DigitGuild Mac virus (Free Guide)

DigitGuild Mac virus Removal Guide

What is DigitGuild Mac virus?

DigitGuild is a virus that successfully avoids detection and removal by Mac's built-in defenses

DigitGuildDigitGuild is a malicious application designed for Mac systems

DigitGuild is a malicious software example that has been spreading around in the recent week. It only affects Mac operating systems and belongs to a relatively expansive malware family known as Adload. While it does not spread automatically, users are typically tricked into installing it due to various phishing techniques used by its developers.

Once on the system, it appends a browser extension on Safari, Chrome, Firefox, or another web browser, which helps the DigitGuild virus to perform its malicious duties: it changes the homepage, new tab, search provider, and similar settings (although this may vary from version to version). This helps the virus to push sponsored links and ads, which profits its authors. The extension is also used to harvest various personal details, including credit card and account information.

Since malware performs several changes on the system and implements its own components, its impact can be pretty significant; for example, it may install additional payloads without asking user permission first. We strongly recommend you get rid of DigitGuild as soon as possible, as it will be a threat to your personal safety and computer security for as long as it is running on your Mac.

Name DigitGuild
Type Mac virus, adware, browser hijacker
Family Adload
Installation Fake Flash Player update prompts and pirated program installers
Symptoms Installs an extension to the browser that can not be deleted easily; changes homepage/new tab to Safe Finder, Akamaihd, or something else; redirects lead to potentially malicious or scam sites, promotes suspicious software, etc.
Removal The easiest way to remove unwarned and malicious software on Macs is by performing a full system scan with SpyHunter 5Combo Cleaner. Alternatively, you can attempt to terminate the infection manually
System optimization Third parties can employ cookies to continue tracking your online activities, so we recommended clearing browser caches and other leftover adware files with ReimageIntego

Adload: the persistent threat to Macs

Adload is one of the most active Mac threats there, successfully distributed via fake Flash Player installers[1] or pirated software installers. It has been active since at least 2017 and has hundreds of variants released so far, including AnalyzerState, SagaDynasty, ManagerTemplate, and many others.

Malware uses a unique naming pattern – its titles usually consist of two or three predetermined words that are picked randomly. All versions also use the exact same magnifying glass icon, although the background might vary (we have seen it using blue, teal, green, red, and, most recently, gray colors).

In essence, when it comes to Adload functions, versions do not differ much from another, although its authors are constantly changing some modules and improving persistence mechanisms to avoid Mac's built-in security measures.

Initially classified as adware, DigitGuild and other Adload versions have a lot going on for them. The main goal of the cybercriminals behind it is to earn passive revenue from various ads that can show up as pop-ups, deals, offers, banners, and other forms. Since rogue advertising networks are used, the quality of these ads might be appalling, and the chances of encountering phishing and other malicious content are much higher.

DigitGuild virusAdload malware can break into Mac's system and avoid detection by Xprotect

How to effectively remove DigitGuild

Versions of Adload are known for their relatively simple but effective method of infiltration and persistence. Since people are tricked into installing them, they enter their AppleID prior to installation, which allows it to run with elevated privileges. At this point, the virus excludes its elf from built-in Apple defenses such as XProteect or Gatekeeper[2] and continues its operation without interruption.

It installs several components on the system that help it function well. For example, new Login items ensure that malware would run automatically as soon as the system is booted. PLIST files and other components ensure configuration for the app does not get altered, and settings remain unchanged from those set by the virus.

Due to this, we strongly recommend you remove DigitGuild using SpyHunter 5Combo Cleaner, Malwarebytes, or other powerful security software. If you choose this method, we still recommend you check the

Step 1. Remove the main program

The virus consists of several components scattered across the system, which are all intertwined. Due to this, some of the steps below might simply not be possible without eliminating certain elements first. Let's start with the main application.

  • Open Applications folder
  • Select Utilities
  • Double-click Activity Monitor
  • Here, look for suspicious processes and use the Force Quit command to shut them down
  • Go back to the Applications folder
  • Find the malicious entry and place it in Trash.Uninstall from Mac 1

Step 2. Get rid of persistence components

Deleting unwanted profiles and Login Items is necessary when trying to eliminate malware from a Mac.

