- Jamf Nation Community
- Products
- Jamf Pro
- Re: Applescript to remove adware
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-01-2015 09:01 AM
Why this script is removing just the last entry?
tell application "rm - rf/Library/LaunchDaemons/com.vsearch.daemon.plist"
"Library/InputManagers/CTLoader"
"System/Library/Frameworks/v.framework"
"System/Library/Frameworks/VSearch.framework"
"Library/PrivilegedHelperTools/Jack"
"Library/InputManagers/CTLoader"
"Library/Application Support/Conduit/"
"~Library/Internet Plug-Ins/ConduitNPAPIPlugin.plugin"
"~Library/Internet Plug-Ins/TroviNPAPIPlugin.plugin"
"Applications/Genieo"
"Applications/InstallMac"
"Applications/Uninstall Genieo"
"Applications/Uninstall IM Completer.app"
"Library/PrivilegedHelperTools/com.genieoinnovation.macextension.client"
"~Library/Application Support/Genieo"
"~Library/Application Support/com.genieoinnovation.Installer"
"Library/LaunchAgents/com.genieo.completer.update.plist"
"Library/LaunchAgents/com.genieo.engine.plist"
"Library/LaunchAgents/com.genieoinnovation.macextension.client.plist"
"Library/LaunchAgents/com.genieoinnovation.macextension.plist"
"Library/LaunchDaemons/com.genieoinnovation.macextension.client.plist"
"Library/LaunchDaemons/Jack.plist"
"~Conduit"
"~Trovi"
"~Library/Caches/com.Conduit.takeOverSearchAssetsMac"
"~Library/Caches/com.VSearch.bulk.installer"
"~Library/Caches/com.VSearch.VSinstaller"
"~Library/LaunchAgents/com.genieo.completer.download.plist"
"~Library/LaunchAgents/com.genieo.completer.ltvbit.plist"
"~Library/LaunchAgents/com.genieo.completer.update.plist"
"~Library/Preferences/com.genieo.global.settings.plist.lockfile"
"~Library/Preferences/com.geneio.settings.plist.lockfile"
"~Library/Preferences/com.geneio.global.settings.plist"
"~Library/Saved Application State/com.genieo.RemoveGenieoMac.savedState"
"~Library/Saved Application State/com.VSearch.bulk.installer.savedstate"
"Library/LaunchAgents/com..agent.plist"
"Library/LaunchAgents/com../midnight.daemon.plist"
"Library/LaunchAgents/com.*com.midnight.helper.plist"
"/Library/Application Support/midnight"
end tell
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-01-2015 09:13 AM
This Applescript makes no sense. You can't use tell application in front of a bunch of path strings like that. It has no idea what you're asking it to do. You need to either put in a bunch of do shell script blocks, or better yet, take a look at @jesseshipley's script located here, which will gather adware information in an EA. I don't actually recommend trying to just blow away adware files since they tend to integrate themselves into the OS in nasty ways and can hose a system if remove improperly.
Also consider using Adware Medic.
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-01-2015 09:12 AM
Think your better off with this workflow from Sheagcriag.
http://labs.da.org/wordpress/sheagcraig/2015/03/25/how-we-are-removing-adware/
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-01-2015 09:13 AM
This Applescript makes no sense. You can't use tell application in front of a bunch of path strings like that. It has no idea what you're asking it to do. You need to either put in a bunch of do shell script blocks, or better yet, take a look at @jesseshipley's script located here, which will gather adware information in an EA. I don't actually recommend trying to just blow away adware files since they tend to integrate themselves into the OS in nasty ways and can hose a system if remove improperly.
Also consider using Adware Medic.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-01-2015 11:22 PM
Better still, for anyone using Sophos, kaspersky, etc put in a feature request if you haven't already. Both of those do Adware detection for Windows, but don't bother for mac. Not even on their road map.
I submitted a new strain of Genieo to Sophos and although they created a new entry to detect the installer they were completely disinterested in the files that had been infected, launch daemons installed, etc. and just referred me to their 'we don't do adware for mac' page!
For a major player in this software market that's pretty shocking. It's clearly required otherwise they wouldn't do it for Windows and we shouldn't even need to put in a feature request, but it appears to be required otherwise they aren't going to bother.
They sell a virus/adware solution that doesn't do adware. If you pay them money, get on to them to sort it out rather than trying to constantly update scripts; which of course we need to until they take off their blinkers!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-02-2015 12:13 AM
@sean hey fella. Can you supply that link?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-02-2015 04:08 AM
Sure:
Sophos Anti-Virus for Mac Policy
This may help too:
Sophos currently doesn't support your requested feature but values your input into improving the product to best meet our customers needs. Can you please complete the below feature request template so we can raise a request with our developers for a change to the product. This information is paramount in helping our product management teams prioritize and build new features that address your business requirements. Company and Contact Information Company: Contact: Sophos Partner (if applicable): Sophos Product Information Sophos Product: Version in Production: Feature Request Summary How will this new feature address your business requirements?: How would you rate the importance of this feature?; 1 = Critical, 5 = Nice-to-have: Please be aware that we cannot guarantee the proposed changes will be made or provide any timelines for the request. Sophos would like to thank you for your time and effort in helping us to build a better product. We look forward in hearing from you.
