/Dean/Library/Application Support/Google/Chrome/External Extensions/gomekmidlodglbbmalcneegieacbdmki.json",

    "Name: [unknown Chrome extension format]",

    "Modified: 2016-01-15 21:54:45 +0000",

    "/Users/Dean/Library/Application Support/Google/Chrome/External Extensions/oghpjbnnbligjpjgojilaelgonehgnie.json"

)

 

Firefox extensions

---------------

(

)

 

Login items

---------------

(

    iTunesHelper

)

 

System startup items

---------------

(

)

 

User launch agents

---------------

(

    "/Users/Dean/Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist",

    "/Users/Dean/Library/LaunchAgents/com.avast.home.userinit.plist",

    "/Users/Dean/Library/LaunchAgents/com.avast.secureline.home.userinit.plist",

    "/Users/Dean/Library/LaunchAgents/com.bittorrent.uTorrent.plist",

    "/Users/Dean/Library/LaunchAgents/com.google.keystone.agent.plist"

)

 

System launch agents

---------------

(

    "/Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist",

    "/Library/LaunchAgents/com.adobe.AdobeCreativeCloud.plist",

    "/Library/LaunchAgents/com.avast.secureline.update-agent.plist",

    "/Library/LaunchAgents/com.avast.secureline.userinit.plist",

    "/Library/LaunchAgents/com.avast.update-agent.plist",

    "/Library/LaunchAgents/com.avast.userinit.plist"

)

 

System launch daemons

---------------

(

    "/Library/LaunchDaemons/com.adobe.adobeupdatedaemon.plist",

    "/Library/LaunchDaemons/com.adobe.agsservice.plist",

    "/Library/LaunchDaemons/com.adobe.fpsaud.plist",

    "/Library/LaunchDaemons/com.avast.init.plist",

    "/Library/LaunchDaemons/com.avast.secureline.init.plist",

    "/Library/LaunchDaemons/com.avast.secureline.uninstall.plist",

    "/Library/LaunchDaemons/com.avast.secureline.update.plist",

    "/Library/LaunchDaemons/com.avast.uninstall.plist",

    "/Library/LaunchDaemons/com.avast.update.plist",

    "/Library/LaunchDaemons/com.malwarebytes.MBAMHelperTool.plist"

)

 

Kernel extensions

---------------

(

    "/System/Library/Extensions/acfs.kext",

    "/System/Library/Extensions/acfsctl.kext",

    "/System/Library/Extensions/ALF.kext",

    "/System/Library/Extensions/AMD2400Controller.kext",

    "/System/Library/Extensions/AMD2600Controller.kext",

    "/System/Library/Extensions/AMD3800Controller.kext",

    "/System/Library/Extensions/AMD4600Controller.kext",

    "/System/Library/Extensions/AMD4800Controller.kext",

    "/System/Library/Extensions/AMD5000Controller.kext",

    "/System/Library/Extensions/AMD6000Controller.kext",

    "/System/Library/Extensions/AMD7000Controller.kext",

    "/System/Library/Extensions/AMD8000Controller.kext",

    "/System/Library/Extensions/AMD9000Controller.kext",

    "/System/Library/Extensions/AMDFramebuffer.kext",

    "/System/Library/Extensions/AMDRadeonX3000.kext",

    "/System/Library/Extensions/AMDRadeonX4000.kext",

    "/System/Library/Extensions/AMDSupport.kext",

    "/System/Library/Extensions/Apple16X50Serial.kext",

    "/System/Library/Extensions/Apple16X50Serial.kext/Contents/PlugIns/Apple16X50ACPI.kext",

    "/System/Library/Extensions/Apple_iSight.kext",

    "/System/Library/Extensions/AppleACPIPlatform.kext",

    "/System/Library/Extensions/AppleACPIPlatform.kext/Contents/PlugIns/AppleACPIButtons.kext",

    "/System/Library/Extensions/AppleACPIPlatform.kext/Contents/PlugIns/AppleACPIEC.kext",

    "/System/Library/Extensions/AppleAHCIPort.kext",

    "/System/Library/Extensions/AppleAPIC.kext",

    "/System/Library/Extensions/AppleBacklight.kext",

    "/System/Library/Extensions/AppleBacklightExpert.kext",

    "/System/Library/Extensions/AppleBluetoothMultitouch.kext",

    "/System/Library/Extensions/AppleBMC.kext",

    "/System/Library/Extensions/AppleCameraInterface.kext",

    "/System/Library/Extensions/AppleCredentialManager.kext",

    "/System/Library/Extensions/AppleEFIRuntime.kext",

    "/System/Library/Extensions/AppleEFIRuntime.kext/Contents/PlugIns/AppleEFINVRAM.kext",

