Home » How To Remove CookieMiner Malware From Mac OS
Mac OS Malwares

How To Remove CookieMiner Malware From Mac OS

Remove CookieMiner Malware From Mac OS
Remove CookieMiner Malware From Mac OS

What is CookieMiner? Is my Mac infected with Virus?
This guide contains details about CookieMiner and its complete removal solution.

What is CookieMiner

CookieMiner is a new malware detected by security researcher at Palo Alto Networks. This malware is distributed through malvertising, phishing email attachments, and installing fake programs from third-party sites. CookieMiner is a crypto-currency malware that haunts Mac users. And also exploits web-browser’s cookies to obtain passwords and login information about user’s crypto-currency wallet.

The CookieMiner malware may target installed web browsers like safari and chrome and even access iTunes backup data to extract login credentials. This is used to break through the two-factor authentication and access the crypto-currency wallet of users. The malware is designed to make two way profit either by stealing crypto-currency wallet or by installing mining tool that can exploit the system resources to mine for digital-currency.

Thousands of mac users have been targeted by this malware just like LoudMiner that engages all system resources to mine crypto-cuurency. Thus, if you have suspected CookieMiner malware on your Mac OS, then follow the removal guide to permanently remove this threat. You must read about 5 trending Mac Malware.

Remove CookieMiner from Mac

This is a complete removal guide that might take several minutes to complete. As it is very important to locate and delete programs files, shortcuts, startups and browser resetting so it involves all necessary steps.

It is a detailed guide which best suits beginners as well as advanced users. In order to successfully remove all annoyances from your Mac, you need to follow step-by-step instructions.

In any case, you feel stuck at any step, then don’t try to just play with them instead skip them then go to our step which is scanning the PC with anti-malware tool to detect and remove all the threats.

Special Offer
“CookieMiner” may reinstall itself multiple times if you don’t delete its core files. We recommend downloading Combo Cleaner to scan for malicious programs. This may save your precious time and effort.
Download Combo Cleaner Anti-Malware For Mac
More information on Combo CleanerEULA,and Privacy Policy. Combo Cleaner scans the infected PC for free but you need to purchase its full version for complete removal.
Mac OS: Use Anti-Malware To Scan And Remove CookieMiner (Recommended)

Combo Cleaner is a complete security suite for Mac OS that is developed by “RCS LT” company. This program is featured with anti-virus scanner and system optimization tools like disk cleaner, duplicate files finder, application uninstaller, privacy scanner, and 24*7 customer support service.

Rather than being just a traditional anti-virus or a system optimizer, this single program takes a different approach that eases the user from using a different application to keep their MAC OS protected and optimized.

It is very important to have a reliable anti-virus solution for the computer system. Combo cleaner is one of the best options for MAC users as detects and eliminates all sorts of threats like adware, browser hijacker, Trojans, and other malware. It is a light-themed, easy-to-use interface and keeps updating its threat database hourly to instant detect and remove any sort of malware. Thus ensuring not any malicious stuff is behind within the system.

How to Install and Scan with Combo Cleaner

  • Click the above button to Download the “Combo Cleaner”;
  • Once the download completes, double-click on the downloaded file;
  • After the window opens, drag the Combo Cleaner program icon and drop into your “Applications folder” icon.
    Combo Cleaner Install Step 2
    Combo Cleaner Install Step 2
  • Now, open your “Launchpad” and click on the “Combo Cleaner” icon.
    Combo Cleaner Install Step 3
    Combo Cleaner Install Step 3
  • This will start the combo cleaner installation and updates its latest virus definition. Once done, Combo cleaner will launch;
    Combo Cleaner Dashboard
    Combo Cleaner Dashboard
  • Click on “Antivirus” tab and choose the scan options like Quick, Full, and custom. (Full is recommended for the first time)
    Start Scan For CookieMiner
    Start Scan For CookieMiner
  • Let the scan be completed and it will list all the threat found. Now, click on “Remove All Threats”;
    Scan Result Shows Program associated with CookieMiner
    Scan Result Shows Program associated with CookieMiner
  • After removing the threats, click on the “uninstaller” to find and remove any unwanted programs. Select the program from the list and its related files and then click on “Remove Selected Items
Remove CookieMiner
Remove CookieMiner

download-for-mac

If you still have the second thought about this anti-malware, then you may want to check out our review article about Combo Cleaner.

