What should I do if Malware Blocked Pop-Up won't close on my iMac?

It may be caused by the Citrix app if you installed it on your computer. If that is the case uninstall it using the provided uninstaller and use an updated version if you choose to install it again.

If that is not the case or are still having problems with Citrix, then post the free EtreCheck report using the Additional Text option when posting. This does not show any personal information, but will show the apps that are launching in several system folders.

How to use the Add Text Feature When Post… - Apple Community

Have you removed/reinstalled Citrix?

The Citrix files launching on startup are most likely unsigned from a previous install, but it is just guesswork without the EtreCheck report using the provided link to post it using the Additional Text option when posting.

How to use the Add Text Feature When Post… - Apple Community

I’m sorry but your Mac is now spoilt goods and must get a fresh start to life from scratch.

Reset to factory and set your Mac up afresh - What to do before you sell, give away, trade in, or recycle your Mac - Apple Support

Important: Do not use Time Machine at any point during the reset process. Copy user data files like PDFs, jpegs etc. manually to external disk and re-copy them back after your Mac is setup fresh.

Important: Do not re-install apps that are trouble: typically those downloaded from outside the Apple Store that claim to clean viruses and enhance performance.

Good luck!

The Admiral London wrote:

I've removed all the Citrix files, I'll try the EtreCheck next once I've got my head around it.

Some versions of Citrix require you to use their uninstaller to remove all the files in your launch folders, so if you still see the Malware warning after a restart, then they may still be there and we can identify them with the EtreCheck report.

The report is not showing. Follow the steps here to post the report.

How to use the Add Text Feature When Post… - Apple Community

Removing Citrix is going to be the key in resolving the pop up you are seeing. They do provide an uninstaller on their website, but if there are System Extensions, they may be much more difficult to remove, but we will do our best.

Download and run Malwarebytes and it should take care of any malware.

Telling us " I downloaded some anti malware software ..." does not tell us a thing. Please be specific. Going forward NEVER EVER download any third party:

• antivirus apps
• cleaning apps
• security apps
• VPN apps
• maintenance apps

Kyo317 wrote:

However, some viruses corrupt your system file, so, first shut down you Mac, boot it in to recovery mode, and click erase Mac in the menu bar.

It is not a virus, it is an old version of Citrix installed before the software was signed. While restoring may be required if the System Extension is embedded into the OS due to Apple locking system files, it sure doesn't hurt to try and remove it before using the Nuclear option and wiping the computer.

Good decision! Don’t worry, it’s not a “nuclear” option - takes very little time and is actually very satisfying! Be sure not to use Time Machine to either backup or restore. Install Apps fresh and backup-restore data files manually. Finally, do not reinstall dodgy and unnecessary 3rd party apps, Etre & Malware included. Good luck!

EtreCheck will reveal the cause. Things like "Malwarebytes" won't help.

Agree with John Galt, no need for a factory reset as long as the extensions are not embedded in the OS from a long ago installation and Citrix is not considered Malware that would be detected by MalwareBytes, but versions of Citrix when unsigned will prompt the Malware warning if they are still in the launch folders after removing the application.

Hi there!

I would recommend you to restore your Mac at this point!

If you are in a rush, go to settings, general, erase content and settings and press the button the restore your Mac.

However, some viruses corrupt your system file, so, first shut down you Mac, boot it in to recovery mode, and click erase Mac in the menu bar.

I wish everything’s fine

The free version of Malwarebytes is sufficient.