Apple Intelligence now features Image Playground, Genmoji, Writing Tools enhancements, seamless support for ChatGPT, and visual intelligence.

Apple Intelligence has also begun language expansion with localized English support for Australia, Canada, Ireland, New Zealand, South Africa, and the U.K. Learn more >

You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Don Gee
Don Gee Author
User level: Level 1
6 points

Removing scammed Malwarebytes

I was recently scammed by AmericanGeeks - just for reference. I'm working to get this straightened out.

They used/stole Malwarebytes to "fix" my Sarafi. I've been in touch with Malwarebytes & the were very helpful.

They suggested I just "trash" their software from my Mac (OSX 10.11), which I did. However, I still have it on my menu bar and I keep getting update notices. I've tried the suggestion to "Command + L, click & drag away" and it doesn't work. Any suggestions on how to get this Malwarebytes off of my Menu Bar, and out out my computer?

iMac, OS X El Capitan (10.11)

Posted on Dec 15, 2017 8:36 AM

Reply
Question marked as Top-ranking reply
User profile for user: Don Gee
Don Gee Author
User level: Level 1
6 points

Posted on Dec 16, 2017 9:17 AM

I did #2 almost immediately. I may be gullible, but not dumb. #1 I called Visa (USAA) & they said I cannot dispute until it's posted (paid). Now, still pending after 4 days. All seems well with computer, except Safari. I've emailed Apple a few days ago about this situation, but have heard nothing from them. Have been using my back-up, Firefox with no problems. Initial "scam" came thru Safari (while on eBay) via Comcast cable.

View in context
8 replies
Question marked as Top-ranking reply
User profile for user: Don Gee
Don Gee Author
User level: Level 1
6 points

Dec 16, 2017 9:17 AM in response to Kurt Lang

I did #2 almost immediately. I may be gullible, but not dumb. #1 I called Visa (USAA) & they said I cannot dispute until it's posted (paid). Now, still pending after 4 days. All seems well with computer, except Safari. I've emailed Apple a few days ago about this situation, but have heard nothing from them. Have been using my back-up, Firefox with no problems. Initial "scam" came thru Safari (while on eBay) via Comcast cable.

Reply
User profile for user: Don Gee
Don Gee Author
User level: Level 1
6 points

Dec 16, 2017 7:12 AM in response to Kurt Lang

I followed your advice and downloaded the 30 Free Trial of Malwarebytes. Then decided to just keep it for 30 days.

I've been in email contact with Malwarebytes over this scam. They were very helpful & the scam wasn't their fault. AmericanGeeks (the scammers) used their software/site to "fix" the problem they created - at $500. Yikes!

Reply
User profile for user: Kurt Lang
Kurt Lang
User level: Level 9
62,292 points

Dec 16, 2017 9:19 AM in response to Don Gee

Sounds like you paid them $500 to fix nothing (it's what all of these scammers do).


Very, very important! Call the credit card company you paid them with and do at least these two things. As in, immediately!


1) Explain you were scammed and have the charges reversed. No sense letting the crooks keep $500. They've all heard of these before and you shouldn't have any problem getting the charge removed.


2) Have them cancel the card NOW! The scammers have all of the information they need to use that card for fraudulent purchases, or will sell the info to other crooks who will.

Reply
User profile for user: Kurt Lang
Kurt Lang
User level: Level 9
62,292 points

Dec 16, 2017 10:02 AM in response to Don Gee

It may be difficult to determine what they did while poking around your Mac. They may have turned screen sharing on. So, even though they're no longer in direct control of your desktop, you could still be watching everything you do. Go into the System Preferences under Sharing and make all check boxes are off.


Not sure what you mean by Safari being screwed up. The worst they could have done was install an extension, or change the startup page to point somewhere they want you to go. Check in Safari's preferences and look for any extensions you don't recognize. Disable and remove them. Under the General tab, look to see if they changed your home page.


Since they had direct access, also make sure to uninstall LogMeIn, or Teamviewer. Whichever one it is they had you install.


Though really, what I would do is backup all personal files, wipe the drive, reinstall me third party apps from scratch, and then manually place my personal files back onto the drive. Or, erase and reinstall the OS, and restore a Time Machine backup that you know is from a point before they had access.

Reply

Removing scammed Malwarebytes

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up