    "/System/Library/Extensions/AppleFDEKeyStore.kext",

    "/System/Library/Extensions/AppleFileSystemDriver.kext",

    "/System/Library/Extensions/AppleFIVRDriver.kext",

    "/System/Library/Extensions/AppleFSCompressionTypeDataless.kext",

    "/System/Library/Extensions/AppleFSCompressionTypeZlib.kext",

    "/System/Library/Extensions/AppleFWAudio.kext",

    "/System/Library/Extensions/AppleGraphicsControl.kext",

    "/System/Library/Extensions/AppleGraphicsControl.kext/Contents/PlugIns/AppleGraphicsDeviceControl.kext",

    "/System/Library/Extensions/AppleGraphicsControl.kext/Contents/PlugIns/AppleGraphicsDevicePolicy.kext",

    "/System/Library/Extensions/AppleGraphicsControl.kext/Contents/PlugIns/AppleMGPUPowerControl.kext",

    "/System/Library/Extensions/AppleGraphicsControl.kext/Contents/PlugIns/AppleMuxControl.kext",

    "/System/Library/Extensions/AppleGraphicsControl.kext/Contents/PlugIns/ApplePolicyControl.kext",

    "/System/Library/Extensions/AppleGraphicsPowerManagement.kext",

    "/System/Library/Extensions/AppleHDA.kext",

    "/System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/AppleHDAController.kext",

    "/System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/AppleHDAHardwareConfigDriver.kext",

    "/System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/AppleMikeyDriver.kext",

    "/System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/DspFuncLib.kext",

    "/System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/IOHDAFamily.kext",

    "/System/Library/Extensions/AppleHIDKeyboard.kext",

    "/System/Library/Extensions/AppleHIDKeyboard.kext/Contents/PlugIns/AppleBluetoothHIDKeyboard.kext",

    "/System/Library/Extensions/AppleHIDKeyboard.kext/Contents/PlugIns/AppleUSBBuiltinHIDKeyboard.kext",

    "/System/Library/Extensions/AppleHIDKeyboard.kext/Contents/PlugIns/AppleUSBHIDKeyboard.kext",

    "/System/Library/Extensions/AppleHIDMouse.kext",

    "/System/Library/Extensions/AppleHIDMouse.kext/Contents/PlugIns/AppleBluetoothHIDMouse.kext",

    "/System/Library/Extensions/AppleHIDMouse.kext/Contents/PlugIns/AppleUSBHIDMouse.kext",

    "/System/Library/Extensions/AppleHPET.kext",

    "/System/Library/Extensions/AppleHPM.kext",

    "/System/Library/Extensions/AppleHSSPIHIDDriver.kext",

    "/System/Library/Extensions/AppleHSSPISupport.kext",

    "/System/Library/Extensions/AppleHV.kext",

    "/System/Library/Extensions/AppleHWAccess.kext",

    "/System/Library/Extensions/AppleHWSensor.kext",

    "/System/Library/Extensions/AppleIntelBDWGraphics.kext",

    "/System/Library/Extensions/AppleIntelBDWGraphicsFramebuffer.kext",

    "/System/Library/Extensions/AppleIntelCPUPowerManagement.kext",

    "/System/Library/Extensions/AppleIntelCPUPowerManagementClient.kext",

    "/System/Library/Extensions/AppleIntelFramebufferAzul.kext",

    "/System/Library/Extensions/AppleIntelFramebufferCapri.kext",

    "/System/Library/Extensions/AppleIntelHD3000Graphics.kext",

    "/System/Library/Extensions/AppleIntelHD4000Graphics.kext",

    "/System/Library/Extensions/AppleIntelHD5000Graphics.kext",

    "/System/Library/Extensions/AppleIntelHDGraphics.kext",

    "/System/Library/Extensions/AppleIntelHDGraphicsFB.kext",

    "/System/Library/Extensions/AppleIntelLpssDmac.kext",

    "/System/Library/Extensions/AppleIntelLpssGspi.kext",

    "/System/Library/Extensions/AppleIntelLpssI2C.kext",

    "/System/Library/Extensions/AppleIntelLpssI2CController.kext",

    "/System/Library/Extensions/AppleIntelLpssSpiController.kext",

    "/System/Library/Extensions/AppleIntelLpssUART.kext",

    "/System/Library/Extensions/AppleIntelMCEReporter.kext",

    "/System/Library/Extensions/AppleIntelSlowAdaptiveClocking.kext",

    "/System/Library/Extensions/AppleIntelSNBGraphicsFB.kext",

    "/System/Library/Extensions/AppleIRController.kext",

    "/System/Library/Extensions/AppleKextExcludeList.kext",

    "/System/Library/Extensions/AppleKeyStore.kext",

    "/System/Library/Extensions/AppleKeyswitch.kext",

    "/System/Library/Extensions/AppleLPC.kext",

    "/System/Library/Extensions/AppleLSIFusionMPT.kext",

    "/System/Library/Extensions/AppleMatch.kext",

    "/System/Library/Extensions/AppleMCCSControl.kext",

    "/System/Library/Extensions/AppleMCEDriver.kext",

    "/System/Library/Extensions/AppleMCP89RootPortPM.kext",

    "/System/Library/Extensions/AppleMikeyHIDDriver.kext",

    "/System/Library/Extensions/AppleMobileDevice.kext",

    "/System/Library/Extensions/AppleMobileFileIntegrity.kext",

    "/System/Library/Extensions/AppleMultitouchDriver.kext",

    "/System/Library/Extensions/AppleOSXWatchdog.kext",

    "/System/Library/Extensions/ApplePlatformEnabler.kext",

    "/System/Library/Extensions/AppleRAID.kext",

    "/System/Library/Extensions/AppleRAIDCard.kext",

    "/System/Library/Extensions/AppleRTC.kext",

    "/System/Library/Extensions/AppleSDXC.kext",

    "/System/Library/Extensions/AppleSEP.kext",

    "/System/Library/Extensions/AppleSmartBatteryManager.kext",

    "/System/Library/Extensions/AppleSMBIOS.kext",

    "/System/Library/Extensions/AppleSMBusController.kext",

    "/System/Library/Extensions/AppleSMBusPCI.kext",

    "/System/Library/Extensions/AppleSMC.kext",

    "/System/Library/Extensions/AppleSMCLMU.kext",

    "/System/Library/Extensions/AppleSRP.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/AppleATAPIStorage.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/AppleFireWireStorage.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/AppleHollywood.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/AppleMemorexCDROMDriver.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/AppleUSBCardReader.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/AppleUSBODD.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/AppleUSBTDM.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/AppleXserveRAID.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/CanonEOS1D.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/FireWireStorageDeviceSpecifics.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/FWPreferredProtocolSpeed.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/initioFWBridge.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/IOFireWireSerialBusProtocolSansPhysicalUnit.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/LSI-FW-500.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/MaxTranserSizeOverrideDriver.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/MKE-LF-D211A.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/MKE-SR-8171.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/OxfordSemiconductor.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/PioneerSuperDrive.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/PlasmonUDO.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/PreventMediaMountDriver.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/QPSQueFire.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/SanyoIDShot.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/SonyXDCAMDriver.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/StorageLynx.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/UFIWriteProtectedMediaDriver.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/USBStorageDeviceSpecifics.kext",

    "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/WriteProtectedMediaDriver.kext",

    "/System/Library/Extensions/AppleThunderboltDPAdapters.kext",

    "/System/Library/Extensions/AppleThunderboltDPAdapters.kext/Contents/PlugIns/AppleThunderboltDPAdapterFamily.kext",

    "/System/Library/Extensions/AppleThunderboltDPAdapters.kext/Contents/PlugIns/AppleThunderboltDPInAdapter.kext",

    "/System/Library/Extensions/AppleThunderboltDPAdapters.kext/Contents/PlugIns/AppleThunderboltDPOutAdapter.kext",

    "/System/Library/Extensions/AppleThunderboltEDMService.kext",

    "/System/Library/Extensions/AppleThunderboltEDMService.kext/Contents/PlugIns/AppleThunderboltEDMSink.kext",

    "/System/Library/Extensions/AppleThunderboltEDMService.kext/Contents/PlugIns/AppleThunderboltEDMSource.kext",

    "/System/Library/Extensions/AppleThunderboltIP.kext",

    "/System/Library/Extensions/AppleThunderboltNHI.kext",

    "/System/Library/Extensions/AppleThunderboltPCIAdapters.kext",

    "/System/Library/Extensions/AppleThunderboltPCIAdapters.kext/Contents/PlugIns/AppleThunderboltPCIDownAdapter.kext",

    "/System/Library/Extensions/AppleThunderboltPCIAdapters.kext/Contents/PlugIns/AppleThunderboltPCIUpAdapter.kext",

    "/System/Library/Extensions/AppleThunderboltUTDM.kext",

    "/System/Library/Extensions/AppleTopCase.kext",

    "/System/Library/Extensions/AppleTopCase.kext/Contents/PlugIns/AppleTopCaseActuatorHIDDriver.kext",

    "/System/Library/Extensions/AppleTopCase.kext/Contents/PlugIns/AppleTopCaseHIDEventDriver.kext",

    "/System/Library/Extensions/AppleTopCase.kext/Contents/PlugIns/AppleUSBTopCaseDriver.kext",

