Hi i downloaded Audio Damage bundle from another site, and AD requires permission reset app, i used it installed it, and after when i open my google chrome, all settings like visited pages and stuff are gone, it resets even tho i have the setting open where left off. Also if i open chrome close it another browser open and denies by littlesnitch link is http://xml-v4.trafficmoose.com/

So i got some virus, idk what to do or how to find it, i deleted google folders re installed multiple times, got it to work again as usal, but then it happend again today....

I know you get malware using cracked software, but im worried about this one, does anyone know how to fix it or what to do to remove it?

Most malware programs dont work or is malware it self... Unless you buy like norton, im thinking of reinstalling my computer, but i wanted to ask you if you know anything about the

http://xml-v4.trafficmoose.com/

It opens together with chrome, so i open my profile, all tabs are reset, close it, and the window with the link is open in a page... It is denied by little snitch so, but still it resets my tabs, super annoying, is this dangerous?

What shall i do, do anyone know?

Regards

Johnny

 

Take this:

AdwCleaner 2025 - Free Adware Cleaner & Removal Tool
https://www.malwarebytes.com/adwcleaner

EDIT: Sorry forget the windows Version, thanks @Synclavier for the Hint!

Download from malwarebytes.com (direct link: https://www.malwarebytes.com/mac-download).
Install, update, and run a full scan (takes 10-20 mins).
Quarantine/remove anything it finds (it'll flag adware like TrafficMoose remnants).

Spoiler: Source: Grok KI

I'm sorry you're dealing with this—it's frustrating when something like a software bundle turns into a headache like this. Based on what you've described (Chrome resetting tabs/settings despite your "Continue where you left off" preference, and that suspicious URL popping up), it sounds like you've got adware (a type of malware) on your Mac. This is super common with cracked or pirated software downloads from shady sites, as they often bundle in junk like this to make money via forced ads/redirects. Little Snitch blocking the connection is a good sign—it's doing its job—but the adware is still messing with your browser behind the scenes.

Quick Answer on the URL
This domain is part of an adware network (tied to "TrafficMoose," which funnels traffic to ad platforms). On the surface, it might load a page for something like "Artillery Ads" (a digital ad service), but in practice, it's used by adware to redirect users to sketchy stuff: unwanted browser extensions, fake surveys, adult content, online games, or even more malware downloads. It's not a full-blown virus like ransomware, but it's annoying and risky because:

• It can track your browsing (e.g., via cookies/scripts).
• Those redirects could lead to phishing sites that steal info (passwords, payment details).
• It might install more crap without asking.

In short: Yes, it's dangerous enough to take seriously, but fixable without nuking your Mac. Don't click anything on it—just let Little Snitch keep blocking.

What to Do to Remove It (Step-by-Step)
Reinstalling Chrome (or even your whole system) isn't necessary yet—adware like this usually hides in a few spots and can be scrubbed out. Focus on these safe, proven steps. Do them in order, and restart your Mac after each major one to test. Only download tools from official sites to avoid more trouble.

