Delete Mac Cleanup Pro scam from MacBook Air/Pro/iMac

This article provides comprehensive analysis of the Mac Cleanup Pro malware issue, including the infection’s behavioral quirks and ways to remove it from Mac.

What is the Mac Cleanup Pro virus?

One of the things the cyber world has in common with the world around us is that there are genuine entities and copycats that might be problematic to identify as such. In terms of Mac software, the niche of optimization and security apps is gaining traction these days, and so is the cluster of rogue programs that only pretend to be helpful. Mac Cleanup Pro falls under the scareware category because it mimics system tune-up features without actually doing anything the users will ever appreciate. It comes as a nifty-looking Mac utility that claims to be able to find common performance issues and easily repair them to boost the performance of the host machine. While the first impression about this application could be okay based on its GUI design and the speed at which it runs its scans, the tactic it employs ultimately proves this opinion wrong.

Mac Cleanup Pro might look good but doesn’t live up to its name

Mac Cleanup Pro might look good but doesn’t live up to its name

The Mac Cleanup Pro virus mostly arrives with bundles of freeware apps that aren’t necessarily junk but make the rounds as part of software packages. The fundamental issue with this distribution technique is that the “undercover” items accompanying the main one may be malicious, and the setup clients often don’t allow the users to get the big picture of what exactly is being installed as an extra. For instance, you may be happy to finally find some new free-of-charge media player on a software download portal you aren’t familiar with, but the joy vanishes once you realize that the default installation mode has pulled in Mac Cleanup Pro without letting you know. One more technique used to push this baddie resembles tech support scams, where a website suddenly pops up telling you that your MacBook Air/Pro or iMac is badly infested with threats and recommending you to downloading the “fix”, which is a rogue app in disguise.

Once inside a Mac, the fishy utility in question will instantly draw all of your attention by starting a spoof system scan. It supposedly checks the computer for redundant files, such as all forms of cache, duplicates, large objects, unused files, logs you no longer need, and the like. When through with the checkup, the pest displays a report where nearly all of the above areas will be flagged red due to the allegedly high improvement potential. It will purport to have detected hundreds of unnecessary objects which, if deleted, will free up gigabytes of disk space. Being able to release so much memory is certainly a tempting option, but the pitfall is that most of these issues are made-up to hoodwink you into proceeding to the next step. It boils down to upgrading your subscription – in other words, Mac Cleanup Pro will instruct you to purchase its licensed copy otherwise the problems cannot be addressed.

If you think you can simply disregard these scan reports and follow-up popup reminders about system slowdown and possibly even viruses, you might be missing the point. This scareware will be gradually escalating the pressure through deliberate Mac performance deterioration, more alerts, and browser-related brainwashing. Speaking of the latter, the infection is known to interfere with DNS settings and may add a potentially harmful extension to the victim’s default browser, whether it’s Safari, Chrome or Firefox on Mac. This way, it causes the web traffic to be forwarded to misleading sites that may say “Your Mac is infected with 3 viruses” or include similarly scary warnings. The goal is to make you download the “featured” tool, which is the malware under scrutiny. Consequently, the attack gets more obnoxious over time, and it won’t discontinue unless Mac Cleanup Pro is completely removed.

Automatic removal of Mac Cleanup Pro virus

When it comes to handling infections like this one, using a reputable cleaning tool is the place to start. Sticking to this workflow ensures that every component of the virus gets found and eradicated from the affected Mac.

1. Download and install Combo Cleaner onto your Mac.

Download Mac Cleanup Pro removal tool

2. Run the tool and click Start Combo Scan to have it check your Mac for threats. The wait is worth it. Once the scan completes, you will see a report listing all performance issues as well as malicious or potentially unwanted objects detected on your machine.
Mac scan with Combo Cleaner

3. Go ahead and click the Remove Selected Items option in order to get Mac Cleanup Pro scareware automatically uninstalled from your Mac.

This being done, you should be good to go. Just to make sure everything went smooth, though, consider going through the steps below. Furthermore, be advised that your default browser may still be redirected to fake alert pages until you rectify its settings (the reset procedure will be described further down).

