“YOUR APPLE DEVICE HAS A VIRUS” virus (Removal Instructions) - Free Instructions
“YOUR APPLE DEVICE HAS A VIRUS” virus Removal Guide
What is “YOUR APPLE DEVICE HAS A VIRUS” virus?
“Your Apple Device Has a Virus” scam targets the “invincible” Mac OS
“Your Apple Device Has a Virus” virus spreads as a tech support scam targeting Mac and iOS community. This browser-based scam frightens users with Pegasus spyware. In order to save the data from theft, the message urges users to call +1-8333-370-777. Here is an extract from the message:
*YOUR APPLE DEVICE HAS A VIRUS*
Apple iOS Alert!!
PEGASUS (SPYWARE) ACTIVATED
System might be infected due to unexpected error!
Please Contact Apple Care +1-8333-370-777 Immediately!
for assistance regarding how to remove it.
According to the message, the following data is under risk:
- credit card details and banking credentials
- email account passwords
- Facebook, Skype, AIM, ICQ and other social network accounts
- private photos
“Your Apple Device Has a Virus” tech support scam: fake or genuine?
The scam developers indeed did a good job. They tied in legitimate information which might persuade Apple and iPhone users that indeed their computers might have been corrupted. They mention two things: Pegasus spyware and Apple Care, which is the genuine Apple support center.
But first things first, let us assure that this notification is fake. Whether you see such notification on Windows or Mac, note that such alerts do not pop up in random pages. Secondly, genuine notifications do not include a phone number.
Thus, what you have to do is exit the page or force shut down via Activity Monitor. However, it is recommended to remove “Your Apple Device Has a Virus” scam elements by clearing the browsing data or scanning the system with the Mac version of Malwarebytes. The image displaying “Your Apple Device Has a Virus" pop-up alert. It attempts to persuade users that their devices have been compromised with Pegasus spyware.
What is this Pegasus spyware?
If you have been familiar with Pegasus spyware, you might indeed get paranoid about the security of your Apple device.
As a matter of fact, Pegasus malware, which feeds on three zero-day vulnerabilities, was devised specifically for MacOS and iOS, though it has its Android counterpart as well[1].
In 2016, United Arab Emirates citizen Ahmed Mansoor discovered an exquisite malware campaign targeting iOS. He got a couple of SMS messages with shady links.[2] They were the harbingers of the main malware payload.
Clicking on the link would download Pegasus malware which would, later on, download remaining necessary files which would allow the malware to fully monitor’s users private messages. Keylogging features enable the malware to read encrypted content as well.
Another problem is that Pegasus enables to hide its tracks professionally. It is able to self-destruct if it is deprived of connection to Command and Control server within 60 days. Interestingly, the malware only targets specific users as it was designed by an Israeli company to belong to NSO group.
If you are wondering whether you have been infected with Pegasus via “Your Apple Device Has a Virus” scam, let us assure that there is no relation between these two. As discussed below, only selected users have been affected by the original malware.
Tech support scams wander on the cyber space
“Your Apple Device Has a Virus” hijack is carried with the assistance of web scripts. In other words, if you have been browsing movie streaming sites or torrent sharing domains, you were likely to encounter “Your Apple Device Has a Virus” alerts. On the other hand, legitimate apps might also divert you to such fake sites.[3]
You only need to cancel the window to exit the web page. If you cannot do so, close the browser via the Activity Monitor. Let us move on “Your Apple Device Has a Virus” scam removal methods.
Delete “Your Apple Device Has a Virus” tech support scam scripts
If you noticed these alerts on iPhone, all you can do is exit the page, as IOS does not support security applications.
Though Apple products are hostile towards security utilities, in fact, you can install certain malware elimination tools on MacOS. Above-mentioned sample functions on the Mac as well. Thus, it will help you remove “Your Apple Device Has a Virus” web scripts.
