pua.osx.installcore malware

Malware Bytes app from the App Store doesn't remove it or even end it on my computer. The scan for a known fingerprint implemented in Malware Bytes isn't very effective on with Macs either.

I know this is two years later but is there any recommended way to remove all of the files that may have been installed by PUA.osx which I downloaded from the App Store itself?? It's part of the programming of the actual binary executable file that run the software.

Also my Malware Bytes claims it scans my entire system in 1 second. Every single file. My finder can't even expand a few folders that fast... Has pua.osx or some other malware corrupted my malware bytes preferences list? I know this foundational type information that comes easily viewable with every free single download is for obvious reasons top secret but what should the .plist for Malware Bytes even say if it hasn't been modified or is there any other known way to modify the behavior of a program?

Hello chase_daniel,

MalwareBytes is not in the Mac App Store. The Mac App Store restrictions make any kind of anti-malware app fundamentally impossible. The fact that there are so many such apps listed is a real black eye for Apple. What app did you actually download? I strongly suggest you remove it immediately.

MalwareBytes Anti-Malware for Mac is not in the App Store nor has it ever been. It would not be effective at all if it was due to the rules Apple enforces for App Store apps. Any AV software you find in the App Store is a scam.

What is the full name of your infection? There is no such app as PUA.osx. PUA stands for Potentially Unwanted Application. What is the full name of the app you say you downloaded fro the App Store.

The reason that MalwareBytes can scan your entire system so quickly is that it isn't scanning any files at all. It looks for files by name in all the places it knows they are installed, so doesn't have to waste time looking at files that are harmless. If you want software that scans every file on your computer that you have read access to, then give ClamXAV a try.

chase_daniel wrote:

Malware Bytes app from the App Store doesn't remove it or even end it on my computer.

First, as has been pointed out, the Malwarebytes app is not in the App Store. If you downloaded something from the App Store that made you believe it was affiliated with Malwarebytes, I'd like to find out what that is. There are NO apps from Malwarebytes in the Mac App Store.

As for the file you're concerned about, if you post the path to the file that ClamXav is detecting, we can give you more information about what it is and why it might not be detected by Malwarebytes.

Also my Malware Bytes claims it scans my entire system in 1 second. Every single file.

No it doesn't. In fact, it's actually documented in a number of places that it does not scan every single file on the entire system.

Suppose you are looking for your car keys. Do you start at one end of your house and search to the other end, looking in places like the fireplace, the dishwasher, on top of the ceiling fan, in the toilet tank, etc? No. You look in places where it makes sense for your car keys to be.

Similarly, when Malwarebytes is looking for bad Safari extensions, for example, it does not need to look in places like the font folders, iTunes library, iPhoto/Photos libraries, etc. It only needs to look for them where it makes sense for Safari extensions to be.

MadMacs0 wrote:

It looks for files by name in all the places it knows they are installed

Actually, a lot of the rules are more complex than just detection by name at this point. Some rules are able to detect a wide variety of files that may have widely-varying names.

I can't seem to access your latest posting for some reason, but let me try to save you some time concerning the first area...

chase_daniel wrote:

I'm now very confused as to where I obtained my copy then since I'm fairly certain I called AppleCare and spoke to someone who told me to download Malwarebytes, which I did from the Mac App Store. I'll check my time machine backups. I also remember calling a second time and being recommended to use Malwarebytes again which I informed them I had already and it was didn't identify any issues. I have everything backed up since this all began on Dec. 22, 2016. I've been finding stuff dated back to 2011 though and I'd assume their is an accompanying bom file somewhere.

Malwarebytes Anti-Malware for Mac does not use an installer, so don't waste any time looking for a bom file. It currently downloads as mbam-mac-1.2.6.730.dmg, an image file which, when mounted, you simply drag the app to your /Applications folder.

Download and run Malwarebutes Anti-Malware

If you would rather not download Malwarebytes Anti-Malware, you can remove the malware manually following the instructions here > Remove unwanted adware that displays pop-up ads and graphics on your Mac - Apple Support

Arnorf wrote:

My ClamXav application has discovered pua.osx.installcore malware. How do I removeit safely?

Right-click / <Control>-click on the entry in the ClamXav window and choose "Delete" from the contextual menu. Then choose "Empty Trash..." from the Finder's File menu.

For more information see Dealing with Infected Files.

Try the download from here, not the App Store.

Malwarebytes | Malwarebytes Anti-Malware for Mac