Other free software like Adaware or MalwareBytes, will also function with a similar process.

Here you can toggle important options (like file backups) on or off. Making a backup is a good, safe practice when working with removing files or software. They do take up a small amount of storage space, but the backups can always be removed later by deleting them from the backups folder. Note that “Make backups before fixing items” is toggled on by default.

Details will typically include the file location, the likely use of the file, and the action to be taken as a fix.

You can fix multiple files at a time by selecting the checkbox next to each file. Before making any changes, HijackThis will create a backup (by default) so that you can undo your change.

Backups persist through different sessions. You can close HijackThis and then restore a file from a backup at a later time.

This approach is good for those who want to avoid using third party software or take a more manual approach to the malicious software removal. Make sure you run an elevated command prompt window by choosing Run as administrator.

In this context, ‘b’ stands for binary. The command displays the running “binaries” (or executables) and their connections.

If you are unsure whether the process is malicious or not after researching, then it is best to leave it alone. Tampering with the wrong files may cause other software to not work properly.

If you receive an alert that the file cannot be deleted because it is in use, return to the Task Manager, select the process and press “End Task”. This will end the process immediately so that it can be moved to recycling. If you deleted the wrong file, you can double-click the recycling to open it and then click and drag to move the file back out.

Alternately you can search for “Terminal” in the Launchpad.

sudo gives root access to the command, allowing it to view system files. ”lsof” is short for “list of open files”. This allows you to see running processes. ”-i” specifies that the list of open files must be utilizing the network interface. Spyware will try to use to the network to communicate with outside sources. ”grep LISTEN” is a command to the operating system to filter for those using listening ports – a necessity for spyware.

If you are unsure whether the process is malicious or not after researching then it is best to leave it alone. Tampering with the wrong files may cause other software to not work properly.

”cwd” stands for current working directory. To make the lists easier to read through, you can run this command in a new Terminal window by pressing ⌘ Cmd + N while in the Terminal.

”rm” is short for “remove”. Make absolutely sure you want to remove the entered item. This process is irreversible! You may want to perform a Time Machine backup beforehand. Go to “Apple >System Preferences > Time Machine” and select “Backup”.

Text messages with gibberish text or requesting replies with certain codes are good indicators that you may have spyware.

Since the device and your computer are running different operating systems, your computer will not become infected.

Resetting the phone removes ALL of your stored data on the device. Make sure you make a backup first or don’t mind losing the data!