Mac Cleanup Pro redirect virus manual removal from Mac

The gist of this section is to walk you through the process of deleting all non-obfuscated files related to the Mac Cleanup Pro virus. It’s best to perform the cleanup in the order specified below.

  • Click the Go icon in Finder and select Utilities on the listGo to Utilities on Mac
  • Find and select the Activity Monitor under UtilitiesAccess the Activity Monitor
  • In the Activity Monitor, scrutinize the running processes for Mac Cleanup Pro or another one that consumes lots of CPU and looks suspicious. Once the likely baddie is found, select it and click the Quit Process icon. An additional confirmation dialog will pop up – click Force Quit on it
    End the potential pest’s process
  • Select Go to Folder option in Apple Finder, enter the following in the dialog’s search box: /Library/LaunchAgents, and click GoGo to Folder tool
  • When the LaunchAgents path is opened, look for these entries and send them to the trash:
    • com.MCP.agent.plist
    • com.MacCleanupPro.agent.plist
    • com.MCP.mcphlpr
    • com.MacCleanupPro.mcphlpr
  • Leverage the Go to Folder tool to access the path named ~/Library/LaunchAgents. Look for the above items and delete them if found
  • Follow the same procedure to go to ~/Library/LaunchAgents folder. Find the entries below and delete them if spotted:
    • MacCleanupPro
    • helpermcp
    • hlprmcp
    • hlprmaccleanuppro
  • Now, go to Applications under the Go menuGo to Applications
  • What you need to do is scroll down the list of installed apps in search of the malicious item. It could be manifested as Mac Cleanup Pro proper or an app with a gibberish name that ended up on your Mac beyond your awarenessUninstall the malicious app
  • Go to System Preferences as shown belowSystem Preferences on Mac
  • Select Accounts, then Login Items. You will see all the apps that run as part of the Mac startup process. Find Mac Cleanup Pro and remove it from the list by means of the “minus” iconMinus out the malware from Login Items

Now that you have suppressed the virus proper, you need to fix the redirect problem in the malfunctioning browser. The repair requires some manual configuration tweaking.

Stop browser redirects to pages promoting Mac Cleanup Pro

The optimal troubleshooting method boils down to resetting the browser, which will undo all changes made by the infection or any third-party plugin without your permission. Here’s how to do it:

1. Reset Safari to its defaults

  • Go to Safari menu bar and select Preferences again on the drop-down listSafari menu bar - Preferences
  • Go to Advanced tab and enable the option that says Show Develop menu in menu barShow Develop menu in menu bar
  • Now you will see the extra Develop menu in your Safari menu bar. Click it and select Empty Caches as shown belowEmpty Caches in Safari’s Develop menu
  • Do some test browsing to see if things are okay now and whether the malware is gone. If the issue is still there, you may need to additionally clear your browsing history in Safari. In Safari menu bar, select History and click Clear HistoryClear history in Safari
  • The browser will display a dialog so that you can select the required period you would like to clear history for. Select all history on the list and click the Clear History buttonSelect period to remove history in Safari
  • In case Safari is still acting up due to malware interference, there is one more thing you can try. Once again, go to Preferences from the Safari menu bar and select the Privacy tab this time. Click Manage Website DataManage Website Data option in Safari
  • When Safari generates a full list of sites that have stored your browsing data, go ahead and click Remove AllRemove all website data
  • Confirm by hitting the Done button.

2. Reset Google Chrome

  • Click More ( icon) at the top right part of the Chrome window and select Settings
  • Find the Advanced section on the Settings screen and expand it
  • Locate the Reset settings subsection and click Restore settings to their original defaultsReset Chrome settings on Mac
  • Google Chrome will display a popup dialog asking you to confirm the reset. Click the Reset settings button on it. Now, restart the browser and ascertain that the problem has been fixed.

3. Refresh Mozilla Firefox

  • Go to Help -> Troubleshooting Information, or type about:support in the Firefox URL bar
  • Once the Troubleshooting Information screen appears, find and click the Refresh Firefox button as shownRefresh Firefox on Mac
  • Confirm the browser refresh on a dialog that will appear. Restart Firefox and check it for signs of malware tampering.
5/5 (1)

Please rate

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.