1. Quit Chrome Completely and Reset It Fresh:
   • Force-quit Chrome (Cmd + Option + Esc, select Chrome, Force Quit).
   • Open Finder > Go > Go to Folder, type ~/Library/Application Support/Google/Chrome and delete the whole "Chrome" folder (this wipes profiles/settings—back up bookmarks first via Chrome's export if needed).
   • Also delete: ~/Library/Caches/Google/Chrome and ~/Library/Preferences/com.google.Chrome.plist.
   • Reinstall Chrome from google.com/chrome (not from any other site).
   • On first launch, sign in to restore tabs/history, and immediately go to chrome://settings/ > Reset settings > "Restore settings to their original defaults" (this nukes any hijacked extensions/policies).
   • Test: Open a few tabs, close/reopen—should hold your session now.
2. Scan with a Reputable (Free) Anti-Malware Tool: You're right to be skeptical of sketchy "malware removers," but Malwarebytes is legit (millions use it, no upsell BS in the free version, and it's not adware itself).
   • Download from malwarebytes.com (direct link: https://www.malwarebytes.com/mac-download).
   • Install, update, and run a full scan (takes 10-20 mins).
   • Quarantine/remove anything it finds (it'll flag adware like TrafficMoose remnants).
   • Alternative if you prefer built-in: Run Apple's XProtect/MRT via Software Update (System Settings > General > Software Update), but it's less aggressive.
3. Hunt for Hidden Launchers (Login Items & Launch Agents): Adware often auto-starts via these.
   • Go to System Settings > General > Login Items. Remove anything suspicious (e.g., unknown apps or "Audio Damage" extras).
   • In Finder > Go > Go to Folder: ~/Library/LaunchAgents. Look for .plist files with weird names (e.g., anything with "moose," "traffic," or random strings). Trash them (safe to delete extras—your Mac will complain if you zap something important).
   • Same for /Library/LaunchAgents (needs admin password).
   • Check Applications folder: Trash the Audio Damage bundle and anything installed around the same time.
4. Clear Browser Data & Block in Little Snitch:
   • In Chrome: chrome://settings/clearBrowserData > Advanced > All time > Clear (includes cache/cookies that might hold redirect junk).
   • In Little Snitch: Go to its rules list, find the blocked "xml-v4.trafficmoose.com" entry, and make the deny rule permanent (forever block the domain/IP).
   • For extra safety, install uBlock Origin extension in Chrome (from Chrome Web Store)—it's free and crushes ad redirects.
5. Test & Monitor:
   • Restart Mac, open Chrome, browse normally. If the reset/URL pops again, repeat step 2.
   • Run Activity Monitor (Spotlight search it) > CPU or Network tab: Sort by high usage, quit anything fishy (e.g., processes named "helper" or random gibberish).
   • If it persists after all this, grab EtreCheck (free from etrecheck.com)—it scans your Mac for malware/adware and gives a report you can share on forums like Reddit's r/MacOS for tailored help.

A Few Tips to Avoid This in the Future

• Ditch cracked software: Sites like that are malware central. Audio Damage isn't crazy expensive—buy legit to avoid this nightmare (and support devs).
• Enable Gatekeeper: System Settings > Privacy & Security > Allow apps only from App Store & identified developers.
• Use a VPN or ad-blocker always, and scan downloads with VirusTotal.com before opening.
• If you're super paranoid, back up (Time Machine), then reinstall macOS from Recovery (Cmd + R on boot)—but that's overkill here.

This should get you clean—most folks fix adware like this in under an hour. If you hit a snag (e.g., what Malwarebytes finds), reply with details, and I'll guide further. Hang in there, Johnny!

Sources: Malware removal guides from MalwareTips and Enigma Software confirm this as standard adware behavior.

 

Last edited: Nov 15, 2025 at 3:18 PM

you should try reading better, he is on MAC

 

Thanks @Synclavier for the tip, I completely overlooked that!

 

Thanks i will try, dont trust malwarebytes tho, maybe im wrong, but i will give it a go.

You know like mcafee you. see the documatary and it stole ppls data, he was worth 100million if not more for creating that one, its a documentary on netflix if u havent seen it, super good!!!

Anyway thanks. ill try

 

it didnt find a thing... lol.. i know i have malware, but this new one screwing with my chrome web pages and opens a link, thankfully little snitch blocks it, but its definetly trying to steal information... what else could it be.

Yeah have to reinstall os.... such a pain..

 

Have you tried following the tips from the AI?

 

No i downloaded AVAST that said i had some issues withDNS and stuff but couldnt fix it, so i logged in to my router and changed my ip!

Think that would throw off any intruders, idk!

 

Why We Like Avast

Avast is our second recommendation. The Avast antivirus scanner is free to use and our top pick for free antivirus protection. Virus detection is reliable, and the tool also reliably reports adware. For years, the solution has demonstrated top performance in detecting Mac and Windows viruses, even surpassing Bitdefender in a recent test by AV-Comparatives.

Like its sister program AVG (both now belong to the parent company Norton LifeLock), there's a paid version with additional features for €45 per year. This version includes a network scanner that searches for vulnerabilities, offers ransomware protection, and provides system cleanup tools. The "Breach Guard" feature promises protection against data leaks by monitoring emails and credit card numbers, among other things. As with Bitdefender, you'll be notified if your data is circulating on the web.

Further Considerations

Actually, Avast has no weaknesses. What I like less: If you use the free version, the app aggressively promotes paid add-ons like a VPN. In my opinion, these services are unnecessary for most users.