    "/System/Library/Extensions/AppleTyMCEDriver.kext",

    "/System/Library/Extensions/AppleUpstreamUserClient.kext",

    "/System/Library/Extensions/AppleUSBAudio.kext",

    "/System/Library/Extensions/AppleUSBDisplays.kext",

    "/System/Library/Extensions/AppleUSBEthernetHost.kext",

    "/System/Library/Extensions/AppleUSBMultitouch.kext",

    "/System/Library/Extensions/AppleUSBTopCase.kext",

    "/System/Library/Extensions/AppleUSBTopCase.kext/Contents/PlugIns/AppleUSBTCButtons.kext",

    "/System/Library/Extensions/AppleUSBTopCase.kext/Contents/PlugIns/AppleUSBTCKeyboard.kext",

    "/System/Library/Extensions/AppleUSBTopCase.kext/Contents/PlugIns/AppleUSBTCKeyEventDriver.kext",

    "/System/Library/Extensions/AppleUSBTopCase.kext/Contents/PlugIns/AppleUSBTrackpad.kext",

    "/System/Library/Extensions/AppleWWANAutoEject.kext",

    "/System/Library/Extensions/AppleXsanFilter.kext",

    "/System/Library/Extensions/ATIRadeonX2000.kext",

    "/System/Library/Extensions/AudioAUUC.kext",

    "/System/Library/Extensions/autofs.kext",

    "/System/Library/Extensions/BootCache.kext",

    "/System/Library/Extensions/cd9660.kext",

    "/System/Library/Extensions/cddafs.kext",

    "/System/Library/Extensions/CellPhoneHelper.kext",

    "/System/Library/Extensions/corecrypto.kext",

    "/System/Library/Extensions/CoreStorage.kext",

    "/System/Library/Extensions/CoreStorage.kext/Contents/PlugIns/CoreStorageFsck.kext",

    "/System/Library/Extensions/Dont Steal Mac OS X.kext",

    "/System/Library/Extensions/exfat.kext",

    "/System/Library/Extensions/GeForce.kext",

    "/System/Library/Extensions/GeForceTesla.kext",

    "/System/Library/Extensions/IO80211Family.kext",

    "/System/Library/Extensions/IO80211Family.kext/Contents/PlugIns/AirPortAtheros40.kext",

    "/System/Library/Extensions/IO80211Family.kext/Contents/PlugIns/AirPortBrcm4331.kext",

    "/System/Library/Extensions/IO80211Family.kext/Contents/PlugIns/AirPortBrcm4360.kext",

    "/System/Library/Extensions/IO80211Family.kext/Contents/PlugIns/AppleAirPortBrcm43224.kext",

    "/System/Library/Extensions/IO80211Family.kext/Contents/PlugIns/IO80211NetBooter.kext",

    "/System/Library/Extensions/IOAcceleratorFamily.kext",

    "/System/Library/Extensions/IOAcceleratorFamily2.kext",

    "/System/Library/Extensions/IOACPIFamily.kext",

    "/System/Library/Extensions/IOAHCIFamily.kext",

    "/System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCIBlockStorage.kext",

    "/System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCIPassThrough.kext",

    "/System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCISerialATAPI.kext",

    "/System/Library/Extensions/IOATAFamily.kext",

    "/System/Library/Extensions/IOATAFamily.kext/Contents/PlugIns/AppleIntelPIIXATA.kext",

    "/System/Library/Extensions/IOATAFamily.kext/Contents/PlugIns/IOATABlockStorage.kext",

    "/System/Library/Extensions/IOATAFamily.kext/Contents/PlugIns/IOATAPIProtocolTransport.kext",

    "/System/Library/Extensions/IOAudio2Family.kext",

    "/System/Library/Extensions/IOAudioFamily.kext",

    "/System/Library/Extensions/IOAVBFamily.kext",

    "/System/Library/Extensions/IOAVBFamily.kext/Contents/PlugIns/IOAVBDiscoveryPlugin.kext",

    "/System/Library/Extensions/IOAVBFamily.kext/Contents/PlugIns/IOAVBPlugin.kext",

    "/System/Library/Extensions/IOAVBFamily.kext/Contents/PlugIns/IOMRPPlugin.kext",

    "/System/Library/Extensions/IOBDStorageFamily.kext",

    "/System/Library/Extensions/IOBluetoothFamily.kext",

    "/System/Library/Extensions/IOBluetoothFamily.kext/Contents/PlugIns/BroadcomBluetoothHostControllerUSBTransport.kext",

    "/System/Library/Extensions/IOBluetoothFamily.kext/Contents/PlugIns/CSRBluetoothHostControllerUSBTransport.kext",

    "/System/Library/Extensions/IOBluetoothFamily.kext/Contents/PlugIns/CSRHIDTransitionDriver.kext",