Alternatively, below you will find guidelines which instruct how to eliminate the scripts on major browsers. If you use other than Safari browser, you will find them useful. Resetting the browser contributes to “Your Apple Device Has a Virus” removal as well.
On the final note, a widely-spread opinion that MacOS is fully immune to malware might turn out to be perilous as felons find ways to penetrate even most unbreakable systems. Other than English, Russian, French, Turkish[3] users should be vigilant of the scam.
You may remove virus damage with a help of FortectIntego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.
Getting rid of “YOUR APPLE DEVICE HAS A VIRUS” virus. Follow these steps
Delete from macOS
Do not get alarmed by “Your Apple Device Has a Virus” alerts. Close the web page. If you have security tool, scan the browser.
Remove items from Applications folder:
- From the menu bar, select Go > Applications.
- In the Applications folder, look for all related entries.
- Click on the app and drag it to Trash (or right-click and pick Move to Trash)
To fully remove an unwanted app, you need to access Application Support, LaunchAgents, and LaunchDaemons folders and delete relevant files:
- Select Go > Go to Folder.
- Enter /Library/Application Support and click Go or press Enter.
- In the Application Support folder, look for any dubious entries and then delete them.
- Now enter /Library/LaunchAgents and /Library/LaunchDaemons folders the same way and terminate all the related .plist files.
Remove from Microsoft Edge
Delete unwanted extensions from MS Edge:
- Select Menu (three horizontal dots at the top-right of the browser window) and pick Extensions.
- From the list, pick the extension and click on the Gear icon.
- Click on Uninstall at the bottom.
Clear cookies and other browser data:
- Click on the Menu (three horizontal dots at the top-right of the browser window) and select Privacy & security.
- Under Clear browsing data, pick Choose what to clear.
- Select everything (apart from passwords, although you might want to include Media licenses as well, if applicable) and click on Clear.
Restore new tab and homepage settings:
- Click the menu icon and choose Settings.
- Then find On startup section.
- Click Disable if you found any suspicious domain.
Reset MS Edge if the above steps did not work:
- Press on Ctrl + Shift + Esc to open Task Manager.
- Click on More details arrow at the bottom of the window.
- Select Details tab.
- Now scroll down and locate every entry with Microsoft Edge name in it. Right-click on each of them and select End Task to stop MS Edge from running.
If this solution failed to help you, you need to use an advanced Edge reset method. Note that you need to backup your data before proceeding.
- Find the following folder on your computer: C:\\Users\\%username%\\AppData\\Local\\Packages\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe.
- Press Ctrl + A on your keyboard to select all folders.
- Right-click on them and pick Delete
- Now right-click on the Start button and pick Windows PowerShell (Admin).
- When the new window opens, copy and paste the following command, and then press Enter:
Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\\AppXManifest.xml” -Verbose
Instructions for Chromium-based Edge
Delete extensions from MS Edge (Chromium):
- Open Edge and click select Settings > Extensions.
- Delete unwanted extensions by clicking Remove.
Clear cache and site data:
- Click on Menu and go to Settings.
- Select Privacy, search and services.
- Under Clear browsing data, pick Choose what to clear.
- Under Time range, pick All time.
- Select Clear now.
Reset Chromium-based MS Edge:
- Click on Menu and select Settings.
- On the left side, pick Reset settings.
- Select Restore settings to their default values.
- Confirm with Reset.
Remove from Mozilla Firefox (FF)
Remove dangerous extensions:
- Open Mozilla Firefox browser and click on the Menu (three horizontal lines at the top-right of the window).
- Select Add-ons.
- In here, select unwanted plugin and click Remove.
Reset the homepage:
- Click three horizontal lines at the top right corner to open the menu.
- Choose Options.
- Under Home options, enter your preferred site that will open every time you newly open the Mozilla Firefox.
Clear cookies and site data:
- Click Menu and pick Settings.
- Go to Privacy & Security section.
- Scroll down to locate Cookies and Site Data.