Mac OS: Manually Find And Remove CookieMiner ( Not Recommended)

If you are going for the manual removal process, then we recommend you to print/download these instructions or open it from another uninfected computer or laptop and follow step-by-step manual removal instruction. Mac OS PDF Guide

Step 1. Ending Process Running Under The “Activity Monitor”

  1. Type “Activity Monitor” in the Launchpad to open it;
    Launchpad-1.1.1
    Launchpad-1.1.1
    Activity Minor - 1.1.2
    Activity Minor – 1.1.2
  2. Scroll through the list of running apps, look for the suspicious ones that appear unknown to you or taking huge CPU resources.
  3. Use the [x] button to quit the process.
    Force Stop -1.2 and 1.3
    Force Stop -1.2 and 1.3

Step 2. Remove CookieMiner Malicious Apps From Mac OS

  1. Open “Finder” by clicking on the Finder application on your dock.
    Finder - 2.1
    Finder – 2.1
  2. In the left pane of the Finder, click on “Applications“.
    Applications - 2.2
    Applications – 2.2
  3. Next, you need to locate the CookieMiner Adware/suspicious apps and remove them. The “Applications” window will display the list of all apps installed on your Mac OS.
    Step - 2.3
    Step – 2.3
  4. Now, you need to go through the list to find out the CookieMiner and other suspicious/malicious or infectious app, select it then right click and then select “Move to Trash”. (Repeat this step until you remove all such apps).
    Move to Trash - 2.4
    Move to Trash – 2.4
  5. Now you need to empty the trash as sometimes program can restore themselves from the trash. On your dock, right-click on the trash icon and then select “Empty Trash”.
    Step - 2.5.1
    Step – 2.5.1
    Step 2.5.2
    Step 2.5.2

NOTE: if something looks suspicious to you but you are not sure of that, search the web to find out more about that app.

Step 3. Remove CookieMiner Apps From Auto-Startup

Generally, malicious programs, Adware and spyware add themselves to the boot process to launch automatically whenever the device boots. So, you need to find such apps and remove from the startups.

  1. Open Apple menu ? System Preferences
    Step - 3.1
    Step – 3.1
  2. Now, choose “Users & Groups” section
    Step - 3.2
    Step – 3.2
  3. Select your username from the left pane;
    Step - 3.3
    Step – 3.3
  4. A list will appear showing login items; check the list and use “” sign to disable CookieMiner or other suspicious/unwanted apps you see. Close the screen.
    Step - 3.4
    Step – 3.4
  5. Next step, from the top menu, choose Go ? Go to Folder, then type /Users/Shared/ within the search box. In the “Sharedfolder”, you need to delete the “Similar” files and folders.
    Step - 3.5.1
    Step – 3.5.1
    Step - 3.5.2
    Step – 3.5.2
    Step - 3.5.3
    Step – 3.5.3
  6. Now Restart your Mac to make the changes into effect.
    Step - 3.6
    Step – 3.6

Step 4. Remove CookieMiner Daemons And Agents From Mac’s Startup

  1. From top menu ? Choose Go ? Go to Folder
    Step - 4.1
    Step – 4.1
  2. Type in “/Library/LaunchDaemons”, within this location you will see lots of files with .plist extension. Scroll through it and find the ones which appear to be suspicious and delete them.
    Step - 4.2.1
    Step – 4.2.1
    Step - 4.2.2
    Step – 4.2.2
  3. Do the same for other launching agents locations:
      1. /Library/LaunchAgents
      2. ~/Library/LaunchAgents

    For example: an adware named Vsearch, you may get launching agent as :
    /Library/LaunchAgents/com.vsearch.agent.plist
    ~/Library/LaunchAgents/com.vsearch.agent.plist
    Don’t forget to empty the trash and then restart the computer.

