What is CookieMiner? Is my Mac infected with Virus?
This guide contains details about CookieMiner and its complete removal solution.
What is CookieMiner
CookieMiner is a new malware detected by security researcher at Palo Alto Networks. This malware is distributed through malvertising, phishing email attachments, and installing fake programs from third-party sites. CookieMiner is a crypto-currency malware that haunts Mac users. And also exploits web-browser’s cookies to obtain passwords and login information about user’s crypto-currency wallet.
The CookieMiner malware may target installed web browsers like safari and chrome and even access iTunes backup data to extract login credentials. This is used to break through the two-factor authentication and access the crypto-currency wallet of users. The malware is designed to make two way profit either by stealing crypto-currency wallet or by installing mining tool that can exploit the system resources to mine for digital-currency.
Thousands of mac users have been targeted by this malware just like LoudMiner that engages all system resources to mine crypto-cuurency. Thus, if you have suspected CookieMiner malware on your Mac OS, then follow the removal guide to permanently remove this threat. You must read about 5 trending Mac Malware.
Remove CookieMiner from Mac
This is a complete removal guide that might take several minutes to complete. As it is very important to locate and delete programs files, shortcuts, startups and browser resetting so it involves all necessary steps.
It is a detailed guide which best suits beginners as well as advanced users. In order to successfully remove all annoyances from your Mac, you need to follow step-by-step instructions.
In any case, you feel stuck at any step, then don’t try to just play with them instead skip them then go to our step which is scanning the PC with anti-malware tool to detect and remove all the threats.
Combo Cleaner is a complete security suite for Mac OS that is developed by “RCS LT” company. This program is featured with anti-virus scanner and system optimization tools like disk cleaner, duplicate files finder, application uninstaller, privacy scanner, and 24*7 customer support service.
Rather than being just a traditional anti-virus or a system optimizer, this single program takes a different approach that eases the user from using a different application to keep their MAC OS protected and optimized.
It is very important to have a reliable anti-virus solution for the computer system. Combo cleaner is one of the best options for MAC users as detects and eliminates all sorts of threats like adware, browser hijacker, Trojans, and other malware. It is a light-themed, easy-to-use interface and keeps updating its threat database hourly to instant detect and remove any sort of malware. Thus ensuring not any malicious stuff is behind within the system.
How to Install and Scan with Combo Cleaner
- Click the above button to Download the “Combo Cleaner”;
- Once the download completes, double-click on the downloaded file;
- After the window opens, drag the Combo Cleaner program icon and drop into your “Applications folder” icon.
- Now, open your “Launchpad” and click on the “Combo Cleaner” icon.
- This will start the combo cleaner installation and updates its latest virus definition. Once done, Combo cleaner will launch;
- Click on “Antivirus” tab and choose the scan options like Quick, Full, and custom. (Full is recommended for the first time)
- Let the scan be completed and it will list all the threat found. Now, click on “Remove All Threats”;
- After removing the threats, click on the “uninstaller” to find and remove any unwanted programs. Select the program from the list and its related files and then click on “Remove Selected Items“
If you still have the second thought about this anti-malware, then you may want to check out our review article about Combo Cleaner.
If you are going for the manual removal process, then we recommend you to print/download these instructions or open it from another uninfected computer or laptop and follow step-by-step manual removal instruction. Mac OS PDF Guide
Step 1. Ending Process Running Under The “Activity Monitor”
- Type “Activity Monitor” in the Launchpad to open it;
- Scroll through the list of running apps, look for the suspicious ones that appear unknown to you or taking huge CPU resources.
- Use the [x] button to quit the process.
Step 2. Remove CookieMiner Malicious Apps From Mac OS
- Open “Finder” by clicking on the Finder application on your dock.
- In the left pane of the Finder, click on “Applications“.
- Next, you need to locate the CookieMiner Adware/suspicious apps and remove them. The “Applications” window will display the list of all apps installed on your Mac OS.
- Now, you need to go through the list to find out the CookieMiner and other suspicious/malicious or infectious app, select it then right click and then select “Move to Trash”. (Repeat this step until you remove all such apps).
