Difference between revisions of "Macintosh Malware Removal"
(→Advanced Mac Cleaner (Malware)) |
|||
(4 intermediate revisions by one user not shown) | |||
Line 22: | Line 22: | ||
Apple’s OS X (being Unix-based) is less vulnerable to malware and computer virii than a PC running Microsoft Windows. Yet there are still threats to the Macintosh computer. | Apple’s OS X (being Unix-based) is less vulnerable to malware and computer virii than a PC running Microsoft Windows. Yet there are still threats to the Macintosh computer. | ||
+ | |||
+ | Malwarebytes Anti-Malware makes a legitimate malware removal tool for the Macintosh. The downloadable file is: | ||
+ | * MBAM-Mac.dmg | ||
== Advanced Mac Cleaner (Malware) == | == Advanced Mac Cleaner (Malware) == | ||
Line 29: | Line 32: | ||
Removal | Removal | ||
− | * Click the | + | * Click FILE -> NEW FINDER WINDOW -> click APPLICATIONS, then go to the search box and type "Activity Monitor" |
− | * | + | * On the Activity Monitor locate the process and Force Quit. Force Quit "Advanced Mac Cleaner" and anything related. |
+ | * Click on the BACK arrow to return to the Applications list. | ||
+ | * Find the Advanced Mac Cleaner entry on the interface, right-click on it and select Move to Trash. If you cannot Right Click then you can locate the little gear icon on the menu/title bar at the top, click it and from there choose "Move to Trash." | ||
+ | * The malware will launch Safari, close it immediately. | ||
+ | * Go back to the Activity Monitor, locate "Mackeeper Helper" and Force Quit. It may relaunch itself. | ||
== MACDefender == | == MACDefender == | ||
* Category: FAKE ANTI-VIRUS SOFTWARE / MALWARE | * Category: FAKE ANTI-VIRUS SOFTWARE / MALWARE | ||
+ | |||
+ | == MacKeeper == | ||
+ | * Category: FAKE ANTI-VIRUS SOFTWARE / MALWARE | ||
+ | |||
+ | Also includes the process MacKeeperHelper. MacKeeper Helper is a TSR that runs in the background using system resources and slowing your Mac performance. | ||
+ | |||
+ | [[File:macbookapple.jpg]] | ||
+ | |||
+ | [[Category:Computer Technology]] | ||
+ | [[Category:Macintosh]] | ||
+ | [[Category:Security]] |
Latest revision as of 13:44, 20 June 2016
Macintosh software is installed and removed differently than Microsoft Windows software. Macintosh programs tend to be packages that can be uninstalled by simply dragging the application to the Trash.
Applications may create preference files that are stored in the /Home/Library/Preferences directory. The benign remnants orphaned in the Preferences folder can be removed manually to recover disk space.
- /Home/Library/Preferences
Application components may place files in the /Home/Library/Applications Support directory. These will also become orphaned if the package is removed. Delete these files to recover disk space.
- /Home/Library/Applications
- /Library/Receipts
Check for "StartupItems" and "LoginItems"
- /Library/StartupItems
- /Home/Library/StartupItems
Check for startup services
- /Library/LaunchAgents
- /Library/LaunchDaemons
- /Home/Library/LaunchAgents
Commercial software typically comes with an uninstall utility that is responsible for removing all orphaned files. The thoroughness of the uninstaller may vary from one package to another.
Malware does not follow these conventions. The malware developer makes effort to conceal the malware as to be installed in places which are difficult to locate and remove. Malware may place some components in common locations while installing residuals in hidden locations as to prevent removal, or to provide a backdoor for further malware to be added later.
Apple’s OS X (being Unix-based) is less vulnerable to malware and computer virii than a PC running Microsoft Windows. Yet there are still threats to the Macintosh computer.
Malwarebytes Anti-Malware makes a legitimate malware removal tool for the Macintosh. The downloadable file is:
- MBAM-Mac.dmg
Advanced Mac Cleaner (Malware)
- Category: FAKE ANTI-VIRUS SOFTWARE / MALWARE
Software that identifies itself as Advanced Mac Cleaner is not antivirus and is not a security tool, it is actually malware. This software is installed by the user inadvertently as it piggy-backs with other software, and is classified as a PUP (Potentially Unwanted Program) as well as Malware, as it has poses a threat to system security and stability.
Removal
- Click FILE -> NEW FINDER WINDOW -> click APPLICATIONS, then go to the search box and type "Activity Monitor"
- On the Activity Monitor locate the process and Force Quit. Force Quit "Advanced Mac Cleaner" and anything related.
- Click on the BACK arrow to return to the Applications list.
- Find the Advanced Mac Cleaner entry on the interface, right-click on it and select Move to Trash. If you cannot Right Click then you can locate the little gear icon on the menu/title bar at the top, click it and from there choose "Move to Trash."
- The malware will launch Safari, close it immediately.
- Go back to the Activity Monitor, locate "Mackeeper Helper" and Force Quit. It may relaunch itself.
MACDefender
- Category: FAKE ANTI-VIRUS SOFTWARE / MALWARE
MacKeeper
- Category: FAKE ANTI-VIRUS SOFTWARE / MALWARE
Also includes the process MacKeeperHelper. MacKeeper Helper is a TSR that runs in the background using system resources and slowing your Mac performance.