Originally posted by NickFitz
View Post
EDIT: here's an alternative take on manual removal, including updates for new variants that have come along since the instructions below first circulated. Also, the free ClamXAV app has been updated to deal with these bits of scumware.
For anybody who ends up installing one of these thingies on their Mac, it turns out getting rid of them is pretty simple. The main problem is that the Finder won't let you trash the application because it's in use by the running process(es), so:
Sorted
For anybody who ends up installing one of these thingies on their Mac, it turns out getting rid of them is pretty simple. The main problem is that the Finder won't let you trash the application because it's in use by the running process(es), so:
- Locate the application (e.g. Mac Defender) in the Applications folder;
- Right-click (or Ctrl-click, or whatever you usually do to popup a context menu) and select "Show Package Contents";
- In the new Finder window that opens, select everything (Cmd-A is the quickest way) and send it to the Trash;
- Empty the Trash. If Finder complains that something is in use, select "Secure Empty Trash" from Finder's application menu;
- Restart (or, if you know what to look for, use Activity Monitor to terminate all relevant processes - generally, it's easier to restart);
- Find the application as in step 1; as it's now just an empty folder with a fancy icon, you should be able to send it to the Trash without any problem.
Sorted
(I note that image shows the account as having Admin privilege. When will folks learn to set up and use a non-Admin account for general surfing????)
Once you've removed it from startup items, a simple logout and login should get rid of the process, and you will be able to delete it and empty Trash straight away.
to the bell end that neg repped me for this thread and didn't sign it 
Comment