refer:https://macreports.com/how-to-remove-weknow-ac-malware-macos/

1-Remove the weknow.ac profile. Here is how:

  1. On your Mac, open System Preferences (click the System Preferences icon in the dock)
  2. Click Profiles
  3. Select AdminPrefs
  4. Delete this profile (AdminPrefs) by pressing the minus icon.
  5. Now delete search engine settings:
    1. Chrome: chrome://settings/searchEngines
    2. Safari: Safari > Preferences > Search

2-Delete weknow.ac. Remove anything weknow.ac related. Remove anything suspicious apps to the Trash folder. Look for recently added apps.

  1. Open the Applications folder
  2. Delete Weknow.ac or Weknow.ac.app also look for “MPlayerX”,“NicePlayer”. Look for suspicious apps.
  3. Empty Trash

3-Remove the weknow addon

  1. Safari: Safari > Preferences > Extensions > Locate the weknow.ac extension and remove it
  2. Google Chrome: Go to chrome://extensions/ and find the weknow.ac addon and remove it.
  3. Firefox: Go to about:addons and remove the addon.

4-Delete weknow files:

  1. Go > Go to Folder (or press Shift + Cmd + G)
  2. Enter /Library/LaunchAgents and click Go
  3. Look for suspicious files such as “installmac.AppRemoval.plist”, “myppes.download.plist”, “mykotlerino.ltvbit.plist”, “kuklorest.update.plist”. Some other names you should look for Genieo, Inkeeper, InstallMac, CleanYourMac, MacKeeper, SoftwareUpdater, MplayerX, NicePlayer, installmac.AppRemoval.plist”, “myppes.download.plist”, “mykotlerino.ltvbit.plist”, “kuklorest.update.plist, com.aoudad.net-preferences.plist”, “com.myppes.net-preferences.plist”, “com.kuklorest.net-preferences.plist”, “com.avickUpd.plist”. If you see any of them, drag them to the Trash folder and then empty Trash.
  4. And now repeat the same process on the following folders:
    1. /Library/Application Support
    2. /Library/LaunchDaemons

5-If your browser is Chrome, follow the steps below to change some Chrome policies, if you are still having the problem:

  1. Open the Terminal app (Go > Utilities > Terminal or press Command+Space and search Terminal)
  2. Enter the commands below, hit Enter after each
  3. defaults write com.google.Chrome HomepageIsNewTabPage -bool false
  4. defaults write com.google.Chrome NewTabPageLocation -string “https://www.google.com/”
  5. defaults write com.google.Chrome HomepageLocation -string “https://www.google.com/”
  6. defaults delete com.google.Chrome DefaultSearchProviderSearchURL
  7. defaults delete com.google.Chrome DefaultSearchProviderNewTabURL
  8. defaults delete com.google.Chrome DefaultSearchProviderName
  9. Restart Chrome

Please note that the developers behind weknow.ac are very sneaky and they will likely further develop this malware so this means that those tips may not work in near future. We will try to keep updating this posts.

find appname and plist ,just like

find . -name "*" |grep -i  UtilityOSDaemon

then delete all these files ;

source: https://macreports.com/how-to-remove-weknow-ac-malware-macos/

remove-weknow-ac from mac chrome的更多相关文章

  1. mac+chrome 最常用快捷键

    12个mac快捷键 命令 含义 command+空格 (先摁command再摁空格) Spotlight搜索 crt+command+F 最大化和关闭最大化切换 Command+H 隐藏当前窗口 Co ...

  2. 配置 Mac Chrome Inspect

    安装libimobiledevice :  Could not connect to lockdownd. Exiting.  报错解决 brew uninstall --ignore-depende ...

  3. [Web前端] mac chrome 浏览器强制刷新,清除浏览器缓存

    本文链接:https://blog.csdn.net/zeroyulong/article/details/79806156 mac 强制刷新:command+shift+r mac 普通刷新:com ...

  4. mac Chrome 快捷键

    从windows迁移到mac,会发现快捷键真的变了,这里先吹一下mac OS天下第一 另外没有bar确实也提高了效率,这一点还是值的 其实程序员最常用的是检查,windows下是F12,默认F12会被 ...

  5. Mac Chrome浏览器取消自动升级(最新版)

    做自动化突然冒出错误:SessionNotCreatedException: session not created: This version of ChromeDriver only suppor ...

  6. 解决Mac Chrome打开HTTPS证书错误问题

    goagent代理,在chrome下中总提示“该网站的安全证书不受信任” 并且没有 “继续访问” 的按钮. 解决方法 一.打开[应用程序]>[实用工具]>[钥匙串访问],并在左侧导航选择[ ...

  7. mac chrome 浏览器开启允许跨域

    在控制台输入下面代码: open -n /Applications/Google\ Chrome.app/ --args --disable-web-security  --user-data-dir ...

  8. mac chrome 强制刷新浏览器缓存

    普通刷新 command + r 强制刷新 command + shift + r

  9. mac chrome 驱动配置

    将解压后的chromedriver移动到/usr/local/bin目录下

随机推荐

  1. react native进一步学习(NavigatorIOS 学习)

    特别申明:本人代码不作为任何商业的用途,只是个人学习的一些心得,为了使得后来的更多的程序员少走一些弯路.*(如若侵犯你的版权还望见谅)*. 开发工具:WebStorm,xcode 1. rn的创建的时 ...

  2. mybatis 报The content of elements must consist of well-formed character data or markup. 语法格式错误

    最近在写sql的时候 同时使用到了 >= 和 <= 之前只使用一个的时候 没有什么问题,今天同时使用到了两个,结果xml出现了The content of elements must co ...

  3. 常用的settings.xml文件

    <?xml version="1.0"?> <settings> <localRepository>/Users/bernie.cx/.m2/r ...

  4. 基于java代码的springmvc配置

    在我的印象中,开发一个web项目首选当然是springmvc,而配置springmvc无非就是web.xml里配置其核心控制器DispatcherServlet.然后把所有的请求都交给它处理,再配个视 ...

  5. [RESTful] DHC Client

    安装Chrome的DHC插件, 进入DHC Client谷歌插件网页. 安装到Chrome浏览器: 点击Chrome设置 点击扩展程序 把刚刚下载的文件解压缩 把 .crx 后缀的文件直接拖入Chro ...

  6. makefile笔记10 - makefile 函数库文件

    函数库文件也就是对 Object 文件(程序编译的中间文件)的打包文件.在 Unix 下,一般是由命令"ar"来完成打包工作. 一.函数库文件的成员 一个函数库文件由多个文件组成. ...

  7. JavaScript中call和apply方法的使用

    acvaScript中的call()方法和apply()方法,在某些时候这两个方法还确实是十分重要的.1. 每个函数都包含两个非继承而来的方法:call()方法和apply()方法.2. 相同点:这两 ...

  8. 手动调用run方法和普通方法调用没有区别

    手动调用run方法和普通方法调用没有区别

  9. Android BLE dfu升级

    dfu升级适用于nordic  nRF51  nRF52 的系统,github上提供了相关升级的库https://github.com/NordicSemiconductor/Android-DFU- ...

  10. Linux中各个文件的作用

    1.bin: 存放的是执行的常用指令 2.boot: 启动系统的核心文件 3.dev: Linux将设备映射成文件,而dev中放的就是这些设备文件 4.etc: 各种配置文件 5.home: 用户的主 ...