    "/System/Library/Extensions/IOBluetoothFamily.kext/Contents/PlugIns/IOBluetoothHostControllerUARTTransport.kext",

    "/System/Library/Extensions/IOBluetoothFamily.kext/Contents/PlugIns/IOBluetoothHostControllerUSBTransport.kext",

    "/System/Library/Extensions/IOBluetoothFamily.kext/Contents/PlugIns/IOBluetoothSerialManager.kext",

    "/System/Library/Extensions/IOBluetoothFamily.kext/Contents/PlugIns/IOBluetoothUSBDFU.kext",

    "/System/Library/Extensions/IOBluetoothHIDDriver.kext",

    "/System/Library/Extensions/IOCDStorageFamily.kext",

    "/System/Library/Extensions/IODVDStorageFamily.kext",

    "/System/Library/Extensions/IOFireWireAVC.kext",

    "/System/Library/Extensions/IOFireWireFamily.kext",

    "/System/Library/Extensions/IOFireWireFamily.kext/Contents/PlugIns/AppleFWOHCI.kext",

    "/System/Library/Extensions/IOFireWireIP.kext",

    "/System/Library/Extensions/IOFireWireIP.kext/Contents/PlugIns/IOFireWireIPPrivate.kext",

    "/System/Library/Extensions/IOFireWireSBP2.kext",

    "/System/Library/Extensions/IOFireWireSerialBusProtocolTransport.kext",

    "/System/Library/Extensions/IOGraphicsFamily.kext",

    "/System/Library/Extensions/IOHDIXController.kext",

    "/System/Library/Extensions/IOHDIXController.kext/Contents/PlugIns/AppleDiskImagesCryptoEncoding.kext",

    "/System/Library/Extensions/IOHDIXController.kext/Contents/PlugIns/AppleDiskImagesFileBackingStore.kext",

    "/System/Library/Extensions/IOHDIXController.kext/Contents/PlugIns/AppleDiskImagesHTTPBackingStore.kext",

    "/System/Library/Extensions/IOHDIXController.kext/Contents/PlugIns/AppleDiskImagesKernelBacked.kext",

    "/System/Library/Extensions/IOHDIXController.kext/Contents/PlugIns/AppleDiskImagesPartitionBackingStore.kext",

    "/System/Library/Extensions/IOHDIXController.kext/Contents/PlugIns/AppleDiskImagesRAMBackingStore.kext",

    "/System/Library/Extensions/IOHDIXController.kext/Contents/PlugIns/AppleDiskImagesReadWriteDiskImage.kext",

    "/System/Library/Extensions/IOHDIXController.kext/Contents/PlugIns/AppleDiskImagesSparseDiskImage.kext",

    "/System/Library/Extensions/IOHDIXController.kext/Contents/PlugIns/AppleDiskImagesUDIFDiskImage.kext",

    "/System/Library/Extensions/IOHIDFamily.kext",

    "/System/Library/Extensions/IOHIDFamily.kext/Contents/PlugIns/IOHIDEventDriver.kext",

    "/System/Library/Extensions/IOHIDFamily.kext/Contents/PlugIns/IOHIDEventDriverSafeBoot.kext",

    "/System/Library/Extensions/IOHIDFamily.kext/Contents/PlugIns/IOHIDSystem.kext",

    "/System/Library/Extensions/IOHIDFamily.kext/Contents/PlugIns/IOHIDUserClient.kext",

    "/System/Library/Extensions/IONDRVSupport.kext",

    "/System/Library/Extensions/IONetworkingFamily.kext",

    "/System/Library/Extensions/IONetworkingFamily.kext/Contents/PlugIns/AppleBCM5701Ethernet.kext",

    "/System/Library/Extensions/IONetworkingFamily.kext/Contents/PlugIns/AppleIntel8254XEthernet.kext",

    "/System/Library/Extensions/IONetworkingFamily.kext/Contents/PlugIns/AppleIntelI210Ethernet.kext",

    "/System/Library/Extensions/IONetworkingFamily.kext/Contents/PlugIns/AppleUSBEthernet.kext",

    "/System/Library/Extensions/IONetworkingFamily.kext/Contents/PlugIns/AppleUSBGigEthernet.kext",

    "/System/Library/Extensions/IONetworkingFamily.kext/Contents/PlugIns/AppleYukon2.kext",

    "/System/Library/Extensions/IONetworkingFamily.kext/Contents/PlugIns/Intel82574L.kext",

    "/System/Library/Extensions/IONetworkingFamily.kext/Contents/PlugIns/IOEthernetAVBController.kext",

    "/System/Library/Extensions/IONetworkingFamily.kext/Contents/PlugIns/mDNSOffloadUserClient.kext",

