Learn why the Mac Cleanup Pro app is considered malicious, what it does to an infected Mac, and how to uninstall this pseudo system optimizer in a few steps.
Update: November, 2019
The nuts and bolts of hassle-free Mac usage involve periodic maintenance aimed at deleting software leftovers, Internet cache and other unneeded data the operating system and apps routinely generate. There are plenty of nifty tools out there that do the optimization trick. The utility called Mac Cleanup Pro, however, has nothing to do with junk removal done right. It deliberately reports low-severity or nonexistent macOS issues, flagging them critical and offering its paid performance enhancement service. No matter how well-tuned your system is and how scrupulously you’ve been keeping the hard disk space in optimal condition, this application will “detect” numerous issues regardless and emphasize the high improvement potential that can be allegedly squeezed out of the areas it purports to cover.
Speaking of the scan areas, the GUI of Mac Cleanup Pro lists the following: cache, logs, trash, extra languages, Internet history, login items, duplicates files, large files, and rogue apps. The latter, by the way, is really interesting because the program is outright scareware itself. Some insights into its genealogy reveal a direct relation to the most infamous family of bogus Mac optimizers as yet, which is also represented by such malicious heavyweights as Mac Auto Fixer, Advanced Mac Cleaner, Mac Tonic, and the recent one called Similar Photo Cleaner. Hailing from the same rogue cradle, Mac Cleanup Pro is backed by a sizeable distribution campaign that has allowed it to reach thousands of computers already and keep on spreading. Let’s look into one of these propagation tricks.
The unprincipled developers of the scareware in question are known to engage a framework of misleading web pages to push their digital culprit. One of these landing pages is parked at lp.superutils.co/adsph/2/ domain. The site includes a script that determines and displays the visitor’s country and IP address – this way, the users are more likely to fall for the deceptive tactic. A big giveaway, though, is that the “OS version” field says the victim uses OS Sierra, even if they visit the page from a Windows PC. Anyway, the site displays a warning that goes, “Your Mac Might Be Infected!” and provides some pseudo details, namely: “Your Mac might be infected by the latest viruses. If you do not remove them, they may damage your system files and slow down your Internet browsing speed.” (macOS Catalina 10.15 update: “helpermcp will damage your computer. You should move it to the Trash”). To get rid of the viruses (which aren’t there for real), the user is instructed to download and run Mac Cleanup Pro, which is dubbed “Mac Cleaner” on the phony page. Incidentally, another likely source of contamination is a site that renders a counterfeit alert saying “Your Mac is infected with 3 viruses”.
There are two possible ways that Mac users end up on lp.superutils.co/adsph/2/ domain. One is via redirect activity bolstered by a PUA (potentially unwanted application) that infects one’s web browser and forces hits to the misguiding site. In this case, the user needs to get rid of the troublemaking browser add-on or plugin, which may be a nontrivial objective due to obfuscation and persistence mechanisms of these pests. The other way is through hacked websites or online ads that lead to the scareware’s landing page.
Mac Cleanup Pro is often accompanied by extra threats that allow the attackers to add one more layer of monetization to their fraudulent activity, aside from the scare tactic alone. The infections that typically arrive in the same bundle include TechSignalSearch and TechNetSearch, the former being more common. In fact, both of them share identical characteristics and goals. The objective is to hijack Safari, or whichever browser is the victim’s default one, and redirect their web traffic to Yahoo or Bing via a series of disreputable ad networks. In some cases, the infected users keep visiting tech support scam sites that display fake alerts about Mac health and security problems that aren’t actually there. The shenanigans of TechSignalSearch virus may also result in Internet connectivity issues, where the wireless and LAN connection goes missing at certain intervals, usually every couple of minutes.
Obviously, this type of offending code is subject to immediate removal, but this turns out to be easier said than done. First of all, although the TechSignalSearch.app entry can be found in the infected Mac’s Applications folder, moving it to the Trash only yields a temporary effect and the pest will reappear shortly. Secondly, the rest of the files may be hidden in the LaunchAgents folder, which is a place not every Mac user knows how to access. With that said, a special security procedure is required to spot and completely delete all the elements of the follow-up nasties.
Whereas Mac Cleanup Pro can arrive by means of different techniques, it behaves in the exact same fashion when on board any Mac. It pops up out of the blue and triggers system scans that return really unsettling results over and over. The app thus attempts to persuade the victim that their machine has hundreds of performance issues, ranging from superfluous cache to unused languages that take up a great deal of disk space. It will also notify the user how much space can be recovered in just one click. Predictably, the cleaning feature can only be unlocked by activating the full version of the program, which is a matter of making a payment. This is precisely what the gist of the Mac Cleanup Pro virus is about. It frightens users into purchasing the full version. That’s a disgusting strategy, so there is, obviously, one reasonable way to treat the double-dealing program. Remove it now and mind what you download on untrustworthy websites further on.
Mac Cleanup Pro [helpermcp] virus manual removal for Mac
The steps listed below will walk you through the removal of this potentially unwanted application. Be sure to follow the instructions in the order specified.
- Open up the Utilities folder as shown below
- Locate the Activity Monitor icon on the screen and double-click on it
- Under Activity Monitor, find the entry for Mac Cleanup Pro, select it and click Quit Process
- A dialog should pop up, asking if you are sure you would like to quit the Mac Cleanup Pro executable. Select the Force Quit option
- Expand the Go menu in Apple Finder and select Go to Folder.
