Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Surfshark found 60 viruses on my Mac. What are those though?
- Thread starter iHorseHead
- Start date
- Sort by reaction score
I don’t know what those are but, to my knowledge, there are no active Mac viruses in the wild albeit there is Malware. If you aren’t involved in downloading pirated software and aren’t trading files with a Windows person etc., I would view that alert as false.
I'm not worried about the viruses. Don't even really care if I have any viruses. You wouldn't get any money from me anyway since I simply don't have it.
But I'm still curious to figure out what are those things? I can't even open the location etc nor see the full path name.
I don't pirate software and I don't even watch porn so um…? I pretty much visit only MacRumors, YouTube, Torn and sometimes my local news site.
The A99E... one you showed details for resides in a Safari cache folder. You could try telling Safari to clean its cache, and see if the file is removed.
When I searched for the name given as the threat (search terms: html phish pwpl), a Microsoft page came up as top result:
That was published in 2013, so it's pretty old, and the search results with newer dates may be more accurate.
When I searched for the name given as the threat (search terms: html phish pwpl), a Microsoft page came up as top result:
That was published in 2013, so it's pretty old, and the search results with newer dates may be more accurate.
All of the 60 files were similar and all of them were in Safari cache folder. I was just wondering where those came from all of the sudden as yesterday there was nothing.
Just incase I now downloaded Malwarebytes and will see what it will find.
Based on the file path we can see, Safari cache files, I’d say they’re cookies and other (cached) Website elements. You’ll see similarly frequent results if you routinely run Spybot - Search & Destroy on Windows, for example. I won’t go as far as to say they’re harmless. However, these intrusions should not be a problem as long as you follow best practices: visiting valid, known good sites that are secured, and only enter information at these legit sites.
Digital certificates and encrypted websites in Safari on Mac
In Safari on your Mac, an encrypted website’s certificate helps keep your communication with the website secure.
support.apple.com
Avoid fraud by using encrypted websites in Safari on Mac
In Safari on your Mac, use encrypted websites for private or financial activity. Encrypted websites prevent anyone from eavesdropping.
support.apple.com
Prevent cross-site tracking in Safari on Mac
In Safari on your Mac, ensure your privacy by stopping third-party content providers and advertisers from tracking you across websites.
support.apple.com
Clear cookies in Safari on Mac
In Safari on your Mac, clear cookies and website data for some or all websites.
support.apple.com
I think I've only visited 'good and valid' sites. I have no clue where those might've come from. I don't visit any religious or adult sites either.
I now checked it with malware bytes and it found nothing.
They look like phishing pages that you ran into while you were neck deep in prawn sites with safari. Focus on what you were doing and ignore the rest.
Unfortunately (and annoyingly) even legit/good sites can (and often do) have garbage embedded, namely ads. And digital ads on websites (nowadays) are not simply images and a basic URL link. No, they’re practically little webpages in themselves, and many definitely include malicious components. Web browsers often cache those elements of pages as well. Basically — of course — avoid (as best you can) interaction with those. One of the trickier variants I’d often mistakenly click on in the past were “Download Now” ads on (legit, well-known) download mirror sites. Now, I try to avoid mirror sites altogether or if I’m on one and the download doesn’t begin automatically or there isn’t an obvious, non-ad button/link text, I move on. The greed that has infested the WWW is beyond appalling, IMO. Look at social media treated as break out business. Vile!
Anyway…
As long as you do your best not to interact with these harmful elements — again, yes, as intentionally difficult as it is — you shouldn’t cause yourself (more) hassles/problems.
P.S. I certainly am not going to suggest any but there are ad-blocker software applications and browser extensions, plus some VPNs will block known ad URLs and the like. One of the pitfalls is these site creators know this and will prevent or otherwise cripple your viewing/using of that site if a VPN or ad-blocker is detected/determined.
I already use Adblocker on my Mac and iPhone and iPad and I use Surfshark that I paid for till 2028 and it also comes with an antivirus and it's scanning daily. It doesn't slow down my Mac or anything, so it doesn't bother me, but it hasn't found anything until today and I was wondering what those are and where those might've come from. I haven't even downloaded anything recently, but now that I think about it I was watching Malcolm in the middle from some (sketchy) streaming site and before you judge there's no way I could watch Malcom in the middle legally. Every legal way I tried told me that it's not available in my region and even when using VPN I couldn't find a legal way to watch it. So it might've come from one of such sites.
I deleted those files now and I also downloaded Malwarebytes and it couldn't find anything.
I tried their VPN which was terribly slow compared to others, and then it became intrusive with virus and malware scans. Surfshark is also scammers favorite. You can see surfshark found viruses and then takes you to shady links.
Some people think that security software is the real spyware. Which actually spy on users.
These guys usually hate police officers too, calling them "cops!"
I’m going to concur with it being cached elements of webpage ads that are being flagged. It doesn’t have to be a disreputable website, advertisement networks host things that trigger other phishing/malware blockers. I run AdGuard Home and I know just browsing though network news sites will eventually trigger statistics in that backend app.
I’m pretty certain that clearing your cache resolves this, and wasn’t embedded malware in the first place but just a trigger happy scanner pointing out vulnerable content and not infections. You might dig into your scanners rules and exclusions if you find it annoying.
Clear the cache, scan again, and see when/if it comes back.
I’m pretty certain that clearing your cache resolves this, and wasn’t embedded malware in the first place but just a trigger happy scanner pointing out vulnerable content and not infections. You might dig into your scanners rules and exclusions if you find it annoying.
Clear the cache, scan again, and see when/if it comes back.
Nice try, but your conspiracy tin foil hat didn’t work in my case.
A useful tool for analyzing suspicious files and URLs is VirusTotal:
Yes, and adding to the problem is how online ad space is sold to buyers. Often a given ad space is sold to multiple ad networks and aggregators in a long and convoluted chain. So even if somebody is using a well-known website (say, the New York Times), the website operator frequently has little to no control over the contents of ad banners, popups, and videos. This makes it easy for scammers to use ads as an attack vector.
Last edited:
I already deleted those files. I thought it's better to be safe than sorry.A useful tool for analyzing suspicious files and URLs is VirusTotal:
Yes, and adding to the problem is how online ad space is sold to buyers. Often a given ad space is sold to different ad networks and aggregators in a long and convoluted chain. So even if somebody is using a well-known website (say, the New York Times), the website operator frequently has little to no control over the contents of ad banners, popups, and videos. This makes it easy for scammers to use ads as an attack vector.
It's just interesting that Surfshark hasn't found anything in years and all of the sudden it found 60 of those and I have no clue what those actually are or do.
First surf shark isn't a anti virus tool, they sell vpn services, I'm guessing those are potential privacy threats/issues. They are doing the same thing as apple, trying to scare you by saying everyone is trying to steal your info.
Well, it has antivirus and e-mail service etc included.
But I've used Surfshark for years and this is the first time it happened and my subscription is ending in 4 years.
Totally underrated show, I feel you, been there, done that. Luckily I can now watch it on Disney+ but yeah I’m gonna clean my cache now too
Try using Malwarebytes instead. Much more reputable solution.