Avast One Essential, from the same developer, is another free version that offers even more features. However, I can hardly recommend Avast One, as this app is even more insistent on promoting paid subscriptions and warns of potential dangers more than necessary.

Source: www.macwelt.de/article/988900/beste-antivirus-fuer-mac.html

 

i had bitdefender purchased before, still ranking nr1, but it didnt do much when i had it even when i used cracked software.

Ill try avast, maybe there if a free testing period, basically you just install trusted products and you are good.

Cracked stuff always installs malware, what i like to do is save the VSTS and all the folders included, move to drive., Reinstall and then put the plugins and folders without install, and a lot of plugs work, some needs re use of keygen etc, but that way you dont install the malware.

I think im good now, i updated my router, i have a VPN page in the router so i can connect to VPN for free, maybe a good idea.

Gotta hit the gym but ill check avast later.

 

if thats your opinion, you should avoid any cracks at all. in all honesty. your router's "vpn page" will not rescue yourself, no nr 1 ranking virus scanner, no file copying, nor updating your router. and changing your local ip... no. sorry, but thats not how things work.

 

yeah i figured, but what can they do, all my important stuff is protected with authenticatiors and government id apps etc, even my crypto account is secure, but its annoying if they start messing with stuff,

is there any real danger to these viruses?

 

i think its more information gathering and the information is valuable to different companies and someone gets paid for information gathering.

its my toughts but i really dont have a clue, also mining wares for crypto currencies can be installed and drag down cpu

otherwise people wouldnt crack software if they didnt gain anything off of it right?

 

paste your first post into chatgpt. it will elaborate steps.

Spoiler

Here’s what “TrafficMoose” (and specifically xml‑v4.trafficmoose.com) is, according to malware‑removal sources, and why it’s a problem.

What Is TrafficMoose / xml‑v4.trafficmoose.com?

1. Adware / Browser Hijacker
   • xml-v4.trafficmoose.com is classified as adware / a browser hijacker. greatis.com+2MalwareTips Forums+2
     
     
   • A browser hijacker is malware that changes your browser’s behavior — redirecting pages, showing annoying popups, or forcing unwanted content. TechTarget+1
2. Push Notification Abuse
   • TrafficMoose often tricks users into allowing browser notifications by showing misleading popups (like “Click Allow to play video” or “Verify you are not a robot”), then uses those permissions to spam ads, surveys, or malicious sites. adware.guru+2MalwareTips Forums+2
     
     
   • These notifications can appear even when the browser is closed, which is a red flag. adware.guru
3. Redirects to Questionable Content
   • The site is used to redirect you to “unwanted browser extensions, surveys, adult sites, fake updates, and other potentially shady content.” MalwareTips Forums+1
     
     
   • This is often done to make money via ad impressions or by tricking users into installing more malware / unwanted software.
4. Persistent / Hard to Remove
   • According to guides, this type of adware often requires specialized removal: not just deleting browser tabs, but also removing malicious extensions, checking browser policies, and scanning for underlying malware. MalwareTips Forums+2MalwareTips Forums+2
     
     
   • Tools like Malwarebytes, AdwCleaner, and HitmanPro are commonly recommended for full removal. MalwareTips Forums+1
5. Not Just a One‑Time Popup
   • Because of how aggressively it works, once this adware is on a machine, it may continue to redirect or push content until fully removed. MalwareTips Forums+1
     
     
   • It’s more dangerous than a simple pop-up ad — it can affect browser settings, startup behavior, and even run in the background.

Why It’s Dangerous / Problematic

• Privacy Risk: Even if it’s “just ads,” adware can track browsing habits or inject tracking scripts.
  
  
• Annoyance: Persistent pop‑ups, redirects, and notifications are disruptive.
  
  
• Potential for More Malware: These kinds of redirect services are often part of a bigger infection chain. Once they have a foothold, they can help drop more malicious or unwanted software.
  
  
• Browser Instability: Hijackers can modify browser launch settings, profiles, or even system policies, making clean-up harder.

Bottom Line

• TrafficMoose is not a legitimate, benign site — it's part of adware / browser hijacking schemes.
  
  
• xml‑v4.trafficmoose.com is a malicious domain used to push ads, force notification permissions, and redirect to unwanted / potentially harmful content.
  