- Click on Clear Data…
- Select Cookies and Site Data, as well as Cached Web Content and press Clear.
Reset Mozilla Firefox
If clearing the browser as explained above did not help, reset Mozilla Firefox:
- Open Mozilla Firefox browser and click the Menu.
- Go to Help and then choose Troubleshooting Information.
- Under Give Firefox a tune up section, click on Refresh Firefox…
- Once the pop-up shows up, confirm the action by pressing on Refresh Firefox.
Remove from Google Chrome
Delete malicious extensions from Google Chrome:
- Open Google Chrome, click on the Menu (three vertical dots at the top-right corner) and select More tools > Extensions.
- In the newly opened window, you will see all the installed extensions. Uninstall all the suspicious plugins that might be related to the unwanted program by clicking Remove.
Clear cache and web data from Chrome:
- Click on Menu and pick Settings.
- Under Privacy and security, select Clear browsing data.
- Select Browsing history, Cookies and other site data, as well as Cached images and files.
- Click Clear data.
Change your homepage:
- Click menu and choose Settings.
- Look for a suspicious site in the On startup section.
- Click on Open a specific or set of pages and click on three dots to find the Remove option.
Reset Google Chrome:
If the previous methods did not help you, reset Google Chrome to eliminate all the unwanted components:
- Click on Menu and select Settings.
- In the Settings, scroll down and click Advanced.
- Scroll down and locate Reset and clean up section.
- Now click Restore settings to their original defaults.
- Confirm with Reset settings.
Delete from Safari
Remove unwanted extensions from Safari:
- Click Safari > Preferences…
- In the new window, pick Extensions.
- Select the unwanted extension and select Uninstall.
Clear cookies and other website data from Safari:
- Click Safari > Clear History…
- From the drop-down menu under Clear, pick all history.
- Confirm with Clear History.
Reset Safari if the above-mentioned steps did not help you:
- Click Safari > Preferences…
- Go to Advanced tab.
- Tick the Show Develop menu in menu bar.
- From the menu bar, click Develop, and then select Empty Caches.
After uninstalling this potentially unwanted program (PUP) and fixing each of your web browsers, we recommend you to scan your PC system with a reputable anti-spyware. This will help you to get rid of “YOUR APPLE DEVICE HAS A VIRUS” registry traces and will also identify related parasites or possible malware infections on your computer. For that you can use our top-rated malware remover: FortectIntego, SpyHunter 5Combo Cleaner or Malwarebytes.
How to prevent from getting malware
Stream videos without limitations, no matter where you are
There are multiple parties that could find out almost anything about you by checking your online activity. While this is highly unlikely, advertisers and tech companies are constantly tracking you online. The first step to privacy should be a secure browser that focuses on tracker reduction to a minimum.
Even if you employ a secure browser, you will not be able to access websites that are restricted due to local government laws or other reasons. In other words, you may not be able to stream Disney+ or US-based Netflix in some countries. To bypass these restrictions, you can employ a powerful Private Internet Access VPN, which provides dedicated servers for torrenting and streaming, not slowing you down in the process.
Data backups are important – recover your lost files
Ransomware is one of the biggest threats to personal data. Once it is executed on a machine, it launches a sophisticated encryption algorithm that locks all your files, although it does not destroy them. The most common misconception is that anti-malware software can return files to their previous states. This is not true, however, and data remains locked after the malicious payload is deleted.
While regular data backups are the only secure method to recover your files after a ransomware attack, tools such as Data Recovery Pro can also be effective and restore at least some of your lost data.
- ^ LInas Kiguolis. Google detected a sophisticated Android spyware. 2-spyware. Security and spyware news.
- ^ John Snow. Pegasus: The ultimate spyware for iOS and Android. Kaspersky Lab Blog. Learn how to stay protected from viruses, malware, spyware, hackers, spam and other dangers .
- ^ Eliminate computer threats. Virusler. IT News and Malware Removal Guides in Turkish.