Best way to recover from MacKeeper attack / potential key logger, etc.

Discussion in 'iMac' started by triple-tap, May 22, 2016.

  1. triple-tap macrumors 6502

    Joined:
    Feb 18, 2013
    #1
    Hello all,

    My significant other was researching wedding info for an upcoming friend's wedding, and downloaded an "Adobe flash update"...

    She then noticed MacKeeper was installed on the iMac (2013 27" base with OS X v10.11.2). Adware was installed, the home page was for safari was changed, etc.

    Anyway, I deleted the MacKeeper app, changed the Safari Homepage, deleted some weird adware stuff in the Applications folder.

    However, what else should I be doing to ensure I am not still a victim? are key loggers still an issue in this scenario?
     
  2. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #2
    The most complete way is to wipe and reinstall the system. Short of that, run Malwarebytes and see if it kicks something out.
     
  3. triple-tap thread starter macrumors 6502

    Joined:
    Feb 18, 2013
    #3
    Is there any particular procedure I should follow in doing so? Can I simply boot with Command + R and choose to re-install OS X? I've never had to completely wipe a mac for malware, key logger, "virus"-type issues.

    I am searching around for it, but I am finding conflicting answers on other mac boards.
     
  4. JohnDS macrumors 65816

    Joined:
    Oct 25, 2015
  5. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #5
    Before you wipe your system, be sure you have one. As I mentioned use Malwarebytes. That will definitely let you know if your system is infected.

    If you still want to go the reformat route, then make sure you backed up your data, hit ctl-r to boot into the recovery partition. Reformat the system drive and reinstall OS X. You'll then have to reinstall all your apps, and restore your data. Depending on what you have, that may be a long process .
     

Share This Page