    Step - 4.3.1
    Step – 4.3.1
    Step - 4.3.2
    Step – 4.3.2
  4. After restart, again repeat step 1-2 and type in: /System/Library/Frameworks/ (look for the malicious file with .framework extension like /System/Library/Frameworks/VSearch.framework)
    Step 4.4.1
    Step 4.4.1
    Step - 4.4.2
    Step – 4.4.2
  5. Put the file to trash, if you find one with a malicious name.
  6. Similarly, do more searches within the location:
    • /Library/Application Support/
    • /Library/PrivilegedHelperTools/
      Step - 4.6.1
      Step – 4.6.1
      Step - 4.6.2
      Step – 4.6.2
      Step - 4.6.3
      Step – 4.6.3
      Step - 4.6.4
      Step – 4.6.4
  7. Put them to trash and again empty the trash and restart the computer.
    Step- 4.7.1
    Step- 4.7.1
    Step - 4.7.2
    Step – 4.7.2
    Step - 4.7.3
    Step – 4.7.3

Step 5. Uninstall CookieMiner Or Unwanted/Suspicious Extensions From Browsers

Reset Safari Browser Guide

Follow the steps to remove unwanted and suspicious extensions from the Safari browser:

  • On the Safari browser, click the “Safari” menu then select “Preferences”.
    Reset Mac Chrome Step-1
    Reset Mac Safari Step-1
  • On the General tab of the Safari preferences, check for any unknown URL added as the default homepage, Within the “Homepage” field enter your preferred URL as your default start-page of the browser.
    Reset Mac Chrome Step-2
    Reset Mac Safari Step-2
  • Next, you need to check for malicious extensions, click on the “Extensions” tab on the same window.
  • Extensions” screen will list all the extensions installed on your safari browser, you need to browse through the list and uninstall the ones which appear to be Adware. If you find a malicious extension select it and then click on “Uninstall”. Repeat the steps to remove all unwanted extensions.
    Reset Mac Safari Step-3
    Reset Mac Safari Step-3
  • Close the Safari browser.
Reset Chrome Browser Guide

To check for unknown extensions installed:

  1. Click on Chrome Menu(three vertical dots at top-right corner) ? Select “Settings” ? Choose “Extensions”.
    Remove Chrome Extensions 1
    Remove Chrome Extensions 1
  2. Scroll through the list of extensions installed on the Chrome browser, if any one of them appears to malicious then click on the “trash” icon next to it. This will remove the extension.
    Remove Chrome Extensions 2
    Remove Chrome Extensions 2
  3. Repeat the step until you are sure of the ones you like to keep.

To Reset The Browser:

Next, you need to reset the default settings like search engines, startup, and new tabs. It is better to use the default reset feature of the Google Chrome which will reset all the unwanted modifications done by third-party programs. Don’t worry you will not lose your saved passwords and bookmarks. However, it will delete cookies, extensions, startups, URLs, homepage and new tabs preferences.

  • Click on Chrome’s main menu then choose “Settings“.
    Reset Browser Chrome 1
    Reset Browser Chrome 1
  • Scroll to the bottom of the page and click on “Advanced”.
    Reset Browser Chrome 2
    Reset Browser Chrome 2
  • Under the Advanced page, go for “Reset and clean up” section, then click on “Reset settings to their original defaults”.
    Reset Browser Chrome 3
    Reset Browser Chrome 3
  • Next, click on “Reset”, you will be prompted for a confirmation This will reset your startup page, a new tab page, search engine, and pinned tabs. It will also disable all extensions and clear temporary data like cookies. Your bookmarks, history, and saved passwords will not be cleared”
  • Click on the “Reset Settings” button to confirm the procedure.
    Reset Browser Chrome 4
    Reset Browser Chrome 4
  • After that, it may ask to restart your browser, click “Yes”.

Steps To Prevent Being Infected by CookieMiner

  • The security experts recommend the users not to use the infected Mac OS to carry out any online transaction.
  • Clean the browser cookies, remove unwanted extensions and better to re-install the web browsers.
  • Rather storing your confidential data to your system, use cloud backup solutions like SOS online backup to store your files in encrypted format and access to your all devices PCs, Mac, iPhone and more.
  • Use strong passwords for all logins. If you have a hard time remembering them then better use a password manager like DashLane that generates strong passwords and manage them.

About the author

UnboxHow Team

If you have come this far, it means that you liked what you are reading. Why not reach little more and connect with us directly on Google Plus, Facebook or Twitter. We would love to hear your thoughts and opinions on our articles directly.

Add Comment

Click here to post a comment