  
• If you’re seeing it regularly (or its effects), it's very likely your system is infected or has unwanted software running.

If you like, I can check the latest (2025) status of TrafficMoose (is it still active, how dangerous it is now) — do you want me to do that?

You said:
yes

ChatGPT said:
Good question. Here’s an updated (as of 2025) look at TrafficMoose / xml‑v4.trafficmoose.com — what it is, how it's still a threat, and how to deal with it.

What’s the Current Status of TrafficMoose (2025)

1. Still Active as Adware / Browser Hijacker
   • According to recent removal guides, xml-v4.trafficmoose.com is still classified as adware / a browser hijacker. greatis.com+2MalwareTips Forums+2
     
     
   • It continues to use fake “allow notifications” prompts (e.g. “Click Allow to verify you are not a robot” or “Click Allow to play video”) to trick users into giving it notification permissions. adware.guru+2BugsFighter+2
     
     
   • Once allowed, it can spam you with push notifications — even when the browser is closed. adware.guru
2. Distribution Methods Remain Similar
   • It often comes bundled with free software or is installed when users click on dodgy ads. securitystronghold.com+1
     
     
   • On some systems (especially on Windows), it may create startup entries or place files so that it persists across reboots. securitystronghold.com
     
     
   • It may install browser extensions or change browser settings like the homepage or default search engine. Malware Guide+1
3. Threat Level
   • According to Enigma Software, the threat is relatively moderate (they give it a 20% “threat level” in their scorecard) — meaning it's not classified as extremely destructive like a full-blown virus, but it’s not harmless either. SpyHunter
     
     
   • The main risks: privacy tracking, annoying and persistent ads, and potentially being a drop point for other unwanted programs. Malware Guide+1
     
     
   • As Norton and other security firms explain, browser hijackers like this can also open the door to more serious malware by weakening your browser’s security. Norton+1
4. Removal Methods Are Well-Documented
   • Guides recommend using tools like Malwarebytes and AdwCleaner to scan for and remove the adware. MalwareTips Forums+1
     
     
   • In Chrome (and other browsers), you should:
     1. Remove any TrafficMoose‑related extensions. BugsFighter
        
        
     2. Reset browser settings (homepage, search engine, new-tab behavior). BugsFighter
        
        
     3. Remove notification permissions for TrafficMoose.com: in Chrome → Settings → Privacy & Security → Site Settings → Notifications → remove “Allowed” entries for TrafficMoose. BugsFighter
   • On macOS, you should check for and delete malicious LaunchAgents / LaunchDaemons or other files that the adware might have installed. MalwareTips Forums
     
     
   • For Windows, manual removal may involve deleting registry keys or startup entries. securitystronghold.com
5. Prevention Tips (Still Very Relevant)
   • Avoid granting “Allow” when sites ask for notification permissions, unless you trust them. BugsFighter
     
     
   • Be very careful with software installers — especially “free” or shady ones — because bundlers may include adware like TrafficMoose. Malware Guide+1
     
     
   • Use an ad blocker / content filter (uBlock Origin, AdGuard, etc.) to reduce the chances of being redirected by malicious or deceptive ads. greatis.com
     
     
   • Keep your browser and OS up to date to minimize vulnerabilities. Norton

Bottom Line (2025)

• Yes, TrafficMoose (and variants like xml-v4.trafficmoose.com) are still a thing in 2025.
  
  
• It’s primarily adware / hijacker, not something super destructive like ransomware — but it's annoying, privacy-invading, and persistent.
  
  
• It’s very removable — but you need to use good tools (Malwarebytes, AdwCleaner, manual cleanup) and also fix browser settings / notification permissions.
  
  
• Preventing reinfection is just as important: don’t grant notification permissions to random sites, and beware of bundled software.

 

Not necessarily true. If i could crack software, i would share it. There is also the financial incentive of file payouts, although i believe that to be negligible.

 

Yeah depends on the cracker, there is a guy who takes 12usd a month and shares almost everything you find here and elsewhere with superfast DL and i believe it to be free of malware for the most part.

The audio damage release bundle on another website cause my web browser to fk up and as said in topic, avoid that one.

Dont know about audiodmg files here, i think they are good here. but you can only DL 2 things at time so i use other sites... AudioZ is pretty legit, most legit site i know.