refer:https://macreports.com/how-to-remove-weknow-ac-malware-macos/

1-Remove the weknow.ac profile. Here is how:

  1. On your Mac, open System Preferences (click the System Preferences icon in the dock)
  2. Click Profiles
  3. Select AdminPrefs
  4. Delete this profile (AdminPrefs) by pressing the minus icon.
  5. Now delete search engine settings:
    1. Chrome: chrome://settings/searchEngines
    2. Safari: Safari > Preferences > Search

2-Delete weknow.ac. Remove anything weknow.ac related. Remove anything suspicious apps to the Trash folder. Look for recently added apps.

  1. Open the Applications folder
  2. Delete Weknow.ac or Weknow.ac.app also look for “MPlayerX”,“NicePlayer”. Look for suspicious apps.
  3. Empty Trash

3-Remove the weknow addon

  1. Safari: Safari > Preferences > Extensions > Locate the weknow.ac extension and remove it
  2. Google Chrome: Go to chrome://extensions/ and find the weknow.ac addon and remove it.
  3. Firefox: Go to about:addons and remove the addon.

4-Delete weknow files:

  1. Go > Go to Folder (or press Shift + Cmd + G)
  2. Enter /Library/LaunchAgents and click Go
  3. Look for suspicious files such as “installmac.AppRemoval.plist”, “myppes.download.plist”, “mykotlerino.ltvbit.plist”, “kuklorest.update.plist”. Some other names you should look for Genieo, Inkeeper, InstallMac, CleanYourMac, MacKeeper, SoftwareUpdater, MplayerX, NicePlayer, installmac.AppRemoval.plist”, “myppes.download.plist”, “mykotlerino.ltvbit.plist”, “kuklorest.update.plist, com.aoudad.net-preferences.plist”, “com.myppes.net-preferences.plist”, “com.kuklorest.net-preferences.plist”, “com.avickUpd.plist”. If you see any of them, drag them to the Trash folder and then empty Trash.
  4. And now repeat the same process on the following folders:
    1. /Library/Application Support
    2. /Library/LaunchDaemons

5-If your browser is Chrome, follow the steps below to change some Chrome policies, if you are still having the problem:

  1. Open the Terminal app (Go > Utilities > Terminal or press Command+Space and search Terminal)
  2. Enter the commands below, hit Enter after each
  3. defaults write com.google.Chrome HomepageIsNewTabPage -bool false
  4. defaults write com.google.Chrome NewTabPageLocation -string “https://www.google.com/”
  5. defaults write com.google.Chrome HomepageLocation -string “https://www.google.com/”
  6. defaults delete com.google.Chrome DefaultSearchProviderSearchURL
  7. defaults delete com.google.Chrome DefaultSearchProviderNewTabURL
  8. defaults delete com.google.Chrome DefaultSearchProviderName
  9. Restart Chrome

Please note that the developers behind weknow.ac are very sneaky and they will likely further develop this malware so this means that those tips may not work in near future. We will try to keep updating this posts.

find appname and plist ,just like

find . -name "*" |grep -i  UtilityOSDaemon

then delete all these files ;

source: https://macreports.com/how-to-remove-weknow-ac-malware-macos/

remove-weknow-ac from mac chrome的更多相关文章

  1. mac+chrome 最常用快捷键

    12个mac快捷键 命令 含义 command+空格 (先摁command再摁空格) Spotlight搜索 crt+command+F 最大化和关闭最大化切换 Command+H 隐藏当前窗口 Co ...

  2. 配置 Mac Chrome Inspect

    安装libimobiledevice :  Could not connect to lockdownd. Exiting.  报错解决 brew uninstall --ignore-depende ...

  3. [Web前端] mac chrome 浏览器强制刷新,清除浏览器缓存

    本文链接:https://blog.csdn.net/zeroyulong/article/details/79806156 mac 强制刷新:command+shift+r mac 普通刷新:com ...

  4. mac Chrome 快捷键

    从windows迁移到mac,会发现快捷键真的变了,这里先吹一下mac OS天下第一 另外没有bar确实也提高了效率,这一点还是值的 其实程序员最常用的是检查,windows下是F12,默认F12会被 ...

  5. Mac Chrome浏览器取消自动升级(最新版)

    做自动化突然冒出错误:SessionNotCreatedException: session not created: This version of ChromeDriver only suppor ...

  6. 解决Mac Chrome打开HTTPS证书错误问题

    goagent代理,在chrome下中总提示“该网站的安全证书不受信任” 并且没有 “继续访问” 的按钮. 解决方法 一.打开[应用程序]>[实用工具]>[钥匙串访问],并在左侧导航选择[ ...

  7. mac chrome 浏览器开启允许跨域

    在控制台输入下面代码: open -n /Applications/Google\ Chrome.app/ --args --disable-web-security  --user-data-dir ...

  8. mac chrome 强制刷新浏览器缓存

    普通刷新 command + r 强制刷新 command + shift + r

  9. mac chrome 驱动配置

    将解压后的chromedriver移动到/usr/local/bin目录下

随机推荐

  1. MySQL【日期和时间处理函数】的使用方法

    名称 调用示例 示例结果 描述 NOW NOW() 2018-09-19 09:24:10 返回当前日期和时间 CURDATE CURDATE() 2018-09-19 返回当前日期 CURTIME ...

  2. Problem C: STL——Jerry的问题

    Description 最近Jerry正在刻苦的学习STL中的set的功能函数,他发现set可以用现有的函数实现并.交.差.对称差等功能,但是他没有找到怎么来比较两个集合是否相等的功能函数,所以他想自 ...

  3. Excel修改证件照图片背景色

    在实际生活中,我们常常需要把白底证件照更改为蓝底或红底.操作步骤只需4步!   工具/原料   Excel 方法/步骤     第1步:插入白底证件照 单击[插入]---[图片],选择图片保存的位置, ...

  4. console.log()中的运算与打印事件

    var p=function() { var i = 0; function b() { console.log(i--);//先打印再减一 //console.log(--i);先减一再打印 } f ...

  5. RF新手常见问题总结

    RF新手常见问题总结--(基础篇) 1. 经常有人问这个元素找不到,一般先排除这两个地方,再自己找找A:是否等待了足够的时间让元素加载 (增加sleep xx, wait Until xxx)B:  ...

  6. this.$nextTick()作用

    当data中的某个属性改变的时候,这个值并不是立即渲染到页面上,而是先放到watcher队列上(异步),只有当前任务空闲的时候才会去执行watcher队列上的任务.所以导致,改变的数据挂载到dom上会 ...

  7. python判断两个变量是否为同一数据类型

    >>> a = 1000>>> b = 1>>> isinstance(a,type(b))True>>>

  8. Holer实现手机APP应用外网访问本地WEB应用

    手机APP应用公网访问内网WEB应用 本地安装了WEB服务端,手机APP应用只能在局域网内访问本地WEB,怎样使手机APP应用从公网也能访问本地WEB? 本文将介绍使用holer实现的具体步骤. 1. ...

  9. MYSQL ini 配置文件详解及性能优化方案

    my.ini分为两块:Client Section和Server Section.   Client Section用来配置MySQL客户端参数.   要查看配置参数可以用下面的命令: show va ...

  10. Minimum Spanning Trees

    Kruskal’s algorithm always union the lightest link if two sets haven't been linked typedef struct { ...