Q: How can I remove suspected malware from Utilities?
Short version: I want to remove a suspicious application from the Utilities folder. When I try to move the application file to Trash, I get a Finder dialog asking for my Mac password. If the file is malware, is it unsafe to enter my password to trash the file?
Follow-up question: What else will I need to do to fix this problem?
I have installed and run Malwarebytes Anti-Malware and it did not flag or affect the suspect file. But I still think the file may be malware and I want to remove it.
Full story:
I believe I have installed some malware disguised as an Adobe Flash update.
I may have done this on July 11, 2015, in response to a pop-up in Firefox 39.0.
My computer is showing malware symptoms. In looking into the problem, I found out about the "Flash" malware on the Apple support page https://discussions.apple.com/docs/DOC-3122.
Prompted by reading that, I searched my system and found a file I suspect. In my Applications folder, I see an instance of AdobeFlashPlayerInstallManager.app version 18.0.0.209, copyright 2008. It is installed in the Utilities folder. It was created on my Mac on July 11 and modified July 14, which would be consistent with the time period when I now recall seeing the browser popup that said I was using an outdated copy of Flash.
Now I am trying to move the suspect Flash application file to the Mac Trash. When I right click and select Move to Trash, I get a Finder dialog that asks for my computer password. Should I do this? If not, how can I remove this suspect file?
Please advise also about all other recommended recovery steps.
I have learned the lesson not to update software via browser pop-ups.
Attaching a screen shot of the Get Info window for the suspicious file.
Thank you!
MacBook Air (13-inch Mid 2013), OS X Yosemite (10.10.3)
Posted on Jul 16, 2015 2:26 PM
