The other day I was trying to buy something on Amazon when little window tiles popped up offering the same thing at Target. I ignored it because I figured it must be some relatively harmless adware on Amazon. Then it popped up on other sites including Macrumors! I also started getting redirected to install some "java helper" app and I decided it was time to search for "chrome malware" and it turns out adware/malware can make its way onto OSX via Chrome.
Following instructions to get rid of this bit of malware, I had to reset Chrome's browser settings which of course included all my session ids. This amounted to logging in to dozens of tabs again but at least that was all it took to get rid of this little beast. Here's a new wrinkle... Because Chrome can "sync" settings it can come back or can propagate cross platforms so I went to all my Chrome installs on other computers and made sure I repeated the "cleaning." I think the way this made it onto my browser was through a Chrome extension. I used the great suspender to help stop my fans from running when I left dozens (hundreds?) of Chrome tabs open. Now that Chrome has this built in, I decided to do without great suspender. I also decided to unload about a half dozen other extensions I had been using, again in the interest of minimizing the risk of catching this nasty bit of adware from another extension.
I then decided to download the freeware malwarebytes for OSX just to see if it might find anything that might have managed to leak beyond my browser and it found nothing. If you see unexpected redirects, "tiles" or pages asking you to install something, look for adware/malware running in your browser. Following one of those "install" pages might allow actual adware/malware to spread onto your Mac.
Following instructions to get rid of this bit of malware, I had to reset Chrome's browser settings which of course included all my session ids. This amounted to logging in to dozens of tabs again but at least that was all it took to get rid of this little beast. Here's a new wrinkle... Because Chrome can "sync" settings it can come back or can propagate cross platforms so I went to all my Chrome installs on other computers and made sure I repeated the "cleaning." I think the way this made it onto my browser was through a Chrome extension. I used the great suspender to help stop my fans from running when I left dozens (hundreds?) of Chrome tabs open. Now that Chrome has this built in, I decided to do without great suspender. I also decided to unload about a half dozen other extensions I had been using, again in the interest of minimizing the risk of catching this nasty bit of adware from another extension.
I then decided to download the freeware malwarebytes for OSX just to see if it might find anything that might have managed to leak beyond my browser and it found nothing. If you see unexpected redirects, "tiles" or pages asking you to install something, look for adware/malware running in your browser. Following one of those "install" pages might allow actual adware/malware to spread onto your Mac.