    "/System/Library/Extensions/IONetworkingFamily.kext/Contents/PlugIns/nvenet.kext",

    "/System/Library/Extensions/IONVMeFamily.kext",

    "/System/Library/Extensions/IOPCIFamily.kext",

    "/System/Library/Extensions/IOPlatformPluginFamily.kext",

    "/System/Library/Extensions/IOPlatformPluginFamily.kext/Contents/PlugIns/ACPI_SMC_PlatformPlugin.kext",

    "/System/Library/Extensions/IOPlatformPluginFamily.kext/Contents/PlugIns/AppleSMCPDRC.kext",

    "/System/Library/Extensions/IOPlatformPluginFamily.kext/Contents/PlugIns/IOPlatformPluginLegacy.kext",

    "/System/Library/Extensions/IOPlatformPluginFamily.kext/Contents/PlugIns/X86PlatformPlugin.kext",

    "/System/Library/Extensions/IOPlatformPluginFamily.kext/Contents/PlugIns/X86PlatformShim.kext",

    "/System/Library/Extensions/IOReportFamily.kext",

    "/System/Library/Extensions/IOSCSIArchitectureModelFamily.kext",

    "/System/Library/Extensions/IOSCSIArchitectureModelFamily.kext/Contents/PlugIns/IOSCSIBlockCommandsDevice.kext",

    "/System/Library/Extensions/IOSCSIArchitectureModelFamily.kext/Contents/PlugIns/IOSCSIMultimediaCommandsDevice.kext",

    "/System/Library/Extensions/IOSCSIArchitectureModelFamily.kext/Contents/PlugIns/IOSCSIReducedBlockCommandsDevice.kext",

    "/System/Library/Extensions/IOSCSIArchitectureModelFamily.kext/Contents/PlugIns/SCSITaskUserClient.kext",

    "/System/Library/Extensions/IOSCSIParallelFamily.kext",

    "/System/Library/Extensions/IOSerialFamily.kext",

    "/System/Library/Extensions/IOSerialFamily.kext/Contents/PlugIns/AppleUSBIrDA.kext",

    "/System/Library/Extensions/IOSerialFamily.kext/Contents/PlugIns/AppleWWANSupport.kext",

    "/System/Library/Extensions/IOSerialFamily.kext/Contents/PlugIns/AppleWWANSupport1.kext",

    "/System/Library/Extensions/IOSerialFamily.kext/Contents/PlugIns/AppleWWANSupport2.kext",

    "/System/Library/Extensions/IOSlowAdaptiveClockingFamily.kext",

    "/System/Library/Extensions/IOSMBusFamily.kext",

    "/System/Library/Extensions/IOStorageFamily.kext",

    "/System/Library/Extensions/IOStreamFamily.kext",

    "/System/Library/Extensions/IOStreamFamily.kext/Contents/PlugIns/IOStreamUserClient.kext",

    "/System/Library/Extensions/IOSurface.kext",

    "/System/Library/Extensions/IOThunderboltFamily.kext",

    "/System/Library/Extensions/IOTimeSyncFamily.kext",

    "/System/Library/Extensions/IOTimeSyncFamily.kext/Contents/PlugIns/IO8021ASPlugin.kext",

    "/System/Library/Extensions/IOUSBAttachedSCSI.kext",

    "/System/Library/Extensions/IOUSBFamily.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBCDC.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBCDCACMControl.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBCDCACMData.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBCDCDMM.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBCDCECMControl.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBCDCECMData.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBCDCEEM.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBCDCWCM.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBEHCI.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBFTDI.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBHub.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBMergeNub.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBOHCI.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBOpticalMouse.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBUHCI.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBVideoSupport.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/AppleUSBXHCI.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/IOUSBCompositeDriver.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/IOUSBHIDDriver.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/IOUSBHIDDriverPM.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/IOUSBHIDDriverSafeBoot.kext",

    "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/IOUSBUserClient.kext",

    "/System/Library/Extensions/IOUSBMassStorageClass.kext",

    "/System/Library/Extensions/IOUserEthernet.kext",

    "/System/Library/Extensions/IOVideoFamily.kext",

    "/System/Library/Extensions/IOVideoFamily.kext/Contents/PlugIns/IOVideoDeviceUserClient.kext",

    "/System/Library/Extensions/iPodDriver.kext",

    "/System/Library/Extensions/iPodDriver.kext/Contents/PlugIns/iPodSBCDriver.kext",

