img HowTosOSX

How to remove malware from Mac

Find out what types of viruses Mac OS X is mainly targeted by, learn prevention techniques and efficient methods to remove malware from infected Mac.

Apple’s “walled garden” is a fascinating countermeasure for ensuring security of Mac machines. Its gist consists in continuously monitoring and restricting the scope of applications that can be downloaded and installed by users from the official store. The company is maintaining a whitelist of trusted developers who are permitted to submit new software, while the code written by parties with unknown reputation and potentially dubious intensions gets sandboxed and rigorously inspected for adverse attributes. This approach creates a closed environment of certified apps that won’t cause harm.

Despite all effort, new samples of malicious software are sneaking into Mac machines all the time, bypassing the Gatekeeper feature and other obstacles on their way. These include browser-specific infections for the most part, with some system-level pests like counterfeit optimization tools and rogue antiviruses occasionally breaking the news as well. The prevalent attack channels are bundled installations from untrusted sources, and highly obfuscated exploits dropped on one’s box when compromised websites are visited.

Safari locked by fake FBI alert

The native Safari and Mac variants of Chrome and Firefox browsers have been consistently the lowest-hanging fruit for attackers. Luckily, as annoying as these compromises are, they are relatively easy to address. The scammers’ idea is to furtively install a plugin or some other browser component which displays pre-defined commercial content, causes page redirect activity or even locks the browser. One example of the latter hoax is the infamous FBI hijack, where the malware displays a spoof law violation screen and prevents the victim from navigating away until a ransom is paid. This predicament can be resolved by clearing the infected browser’s cache.

Some samples of Mac malware, having inconspicuously trespassed on the system, will mimic a security scan and report viruses that aren’t there for real. The abominable objective in these scenarios is to dupe the user into registering the “licensed copy” of the product. One of the known scareware apps typifying this sort of fraud is Mac Defender, which blatantly claims to be “the world’s leading security solution”. The irritating system scan emulation instances and recurring pop-ups will vanish under two conditions: if the payment is submitted by the victim, or if the bug gets removed – it’s needless to contemplate over the correct option, obviously.

Misleading update alert caused by a piece of adware

A whole standalone cluster of Mac infections is adware. These are currently occupying a dominating niche as far as their overall share is concerned. The most widespread examples are homepage and search hijackers, redirect scripts and ad-injecting extensions that install on web browsers without the admin’s authorization. Some of these threats embed advertisements (coupons, comparison shopping, text links and transitional ads) in sites visited by the user. Others trigger fake warnings stating that some critical software is out of date, recommending installations that can turn out to be dangerous. There are instances of adware that modify browsing preferences in order to promote shady online services.

Whichever species of Mac malware is encountered, it should be eliminated as soon as possible. The tips below provide the general methodology to handle malicious items in a hassle-free way.

Malware removal from Mac (manual way)

This method is applicable if the name of the infection is known, for instance in case it’s a rogue antivirus that’s causing issues. The steps listed below will walk you through the removal process. Be sure to follow the instructions in the order specified.

1. Open up the Utilities folder as shown below

Open up the Utilities

2. Locate the Activity Monitor icon on the screen and double-click on it

Locate the Activity Monitor

3. Under Activity Monitor, find the entry for the troublemaking app, select it and click Quit Process

Quit MacDefender process

4. A dialog should pop up, asking if you are sure you would like to quit the executable. Select the Force Quit option

5. Click the Go button again, but this time select Applications on the list. Find the malicious entry on the interface, right-click on it and select Move to Trash. If the user password is required, enter it

6. Now go to Apple Menu and pick the System Preferences option

Pick the System Preferences

7. Select Accounts and click the Login Items button. Mac OS will come up with the list of the items that launch when the box is started up. Locate the malware object there and click on the “-“ button

Remove MacDefender from Login Items

 

Remove malware from web browsers on Mac

Settings for the web browser that got hit by adware should be restored to their default values. The overview of steps for this procedure in different browsers is as follows:

1. Reset Safari

• Open the browser and go to Safari menu. Select Reset Safari in the drop-down list

• Make sure all the boxes are ticked on the interface and hit Reset

Resrt Safari

2. Reset Google Chrome

• Open Chrome and click the Customize and Control Google Chrome menu icon

• Select Options for a new window to appear

• Select Under the Hood tab, then click Reset to defaults button

Reset Chrome

3. Reset Mozilla Firefox

• Open Firefox and select HelpTroubleshooting Information

• On the page that opened, click the Reset Firefox button

Reset Firefox

 

Automatic malware removal from Mac

1. Download and install MacKeeper application (read review). In addition to security features, this tool provides a vast arsenal of Mac optimization capabilities

Download MacKeeper

2. Get your Mac checked for malicious software by going to System Scan and starting the scan procedure

MacKeeper: Analysis

3. When the app comes up with a list of detected security issues, get those fixed by clicking the respective button.

Return

Search