Security software development firm Malwarebytes has just exposed what could be the first known case of Mac malware for the year of 2017. It appears to be a highly antiquated piece of malware. Malwarebytes focuses on zero-day malware detection and removal with its free malware removal tool. The free Anti-malware scanner and remover is an excellent software that picks up on and cleans malware that other antivirus providers usually miss.
If you suspect you are infected with Crypto malware (Cryptowall, Cryptolocker, TeslaCrypt, etc) DO NOT follow this guide! Please make a post instead. Your files are at stake.
Purpose & Scope of this Guide:
This guide is designed to assist you in removing malware from an infected system that successfully boots. If your computer is completely unable to boot due to malware, please make a post, as this guide will not help you. If you perform the following steps exactly as described, this will solve your problem in over 90% of scenarios. That said, not all malware is created equal, and not all malware removal tools are created equal. The tools recommended in this guide were picked because of their high success and low failure rates, measured on a very large scale. However, there will be times that this guide fails in removing malware. If that is the case, please make a post for further assistance, stating that this guide was unsuccessful. It is recommended to only accept advice from a “Trusted” technician. I am writing this guide in layman’s terms so that most people will be able to understand it with ease.
Disclaimer:
The following instructions are recommendations only. You take full responsibility for any steps you choose to perform on your computer. While the following recommendations are performed without issue on countless machines, there is always a risk of damaging your Operating System or experiencing data loss on any machine. It is solely YOUR responsibility to save all work and back up any and all important data on your system before proceeding. Also note that once a computer has been compromised with malware, it should not be considered clean until a complete reformat has taken place.
Malware Remediation Steps:
Before proceeding, go into your browser’s extensions and remove all suspicious items. Also go into your browser’s settings and remove any default search providers and unusual homepages. If you are unsure how to do this, proceed to Step 1.
Download and run the following tools in this order. Run all tools unless otherwise instructed. All tools should be run in Normal Mode (not Safe Mode) unless you are unable to boot Normal Mode, or the scans fail in Normal Mode. All tools must be run under an Administrator account. Do not remove any tool-generated logs in the event a helper needs you to post them to further assist you.
1) Run rkill.com. Sometimes it takes a few minutes to finish. Do not reboot when done.
Kills running malicious processes
Removes policies in the registry that prevent normal OS operation
Repairs file extension hijacks
2) Download an updated copy Malwarebytes 3.0. Turn on the “Scan for Rootkits” option. Then, run a “Scan”
Successfully removes the vast majority of infections
Has an industry-leading built-in rootkit/bootkit scanning engine
Has built-in repair tools to fix damage done by malware
3) Run Malwarebytes ADWCleaner using the “Scan” option.
Removes majority of adware, PuPs, Toolbars, and Browser hijacks
Fixes proxy settings changed by malware
Removes certain non-default browser settings
NOTE: It is no longer necessary to run JRT. The JRT definitions have been rolled into ADWCleaner by Malwarebytes. JRT no longer provides additional benefit.
Optional, Advanced Step (only run if previous tools fail to solve problem):
4) Run Sophos HitmanPro
Here is HitmanPro.
HitmanPro is a phenomenal 'second-opinion' malware scanner.
Please note: If malware has prohibited you from browsing the web or downloading files, you can try running the NetAdapter Repair Tool with all options checked which will attempt to restore your internet connection & default browser settings. You may have to download these tools on another computer and move them to a flash drive that you can plug into the infected machine.
Have adware or spyware on your Mac?
Try Malwarebytes Anti-Malware for Mac (formerly Adware Medic). Please make a post if it is unsuccessful.
If you have run all of the above tools successfully, you should be malware-free. If you are still experiencing problems, please make a post in /r/techsupport for further assistance.
Follow-up Steps (highly recommended):
Using a computer that has not been infected, change passwords to all your online accounts.
Consider enabling two-factor authentication.
Install a better anti-virus. See recommendations below.
What is malware?
Malware is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware, and other malicious programs. It can take the form of executable code, scripts, active content, and other software. [Source: Wikipedia.com]
How did I get infected?
It is difficult to track down the source of an infection. Most infections are actually given permission to run unknowingly by the user. It is recommended to keep User Account Control turned on and never give access to something you do not trust or did not open. Many other infections come via exploits in your browser or browser plug-ins on websites you visit. Always be very careful what you install. Make sure you trust the source implicitly. When downloading programs, always use the publisher’s website directly.
How to prevent future infections:
Be very careful what you download and install. Keep programs like Java & Flash up-to-date, but do so using their official websites or Ninite installers. Use Unchecky to prevent accidental installation of adware & spyware during product installations. Make sure Windows is kept up-to-date as well. Many Windows updates patch exploits and vulnerabilities in your operating system. Most infections are active because the user has unknowingly given it Administrative permission to install and run. The first line of defense starts with you.
The following tools will aide you in keeping your computer clean:
Unchecky (Unchecks options in installers that install PuPs)
uBlock Origin Browser Extension (Blocks ads)
TronScript (FOSS - Automates malware removal and system cleanup)
277 comments
Malwarebytes have been around for years fighting malware. Malwarebytes have a very loyal following but in recent times users have looked to use another antivirus along side Malwarebytes.
Malwarebytes are a great tool to remove any issues you have so many computer users stick to a regular antivirus then occasionally run malwarebytes to remove any additional threats.
'Malware' (or malicious software), is currently a huge issue in everyday online life. Specifially designed to gain access to your computer, and damage it from the inside without you knowing. These pieces of software can go deeper and deeper into your machine, making them harder to locate and almost impossible to fix without the right tools.
Who is the best malware protection? With so much out there it can sometimes be hard establish just which anti malware is the best for you to use.
Best Malware Removal For Mac
A lot of malware cleaners will claim to protect you against Malware threats, but a lot only scratch the surface. A malware scanner will search the most commonly used file locations, they will pick up some issues and keep you updated when you get more and try to remove them. But they do not stop the problems at the source.
Services like Scanguard differ from that, providing you with a full system scan solution to locate and remove all Malware threats, and provide realtime protection against new threats trying to access your pc.
Best Malware Removal For Windows 10
Don't currently have protection? You can download Scanguard's free malware scanner to find out what problems have snuck in undetected.
Malware Removal For Mac Free
Currently protected? You can also download Scanguard's free scan to see if your current solution has missed any issues. You might find a surprising result.
Protectmac
So, which malware cleaner do I need? You need Scanguard.