Shutdown malware

Discussion in 'macOS' started by ponybear, Oct 29, 2016.

  1. ponybear macrumors newbie

    Oct 29, 2016
    Dear Macrumors,

    a "Computer will sleep in 10min" popup window has appeared on my desktop. It appears to be the standard Apple popup for scheduled sleep/shutdown. When I click on "abort", it instantly appears again and sets it self to focus, possible after each keystroke. Thus, I am not able to use the keyboard to open terminal or activity manager to shut it down. The classic troll malware I suppose.

    It even appears after I login in safe mode. What should I do? Can I abort/delete the script/malware from the terminal in Recovery Partition?

    I know it would be easist to just wipe and restore to backup, but my most recent backup is 6 months old. I promise to buy a HDD tomorrow if I'm able to resolve it.

    I am sorry to ask for assistance, but for all the articles about how to create this Kind of Malware, I could not find one single article that helped me to resolve it. Please help me.

    Thank you very much.
  2. Floris macrumors 68020


    Sep 7, 2007
    sudo ps aux > procs.txt

    And then let someone take a look at all the procs
  3. JohnDS macrumors 65816

    Oct 25, 2015
    What Mac do you have?

    In this thread:

    a poster said:

    "I had the same problem. "Are you sure you want to shut down" window would repetitively pop up, similar to the guys above, and would dominate the screen until I hit cancel. Could hit cancel, and the message would just keep repeatedly popping up as fast as I could hit cancel. It was something buggy in my 30 " cinema display power button. I went into system preferences > displays > options > and changed the power button function to "do nothing". Problem fixed."
    --- Post Merged, Oct 30, 2016 ---
    Also, it is possible that another external peripheral may be the problem. Try safe booting with all external peripherals disconnected.

Share This Page