- Now you need to empty the trash as sometimes program can restore themselves from the trash. On your dock, right-click on the trash icon and then select “Empty Trash”.
NOTE: if something looks suspicious to you but you are not sure of that, search the web to find out more about that app.
Step 3. Remove CookieMiner Apps From Auto-Startup
Generally, malicious programs, Adware and spyware add themselves to the boot process to launch automatically whenever the device boots. So, you need to find such apps and remove from the startups.
- Open Apple menu ? System Preferences
- Now, choose “Users & Groups” section
- Select your username from the left pane;
- A list will appear showing login items; check the list and use “—” sign to disable CookieMiner or other suspicious/unwanted apps you see. Close the screen.
- Next step, from the top menu, choose Go ? Go to Folder, then type /Users/Shared/ within the search box. In the “Sharedfolder”, you need to delete the “Similar” files and folders.
- Now Restart your Mac to make the changes into effect.
Step 4. Remove CookieMiner Daemons And Agents From Mac’s Startup
- From top menu ? Choose Go ? Go to Folder
- Type in “/Library/LaunchDaemons”, within this location you will see lots of files with .plist extension. Scroll through it and find the ones which appear to be suspicious and delete them.
- Do the same for other launching agents locations:
For example: an adware named Vsearch, you may get launching agent as :
Don’t forget to empty the trash and then restart the computer.
- After restart, again repeat step 1-2 and type in: /System/Library/Frameworks/ (look for the malicious file with .framework extension like /System/Library/Frameworks/VSearch.framework)
- Put the file to trash, if you find one with a malicious name.
- Similarly, do more searches within the location:
- /Library/Application Support/
- Put them to trash and again empty the trash and restart the computer.
Step 5. Uninstall CookieMiner Or Unwanted/Suspicious Extensions From Browsers
Follow the steps to remove unwanted and suspicious extensions from the Safari browser:
- On the Safari browser, click the “Safari” menu then select “Preferences”.
- On the General tab of the Safari preferences, check for any unknown URL added as the default homepage, Within the “Homepage” field enter your preferred URL as your default start-page of the browser.
- Next, you need to check for malicious extensions, click on the “Extensions” tab on the same window.
- “Extensions” screen will list all the extensions installed on your safari browser, you need to browse through the list and uninstall the ones which appear to be Adware. If you find a malicious extension select it and then click on “Uninstall”. Repeat the steps to remove all unwanted extensions.
- Close the Safari browser.
To check for unknown extensions installed:
- Click on Chrome Menu(three vertical dots at top-right corner) ? Select “Settings” ? Choose “Extensions”.
- Scroll through the list of extensions installed on the Chrome browser, if any one of them appears to malicious then click on the “trash” icon next to it. This will remove the extension.
- Repeat the step until you are sure of the ones you like to keep.
To Reset The Browser:
Next, you need to reset the default settings like search engines, startup, and new tabs. It is better to use the default reset feature of the Google Chrome which will reset all the unwanted modifications done by third-party programs. Don’t worry you will not lose your saved passwords and bookmarks. However, it will delete cookies, extensions, startups, URLs, homepage and new tabs preferences.
- Click on Chrome’s main menu then choose “Settings“.
- Scroll to the bottom of the page and click on “Advanced”.
- Under the Advanced page, go for “Reset and clean up” section, then click on “Reset settings to their original defaults”.
- Next, click on “Reset”, you will be prompted for a confirmation This will reset your startup page, a new tab page, search engine, and pinned tabs. It will also disable all extensions and clear temporary data like cookies. Your bookmarks, history, and saved passwords will not be cleared”
- Click on the “Reset Settings” button to confirm the procedure.
- After that, it may ask to restart your browser, click “Yes”.
Steps To Prevent Being Infected by CookieMiner
- The security experts recommend the users not to use the infected Mac OS to carry out any online transaction.
- Clean the browser cookies, remove unwanted extensions and better to re-install the web browsers.
- Rather storing your confidential data to your system, use cloud backup solutions like SOS online backup to store your files in encrypted format and access to your all devices PCs, Mac, iPhone and more.
- Use strong passwords for all logins. If you have a hard time remembering them then better use a password manager like DashLane that generates strong passwords and manage them.