Detect and remove KeRanger Trojans: Here's how

We'll tell you how to find and remove the KeRanger Trojan. The Trojan is distributed under Mac OS X with the BitTorrent client Transmission. If you are already infected, you can get rid of the virus as follows.

Step 1: am i infected? How to find KeRanger and delete the Trojan

How to find out if you are infected with KeRanger.

1. Open the Finder, click on "Go to" in the menu bar and there on "Go to folder".
2. Enter one of the following two file paths here: "/Applications/Transmission.app/Contents/Resources/General.rtf" or "/ Volumes /Transmission/Transmission.app/Contents/Resources/General.rtf". If one of the files exists, then your transmission application is infected.
3. Delete the application as usual, for example by throwing it in the trash and deleting it.

Step 2: activity indicator helps

1. Open the activity display via the programs. Check here if a process called "kernel_service" is running.
2. If so, click on it and in the new dialog window on the "Analyze" button.
3. Here you check whether the file name "/ Users / Library / kernel_service" is available under "Path".
4. If so, click "Exit" in the process dialog window and confirm again with "Exit".
5. Finally, use the Finder to check whether the files .kernel_pid, .kernel_time, .kernel_complete or kernel_service are available in the "/ Library" directory. If this is the case for you, delete these files as well.

Video tip: Malwarebytes protects against blackmail software