- Type or paste the following string in the folder search dialog: /Library/LaunchAgents
- Once the LaunchAgents directory opens up, find the following entries in it and move them to Trash:
- Use the Go to Folder lookup feature again to navigate to the folder named ~/Library/LaunchAgents. When this path opens, look for the same entries (see above) and send them to Trash
- Similarly, go to the ~Library/Application Support folder. Locate and move the following entries to Trash:
- Click the Go button again, but this time select Applications on the list. Find the entry for Mac Cleanup Pro on the interface, right-click on it and select Move to Trash. If user password is required, go ahead and enter it
- Now go to Apple Menu and pick the System Preferences option
- Select Accounts and click the Login Items button. The system will come up with the list of the items that launch when the box is started up. Locate Mac Cleanup Pro, TechSignalSearch, TechNetSearch, or other suspicious entries there, put a checkmark next to each one, and click on the “-“ button
Use automatic tool to uninstall Mac Cleanup Pro virus from your Mac
The Mac maintenance and security app called Combo Cleaner is a one-stop tool to detect and remove Mac Cleanup Pro virus. This technique has substantial benefits over manual cleanup, because the utility gets hourly virus definition updates and can accurately spot even the newest Mac infections.
Furthermore, the automatic solution will find the core files of the malware deep down the system structure, which might otherwise be a challenge to locate. Here’s a walkthrough to sort out the Mac Cleanup Pro issue using Combo Cleaner:
- Download Combo Cleaner installer. When done, double-click the combocleaner.dmg file and follow the prompts to install the tool onto your Mac.
- Open the app from your Launchpad and let it run the update of malware signature database to make sure it can identify the latest threats.
- Click the Start Combo Scan button to check your Mac for malicious activity as well as performance issues.
- Examine the scan results. If the report says “No Threats”, then you are on the right track with the manual cleaning and can safely proceed to tidy up the web browser that may continue to act up due to the after-effects of the malware attack (see instructions above).
- In case Combo Cleaner has detected malicious code, click the Remove Selected Items button and have the utility remove Mac Cleanup Pro threat along with any other viruses, PUPs (potentially unwanted programs), or junk files that don’t belong on your Mac.
- Once you have made doubly sure that the malicious app is uninstalled, the browser-level troubleshooting might still be on your to-do list. If your preferred browser is affected, resort to the previous section of this tutorial to revert to hassle-free web surfing.
No, it’s not. Based on its unethical distribution practices and intrusive activity when on board a computer, Mac Cleanup Pro is flagged as a malicious application. Upon superficial inspection, it might seem that its makers are attempting to cash in on the growing demand for Mac optimization through third-party utilities. However, most users don’t even get a chance to familiarize themselves with its purported features prior to the installation, because the scareware infiltrates their systems in a stealthy way that has nothing to do with an informed decision. It mainly arrives as part of software bundles where the installation client’s default mode conceals the cross-promotion.
Aside from the surreptitious spreading, Mac Cleanup Pro deluges an infected Mac with pesky reports about performance issues that aren’t actually there. Fabricated scan results and follow-up alerts are the common symptoms of the attack.
Furthermore, the rogue optimizer additionally leaves a footprint in the victim’s web browser by redirecting the Internet traffic to fraudulent sites that say the Mac is infected and push a “cleaner” which is a virus in disguise. In summary, Mac Clean Up Pro is not legitimate. It is a fake system utility that does not belong inside your Mac.
Commonplace updates of the operating system and the installed software are actually accompanied by some degree of background maintenance. However, a more thoroughgoing cleanup would imply certain initiative on the user’s end. macOS Sierra and later versions go equipped with a feature called “Optimize Storage”. You can configure it to remove iTunes multimedia content you’ve already watched and handle email attachments in such a way that they won’t be automatically downloaded onto your hard disk. There is additionally an option to empty Trash automatically.
The system also allows you to empty caches and reduce clutter such as large files and the items you probably don’t need anymore. This type of optimization, though, relies on user involvement and cannot be scheduled or otherwise pre-assigned.
At the end of the day, Apple does perform some tidying as long as you configure your Mac appropriately, but a more tangible effect presupposes your action. One way or another, outsourcing this job to a program like Mac Cleanup Pro is a bad idea. You’re better off sorting through your junk files manually or downloading a trusted cleaner from the official store.
There is no on-demand virus scanner built into your Mac. Nevertheless, Apple delivers decent real-time protection against dubious apps you may want to install, plus its Gatekeeper module will generate an alert if a piece of third-party software has been covertly altered since it was last checked. Software updates also maintain an important layer of security through patches of the recently discovered vulnerabilities.
If you need to run a virus scan at will, though, this is doable with a specially crafted tool made by a reputable AV vendor. Be sure to download a security suite of choice from the official Mac App Store only, otherwise you may unknowingly expose your system to a rogue program like Mac Cleanup Pro.
Contrary to a common opinion, Macs aren’t flawless when it comes to self-optimization. You need to do quite a bit of the tedious cleaning work literally by hand to make sure the system runs smooth at all times. Therefore, a third-party app that automates the process of releasing disk space and boosting the Mac’s performance is more than welcome.
Thankfully, there are plenty of reliable Mac cleaners on the market. From where we stand, the apps called Combo Cleaner, Freshmac and MacBooster are among the top utilities in this niche. In addition to identifying and wiping memory hogs along with junk files you don’t need, these tools boast privacy and security essentials to keep your Mac experience both hassle-free and safe.