    "/System/Library/Extensions/L2TP.ppp/Contents/PlugIns/L2TP.kext",

    "/System/Library/Extensions/Libm.kext",

    "/System/Library/Extensions/mcxalr.kext",

    "/System/Library/Extensions/msdosfs.kext",

    "/System/Library/Extensions/ntfs.kext",

    "/System/Library/Extensions/NVDAGF100Hal.kext",

    "/System/Library/Extensions/NVDAGK100Hal.kext",

    "/System/Library/Extensions/NVDANV50HalTesla.kext",

    "/System/Library/Extensions/NVDAResman.kext",

    "/System/Library/Extensions/NVDAResmanTesla.kext",

    "/System/Library/Extensions/NVDAStartup.kext",

    "/System/Library/Extensions/NVSMU.kext",

    "/System/Library/Extensions/OSvKernDSPLib.kext",

    "/System/Library/Extensions/PPP.kext",

    "/System/Library/Extensions/PPPoE.ppp/Contents/PlugIns/PPPoE.kext",

    "/System/Library/Extensions/PPTP.ppp/Contents/PlugIns/PPTP.kext",

    "/System/Library/Extensions/pthread.kext",

    "/System/Library/Extensions/Quarantine.kext",

    "/System/Library/Extensions/Sandbox.kext",

    "/System/Library/Extensions/smbfs.kext",

    "/System/Library/Extensions/SMCMotionSensor.kext",

    "/System/Library/Extensions/System.kext",

    "/System/Library/Extensions/System.kext/PlugIns/AppleNMI.kext",

    "/System/Library/Extensions/System.kext/PlugIns/ApplePlatformFamily.kext",

    "/System/Library/Extensions/System.kext/PlugIns/BSDKernel.kext",

    "/System/Library/Extensions/System.kext/PlugIns/IOKit.kext",

    "/System/Library/Extensions/System.kext/PlugIns/IONVRAMFamily.kext",

    "/System/Library/Extensions/System.kext/PlugIns/IOSystemManagement.kext",

    "/System/Library/Extensions/System.kext/PlugIns/Libkern.kext",

    "/System/Library/Extensions/System.kext/PlugIns/MACFramework.kext",

    "/System/Library/Extensions/System.kext/PlugIns/Mach.kext",

    "/System/Library/Extensions/System.kext/PlugIns/Private.kext",

    "/System/Library/Extensions/System.kext/PlugIns/Unsupported.kext",

    "/System/Library/Extensions/TMSafetyNet.kext",

    "/System/Library/Extensions/triggers.kext",

    "/System/Library/Extensions/udf.kext",

    "/System/Library/Extensions/vecLib.kext",

    "/System/Library/Extensions/webcontentfilter.kext",

    "/System/Library/Extensions/webdav_fs.kext",

    "/Library/Extensions/ACS6x.kext",

    "/Library/Extensions/ArcMSR.kext",

    "/Library/Extensions/ATTOCelerityFC8.kext",

    "/Library/Extensions/ATTOExpressSASHBA2.kext",

    "/Library/Extensions/ATTOExpressSASRAID2.kext",

    "/Library/Extensions/CalDigitHDProDrv.kext",

    "/Library/Extensions/HighPointIOP.kext",

    "/Library/Extensions/HighPointRR.kext",

    "/Library/Extensions/PromiseSTEX.kext",

    "/Library/Extensions/SoftRAID.kext"

)

 

launchd.conf contents

---------------

 

 

Hosts file

---------------

##

# Host Database

#

# localhost is used to configure the loopback interface

# when the system is booting.  Do not change this entry.

##

127.0.0.1 localhost

255.255.255.255 broadcasthost

::1             localhost 

 

 

Scan log

---------------

2016-01-15 22:21:20 :  

2016-01-15 22:21:20 : ----- Scan Started -----

2016-01-15 22:21:20 : Scanning with signatures version 44 (2016-1-4)

2016-01-15 22:21:20 : Adware.Spigot : /Users/Dean/Library/LaunchAgents/com.spigot.ApplicationManager.plist

2016-01-15 22:21:20 : Adware.Spigot : /Users/Dean/Library/Application Support/Spigot/

2016-01-15 22:21:29 : *** scan time: 0d 00:00:08 ***

2016-01-15 22:21:29 : ------ Scan Ended ------

2016-01-15 22:21:39 : ---- File Removal Started ----

2016-01-15 22:21:39 : ===========================================

2016-01-15 22:21:39 : REMOVING ITEM: Adware.Spigot

2016-01-15 22:21:39 : >> Removing file item: /Users/Dean/Library/LaunchAgents/com.spigot.ApplicationManager.plist

2016-01-15 22:21:39 : ===========================================

2016-01-15 22:21:39 : REMOVING ITEM: Adware.Spigot

2016-01-15 22:21:39 : >> Removing file item: /Users/Dean/Library/Application Support/Spigot/

2016-01-15 22:21:39 : ---- File Removal Complete ----

2016-01-15 22:21:50 : ===== Attempting restart =====

2016-01-15 22:23:58 :  

