Remove EvilQuest ransomware From Mac OS

Learn About EvilQuest ransomware

EvilQuest ransomware is a new file encrypting ransomware. Spam email is a way for EvilQuest ransomware to get inside your PC. It will show with a subject named “bank bill” or “bill of credit card”. As long as users download and open the attached files, they will be led to run the ransomware directly. Once you get it inside, it will encrypt all the documents on the PC. All the files infected are added with malicious extension , and a ransom note left to you will warn you that you need to buy decryption key to restore these documents.

Under such circumstances, many users will choose to pay because those files are too important. If you are one of the victims, it is not recommended to do so. Because the ransomware maker may scam you, just what they did to other ransomware victims before.

To decrypt your files from EvilQuest ransomware, right now you need to remove EvilQuest ransomware and related infections. After that, you could try safe decryption tools to recover the files.

 How to Manually Remove EvilQuest ransomware From Mac OSX? (Steps)

 

Step 1 Uninstall EvilQuest ransomware related apps or potentially unwanted apps from Mac OSX
  • In Finder window, clicking “Applications” in the sidebar
  • In the applications folder, right-click on EvilQuest ransomware related apps or other suspicious apps and click Move to Trash. 

uninstall EvilQuest ransomware on mac

 

PLEASE NOTE

EvilQuest ransomware may reinstall itself multiple times if its core files and related malware are not removed completely.

Therefore we recommend, after uninstalling the potentially unwanted apps, you’d better downloading Combo Cleaner to scan your Mac for any remaining unwanted components.

Download Combo Cleaner Antivirus For Mac

More information about Combo Cleaner, steps to uninstall, EULA, and Privacy Policy.

Step 2 – Remove malicious files generated by EvilQuest ransomware or related malware from your Mac

1. Click the Finder icon from the menu bar  >>  choose “Go” then click on “Go to Folder“:

2. In the Go to Folder… bar, type the name of the following four folders to open them one by one:

~/Library/LaunchAgents
/Library/LaunchAgents
/Library/Application Support
/Library/LaunchDaemons

remove EvilQuest ransomware on mac

3. In each folder, search for any recently-added suspicious files and move them to the Trash. Here are some examples of files generated by malware:

“installmac.AppRemoval.plist”, EvilQuest ransomware”,  “com.genieo.completer.download.plist” “com.genieoinnovation.macextension.plist” “com.genieo.engine.plist” “com.adobe.fpsaud.plist” , “myppes.download.plist”, “mykotlerino.ltvbit.plist”,

PLEASE NOTE

Manually check and remove malicious files may take hours and you may delete healthy files by mistake.

To do it safely and efficiently, we recommend downloading Combo Cleaner to scan your Mac for any malicious files generated by EvilQuest ransomware or malware.

Download Combo Cleaner Antivirus For Mac

More information about Combo Cleaner, steps to uninstall, EULA, and Privacy Policy.


Step 3 – Find and remove malicious extensions and browser hijacker from Safari and Chrome.

Safari

On Safari

1. Start Safari: Select Safari menu and click Preferences:

delete EvilQuest ransomware from safari

2. Select Extensions tab>> Look for the unsafe or suspicious extensions and click Uninstall:

delete EvilQuest ransomware from safari

3. Select Search tab >> click the Search Engine menu and make your choice. Safari lets you use Google, Yahoo, Bing, or DuckDuckGo.

delete EvilQuest ransomware on safari

4. Select the General tab >> In the Homepage bar, type the URL you want to set as the Safari homepage.

remove EvilQuest ransomware on safari

Google Chrome

On Google Chrome

1. Open Google Chrome and click the “Customize and control Google Chrome” icon at the top right corner >> Select More Tools and click Extensions;

remove EvilQuest ransomware on mac chrome

2. Search for suspicious extensions and click trash icon to remove it:

remove EvilQuest ransomware on mac chrome

3. Reset default search engine on Chrome:

  • Open Google Chrome and click the “Customize and control Google Chrome” icon >> Select Settings
  • Scroll down until you locate the Search engine section
  • Click the drop-down menu accompanying the option labeled Search engine used in the address bar
  • Select Google, Bing or Yahoo! as your default search engine.

delete EvilQuest ransomware on mac chrome

4. Reset homepage on Chrome:

  • Open Google Chrome and click the “Customize and control Google Chrome” icon >> Select Settings;
  • In the “On Startup” section, click the “Set pages” link near to the “Open a specific page or set of pages” option.
  • Remove the URL of the browser hijacker (for example SearchMine.net) and enter your preferred URL (for example, google.com).

delete EvilQuest ransomware on mac chrome

PLEASE NOTE

If an unwanted extension or search engine can’t be removed manually from web browsers, it may be caused by malware.

We recommend downloading Combo Cleaner to scan your Mac and see if it will detect malware.

Download Combo Cleaner Antivirus For Mac

More information about Combo Cleaner, steps to uninstall, EULA, and Privacy Policy.


Step 4Re-check your Mac with Combo Clean Antivirus.

To be sure that your Mac is not infected at all, it’s recommended to run a full scan with Combo Cleaner Antivirus.

Combo Cleaner Antivirus is a professional Mac Antivirus and Mac OSX Optimization Tool for users. It is equipped with powerful detection engine against virus, malware, and adware. Thus it is able to protect your machine from the latest out-breaking threats and infections. Moreover, its Disk Cleaner can detect and clean up all junks and always keep your Mac’s performance at the peak. 

Download Combo Cleaner Antivirus For Mac

More information about Combo Cleaner, steps to uninstall, EULA, and Privacy Policy.

Once Combo Cleaner is installed, run a scan to diagnose your Mac and solve all problems: