Cleaning Macs Infected with Flashback Botnet Malware


If your computer has been blocked from the UofT wireless network because of a Flashback Botnet infection, follow these instructions to clear the infection.

Ensure that you have completed all of the updates that are available for your machine. Apple provides instructions for running system updates on their website. System updates are essential in cleaning your computer as Apple provides security patches specifically regarding this malware in the updates.

You may have to run the system updates multiple times to ensure that they are current. If the updates are not installing, you may need to install them one at a time or in small batches. We recommend you install the system updates first before updates for other software (for example, iTunes).

Once you have ensured that all updates are installed, follow these steps to complete the cleanup.

  1. Download the Flashfake Removal Tool from Kaspersky.
  2. Open the downloaded .zip file. This will extract the tool into a folder labeled flashfake_removal_tool.
  3. From within this folder, run Flashfake Removal Tool.
  4. Press the Start scan button.
  5. Enter the administrator password for your computer if required.
  6. Ensure the scan displays the message "No infection has been detected".

Once these steps have been completed, contact the Help Desk with your results at help.desk@utoronto.ca or 416 978 4357

The Help Desk reccomends your Mac have antivirus software. You can find out more information on our Antivirus website

Tags: antivirus, Mac OS X
Last update:
2015-03-24 15:06
Author:
dawas zaidi
Revision:
1.2
Average rating:0 (0 Votes)

You can comment this FAQ