  • Go to Preferences and pick Accounts
  • Click Login items and delete everything suspicious
  • Next, pick System Preferences > Users & Groups
  • Find Profiles and remove unwanted profiles from the list.

Step 3. Delete leftover files

The PLIST files are small config files, also known as “Properly list.” They hold various user settings and hold information about certain applications. To remove the virus, you have to find the related PLIST files and delete them.

  • Select Go > Go to Folder.
  • Enter /Library/Application Support and click Go or press Enter.
  • In the Application Support folder, look for any dubious entries and then delete them.
  • Now enter /Library/LaunchAgents and /Library/LaunchDaemons folders the same way and delete all the related .plist files.Uninstall from Mac 2

Step 4. Don't forget to clean your browser

Regardless of whether you pick a manual or automatic DigitGuild Mac virus removal method, you should always check your web browser to ensure that it's clean. Cookies,[3] for example, might remain on your browser for years if not removed and continue tracking activities by unwanted parties. Besides, since the extension might start gathering sensitive information such as passwords or credit card details, you should make sure all its elements are eliminated.

Safari

  1. Click Safari > Preferences…
  2. In the new window, pick Extensions.
  3. Select the unwanted extension and select Uninstall.Remove extensions from Safari

Google Chrome

  1. Open Google Chrome, click on the Menu (three vertical dots at the top-right corner) and select More tools > Extensions.
  2. In the newly opened window, you will see all the installed extensions. Uninstall all the suspicious plugins that might be related to the unwanted program by clicking Remove.Remove extensions from Chrome

You might not be able to remove the extension due to persistence mechanisms used by malware. If that is true for you, you should simply opt for browser reset:

Safari

  • Click Safari > Preferences…
  • Go to the Advanced tab.
  • Tick the Show Develop menu in the menu bar.
  • From the menu bar, click Develop, and then select Empty Caches.Reset Safari

Google Chrome

  1. Click on Menu and select Settings.
  2. In the Settings, scroll down and click Advanced.
  3. Scroll down and locate Reset and clean up section.
  4. Now click Restore settings to their original defaults.
  5. Confirm with Reset settings.Reset Chrome 2

If the extension was removed successfully, make sure you clean the web browser's caches to prevent tracking cookies from doing their job. You can also opt for automatic system cleaning with ReimageIntego or refer to these instructions if you prefer the manual method:

Safari

  1. Click Safari > Clear History…
  2. From the drop-down menu under Clear, pick all history.
  3. Confirm with Clear History.Clear cookies and website data from Safari

Google Chrome

  1. Click on Menu and pick Settings.
  2. Under Privacy and security, select Clear browsing data.
  3. Select Browsing history, Cookies and other site data, as well as Cached images and files.
  4. Click Clear data.Clear cache and web data from Chrome
Offer
do it now!
Download
Reimage Happiness
Guarantee
Download
Intego Happiness
Guarantee
Compatible with Microsoft Windows Compatible with macOS
What to do if failed?
If you failed to fix virus damage using Reimage Intego, submit a question to our support team and provide as much details as possible.
Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

How to prevent from getting adware

Choose a proper web browser and improve your safety with a VPN tool

Online spying has got momentum in recent years and people are getting more and more interested in how to protect their privacy online. One of the basic means to add a layer of security – choose the most private and secure web browser. Although web browsers can't grant full privacy protection and security, some of them are much better at sandboxing, HTTPS upgrading, active content blocking, tracking blocking, phishing protection, and similar privacy-oriented features. However, if you want true anonymity, we suggest you employ a powerful Private Internet Access VPN – it can encrypt all the traffic that comes and goes out of your computer, preventing tracking completely.

 

Lost your files? Use data recovery software

While some files located on any computer are replaceable or useless, others can be extremely valuable. Family photos, work documents, school projects – these are types of files that we don't want to lose. Unfortunately, there are many ways how unexpected data loss can occur: power cuts, Blue Screen of Death errors, hardware failures, crypto-malware attack, or even accidental deletion.

To ensure that all the files remain intact, you should prepare regular data backups. You can choose cloud-based or physical copies you could restore from later in case of a disaster. If your backups were lost as well or you never bothered to prepare any, Data Recovery Pro can be your only hope to retrieve your invaluable files.

About the author
Lucia Danes
Lucia Danes - Virus researcher

If this free guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Lucia Danes
About the company Esolutions

References