2016-01-15 22:23:58 : ----- Scan Started -----

2016-01-15 22:23:58 : Scanning with signatures version 44 (2016-1-4)

2016-01-15 22:24:06 : *** scan time: 0d 00:00:07 ***

2016-01-15 22:24:06 : ------ Scan Ended ------

2016-01-15 22:30:35 :  

2016-01-15 22:30:35 : ----- Scan Started -----

2016-01-15 22:30:35 : Scanning with signatures version 44 (2016-1-4)

2016-01-15 22:30:43 : *** scan time: 0d 00:00:07 ***

2016-01-15 22:30:43 : ------ Scan Ended ------

2016-01-17 20:16:06 :  

2016-01-17 20:16:06 : ----- Scan Started -----

2016-01-17 20:16:06 : Scanning with signatures version 44 (2016-1-4)

2016-01-17 20:16:20 : *** scan time: 0d 00:00:13 ***

2016-01-17 20:16:20 : ------ Scan Ended ------

2016-01-19 19:23:28 :  

2016-01-19 19:23:28 : ----- Scan Started -----

2016-01-19 19:23:28 : Scanning with signatures version 44 (2016-1-4)

2016-01-19 19:23:41 : *** scan time: 0d 00:00:12 ***

2016-01-19 19:23:41 : ------ Scan Ended ------

[ThreeSwords]

Is my Macbook diseased? 

[treed]

Sorry, for some reason I didn't get notification that this topic had been updated! (Normally I get e-mail alerts, but sometimes that seems to fail.)

 

I don't see anything suspicious in your system snapshot. Just to confirm, try restarting in recovery mode (hold down command-R at startup). You should end up at a screen with four options, one of which is Get Help Online. Click that option, which will open a fresh copy of Safari, running on a clean system. Then do some browsing, visiting the same sites that are normally affected.

 

If, as I suspect, the problem continues to happen in Safari in recovery mode, it's a network issue, rather than a problem with your computer. In this case, the most likely possibility is hacked network hardware:

 

https://support.malwarebytes.org/customer/portal/articles/2049288-?b_id=9511

 

If the problem does not happen while in recovery mode, let me know.

[ThreeSwords]

Hi Thomas, 

 

Not  problem!  I note you mention Safari, however the issue is only in Chrome.  Safari is okay.  Should I still do what you suggested??  

 

Here's a screenshot of what I'm seeing on this form.

 

 

[treed]

Ahh, yes, I didn't read carefully enough. You said that it was happening in both Safari and Chrome, but then said the problem was now fixed in Safari.

 

Since it's just happening in Chrome, that narrows things down quite a bit. It's got to be due to one of your Chrome extensions. See:

 

https://support.malwarebytes.org/customer/portal/articles/2045724-?b_id=9511

 

I see that you have one called "Facebook Invite All Friends PRO 2016" - this may be a new variant of something we already detect, or it may be a simple coincidence in naming. Try disabling that one. If that fixes the problem, I'd love to get a copy of that extension from you. I'll give you some instructions if that works.

[ThreeSwords]

Thomas.....I could kiss you.  I disabled the "Facebook Invite All Friends PRO 2016" (which incidentally, I had to bloody pay for) and it's all fine.....no more pop ups!!!

 

What do you need from me in regards to that extension?  I'm guessing you wanna put it in the bank of possible problems for future reference?

[treed]

If you have just disabled it, and not deleted it yet, go to the Finder and choose Go to Folder from the Go menu. In the window that opens, paste in the following path:

 

~/Library/Application Support/Google/Chrome/Default/Extensions/

 

Then click the Go button.

 

In the folder that opens, there will be a lot of folders with long, random names. Find the one named "jjgfeibcphdoepjnmplpgbnpkngnmdmn" and move it to your desktop.

 

Next, control-click that "jjgfeibcphdoepjnmplpgbnpkngnmdmn" folder on your desktop and choose the Compress "jjgfeibcphdoepjnmplpgbnpkngnmdmn" item from the contextual menu. This will create a file named "jjgfeibcphdoepjnmplpgbnpkngnmdmn.zip" on your desktop.

 

Now, click my name at the top of this message to access my profile, then click the "Send me a message" button, then click the Use Full Editor button. You should be able to attach that .zip file to that message and send it to me.

 

Once I've let you know that I've got it, you can delete both "jjgfeibcphdoepjnmplpgbnpkngnmdmn" items. If the Facebook Invite All Friends PRO 2016 extension still shows up in Chrome's extensions list (which sometimes happens when you delete a Chrome extension from the Finder), you can delete it from there.

[ThreeSwords]

Done!  Sorry for the delay!  

[treed]

Got it, thanks!