Removing (and Identifying) Trojan/Malware

Discussion in 'Mac Basics and Help' started by netdog, Jan 24, 2019.

  1. netdog, Jan 24, 2019
    Last edited: Jan 24, 2019

    netdog macrumors 603

    netdog

    Joined:
    Feb 6, 2006
    Location:
    London
    #1
    I made the mistake of authorizing an installation this morning on my 10.14.2 2017 MBP. I had thought it was for a Wine-based backgammon program (from a source I trust) but there was a security notice about a program called Ward***-*** AG (*** represent parts of the name I don't remember) or something like that. Anyway, I Googled it and it was something about a driver for a security key, which I figured was for my homeopathy program, which uses a USB-HASP. What's really curious is that I can't find the search in my history now.

    Anuway, I gave approval to install and it said system had to be rebooted, which is making me think that it wrote to the kernel. During the reboot, I shut down the machine, and when it booted, it didn't appear to be making any alteration but just went into its normal bootup screen.

    In console, how can I filter out the noise to see what was installed? I'm a newb to Console. Or is there another way? An easy way in Terminal? Please if you have an answer, be quite specific.

    Second, I am running a backup now under Time Machine and I am downloading a full version of Mojave 10.14.3 (as opposed to the .2 version currently on my machine). If I instally Mojave as a clean install, should I then run a time-machine restore? Or will that bring back any malware/trojan that I may have allowed past the gate? Hopefully 10.14.3 wouldn't take updates from a system that is .2? I could also copy my Home folder and copy all that back. I know I'd have to reinstall apps, but that isn't a big deal.

    Anybody able to help with any of these issues? If so, much appreciated.
     
  2. keysofanxiety macrumors G3

    keysofanxiety

    Joined:
    Nov 23, 2011
    #2
  3. BrianBaughn macrumors 603

    BrianBaughn

    Joined:
    Feb 13, 2011
    Location:
    Baltimore, Maryland
    #3
    I've seen pesky malware for which I needed both a Malwarebytes cleansing and an Etrecheck bath.

    If you want to do more you can use Rootkit Hunter which is explained here.
     
  4. netdog thread starter macrumors 603

    netdog

    Joined:
    Feb 6, 2006
    Location:
    London

Share This Page