So, somehow you’ve gotten infected with Mac Defender or Mac Protector. It’s the latest malware to hit OS X users, and it’s turned out to be particularly rampant. Hundreds and hundreds of posts are out there from folks looking for a way to rid themselves of this insidious malware.
First, let’s clear something up—neither Mac Protector nor Mac Defender is a legitimate anti-virus tool, as they pose to be. They are malware, opening your browser to random porn links, and telling you that legitimate system files like Terminal are actually spyware. No, they aren’t—Mac Protector and Mac Defender is the spyware. When you try to “clean” with it, it says your copy is unregistered, and prompts you to enter your personal information including a credit card. Don’t. If you did? Contact your bank. You’re not buying anything—you’re just sending your credit card information to people who may not have your best interests in mind.
Obviously, with things like this out there, you should be running an anti-virus. There are a number of anti-virus products for Mac OS X from a variety of manufacturers. If you don’t feel like spending your hard earned money on one, Sophos offers their Home Edition for Mac OS completely free. However, Mac Defender and Mac Protector can interfere with installing legitimate anti-virus products. You need to remove them first.
That’s where your friends here at Icrontic come in. Search Apple support no more, call not the Genius Bar, return not to the shiny white store, my friends! For we deliver unto you: The Icrontic Mac Defender / Mac Protector Removal Tool!
This simple easy to use tool can completely remove Mac Protector AND Mac Defender from your infected systems in two clicks. Since it’s a shell script and an AppleScript, it is virtually impossible for this malware to interfere with its operation.
Using the Icrontic Mac Defender/Mac Protector Removal Tool
First, download the ZIP file. Double click on it to open it, and drag the two files anywhere on your system—even onto a USB drive or your Desktop. They can be run from anywhere, as long as both files are in the same folder. You should have “Clean_MacProtector.sh” and “Clean_MacProtector_Login.scpt”.
There are two possible ways to run this tool; if your Mac is configured to run .sh files from Terminal, this way will work:
Double click “Clean_MacProtector.sh” and Terminal should pop up while it runs. Wait while it cleans your system of Mac Defender or Mac Protector. If you have a lot of applications installed, or a large hard disk, the script can take a very long time to run. It actively searches every directory and drive on your Mac for possible infection, just in case it installed to an unexpected location or an alternate drive.
If that doesn’t work, and it just opens up a bunch of code in TextEdit, close TextEdit and do this:
- Go to the folder where you have the .sh file. Hold down Control and click on the file. You’ll get a menu that pops up; select “Open With…” from that menu.
- From “Open With”, select “Other”
- Scroll down until you see “Utilities”, and double click that
- At the bottom of that window you’ll see a box that says “Enable: Recommended Applications”. Click that and change it to “All applications”
- Back up in the Utilities window, scroll down until you see “Terminal” and select that. Then click “Open” and the tool should run.
That’s all there is to it! Your system will be clean, no calls or visits to Apple necessary, and it’s free.
Stay safe!