refer:https://macreports.com/how-to-remove-weknow-ac-malware-macos/

1-Remove the weknow.ac profile. Here is how:

  1. On your Mac, open System Preferences (click the System Preferences icon in the dock)
  2. Click Profiles
  3. Select AdminPrefs
  4. Delete this profile (AdminPrefs) by pressing the minus icon.
  5. Now delete search engine settings:
    1. Chrome: chrome://settings/searchEngines
    2. Safari: Safari > Preferences > Search

2-Delete weknow.ac. Remove anything weknow.ac related. Remove anything suspicious apps to the Trash folder. Look for recently added apps.

  1. Open the Applications folder
  2. Delete Weknow.ac or Weknow.ac.app also look for “MPlayerX”,“NicePlayer”. Look for suspicious apps.
  3. Empty Trash

3-Remove the weknow addon

  1. Safari: Safari > Preferences > Extensions > Locate the weknow.ac extension and remove it
  2. Google Chrome: Go to chrome://extensions/ and find the weknow.ac addon and remove it.
  3. Firefox: Go to about:addons and remove the addon.

4-Delete weknow files:

  1. Go > Go to Folder (or press Shift + Cmd + G)
  2. Enter /Library/LaunchAgents and click Go
  3. Look for suspicious files such as “installmac.AppRemoval.plist”, “myppes.download.plist”, “mykotlerino.ltvbit.plist”, “kuklorest.update.plist”. Some other names you should look for Genieo, Inkeeper, InstallMac, CleanYourMac, MacKeeper, SoftwareUpdater, MplayerX, NicePlayer, installmac.AppRemoval.plist”, “myppes.download.plist”, “mykotlerino.ltvbit.plist”, “kuklorest.update.plist, com.aoudad.net-preferences.plist”, “com.myppes.net-preferences.plist”, “com.kuklorest.net-preferences.plist”, “com.avickUpd.plist”. If you see any of them, drag them to the Trash folder and then empty Trash.
  4. And now repeat the same process on the following folders:
    1. /Library/Application Support
    2. /Library/LaunchDaemons

5-If your browser is Chrome, follow the steps below to change some Chrome policies, if you are still having the problem:

  1. Open the Terminal app (Go > Utilities > Terminal or press Command+Space and search Terminal)
  2. Enter the commands below, hit Enter after each
  3. defaults write com.google.Chrome HomepageIsNewTabPage -bool false
  4. defaults write com.google.Chrome NewTabPageLocation -string “https://www.google.com/”
  5. defaults write com.google.Chrome HomepageLocation -string “https://www.google.com/”
  6. defaults delete com.google.Chrome DefaultSearchProviderSearchURL
  7. defaults delete com.google.Chrome DefaultSearchProviderNewTabURL
  8. defaults delete com.google.Chrome DefaultSearchProviderName
  9. Restart Chrome

Please note that the developers behind weknow.ac are very sneaky and they will likely further develop this malware so this means that those tips may not work in near future. We will try to keep updating this posts.

find appname and plist ,just like

find . -name "*" |grep -i  UtilityOSDaemon

then delete all these files ;

source: https://macreports.com/how-to-remove-weknow-ac-malware-macos/

remove-weknow-ac from mac chrome的更多相关文章

  1. mac+chrome 最常用快捷键

    12个mac快捷键 命令 含义 command+空格 (先摁command再摁空格) Spotlight搜索 crt+command+F 最大化和关闭最大化切换 Command+H 隐藏当前窗口 Co ...

  2. 配置 Mac Chrome Inspect

    安装libimobiledevice :  Could not connect to lockdownd. Exiting.  报错解决 brew uninstall --ignore-depende ...

  3. [Web前端] mac chrome 浏览器强制刷新,清除浏览器缓存

    本文链接:https://blog.csdn.net/zeroyulong/article/details/79806156 mac 强制刷新:command+shift+r mac 普通刷新:com ...

  4. mac Chrome 快捷键

    从windows迁移到mac,会发现快捷键真的变了,这里先吹一下mac OS天下第一 另外没有bar确实也提高了效率,这一点还是值的 其实程序员最常用的是检查,windows下是F12,默认F12会被 ...

  5. Mac Chrome浏览器取消自动升级(最新版)

    做自动化突然冒出错误:SessionNotCreatedException: session not created: This version of ChromeDriver only suppor ...

  6. 解决Mac Chrome打开HTTPS证书错误问题

    goagent代理,在chrome下中总提示“该网站的安全证书不受信任” 并且没有 “继续访问” 的按钮. 解决方法 一.打开[应用程序]>[实用工具]>[钥匙串访问],并在左侧导航选择[ ...

  7. mac chrome 浏览器开启允许跨域

    在控制台输入下面代码: open -n /Applications/Google\ Chrome.app/ --args --disable-web-security  --user-data-dir ...

  8. mac chrome 强制刷新浏览器缓存

    普通刷新 command + r 强制刷新 command + shift + r

  9. mac chrome 驱动配置

    将解压后的chromedriver移动到/usr/local/bin目录下

随机推荐

  1. 零基础学习JavaSE(一)

    一.开发环境安装配置 1.1 安装jdk jdk下载地址:http://www.oracle.com/technetwork/java/javase/downloads/index.html 下载后安 ...

  2. 强行画页面的position

    说到position这个属性,确实是让刚入前端坑的我等小白瑟瑟发抖,大牛们一边告诉我们position如何万能,一边又让我们在这个坑里滚了一遍又一遍,着实让我们的头皮表面的毛囊扩张的更厉害了.在前端的 ...

  3. python字符串编码理解(转载)

    (转载)字符编码和python使用encode,decode转换utf-8, gbk, gb2312 (http://www.cnblogs.com/jxzheng/p/5186490.html) A ...

  4. python的列表生成式

    列表生成式 列表生成式即List Comprehensions,是Python内置的非常简单却强大的可以用来创建list的生成式. 举个例子,要生成list [1, 2, 3, 4, 5, 6, 7, ...

  5. Java抽象类总结规定

    1. 抽象类不能被实例化(初学者很容易犯的错),如果被实例化,就会报错,编译无法通过.只有抽象类的非抽象子类可以创建对象. 2. 抽象类中不一定包含抽象方法,但是有抽象方法的类必定是抽象类. 3. 抽 ...

  6. tensorFlow可以运行的代码

    折腾了很久,终于运行成功. 才云科技的书不错,就是需要微调一二. 心得:1,记得activate tensorflow,然后再python 2,Python的代码格式很重要,不要错误. 3,还不清楚如 ...

  7. Android中获取文件路径的方法总结及对照

    最近在写文件存贮,Android中获取文件路径的方法比较多,所以自己也很混乱.找了好几篇博客,发现了以下的路径归纳,记录一下,以备不时之需 Environment.getDataDirectory() ...

  8. vue-cli 项目里屏幕自适应

    很多同学可能在写h5的时候,也会遇到移动端如何控制屏幕自适应问题!在移动端网页开发中,我们可以用手机淘宝的flexible.那么在vue当中,也同样可以用!接下来就介绍下如何在vue-cli配置的项目 ...

  9. fdisk语法

    Linux下的fdisk功能是极其强大的,用它可以划分出最复杂的分区,下面简要介绍一下它的用法: 对于IDE硬盘,每块盘有一个设备名:对应于主板的四个IDE接口,设备名依次为:/dev/hda,/de ...

  10. linux查找指定目录文件大小

    #遍历查询 /users/yyqh01/ 目录下的文件目录大小,按M打印大小 for i in $(echo /users/yyqh01/*/) ; do [ "$i" != &q ...