Skip to main content
How to remove Mac Cleanup Pro virus (TechSignalSearch upd.)

How to remove Mac Cleanup Pro virus (TechSignalSearch upd.)

Learn why the Mac Cleanup Pro app is considered malicious, what it does to an infected Mac, and how to uninstall this pseudo system optimizer in a few steps.

Update: November, 2019

The nuts and bolts of hassle-free Mac usage involve periodic maintenance aimed at deleting software leftovers, Internet cache and other unneeded data the operating system and apps routinely generate. There are plenty of nifty tools out there that do the optimization trick. The utility called Mac Cleanup Pro, however, has nothing to do with junk removal done right. It deliberately reports low-severity or nonexistent macOS issues, flagging them critical and offering its paid performance enhancement service. No matter how well-tuned your system is and how scrupulously you’ve been keeping the hard disk space in optimal condition, this application will “detect” numerous issues regardless and emphasize the high improvement potential that can be allegedly squeezed out of the areas it purports to cover.

Speaking of the scan areas, the GUI of Mac Cleanup Pro lists the following: cache, logs, trash, extra languages, Internet history, login items, duplicates files, large files, and rogue apps. The latter, by the way, is really interesting because the program is outright scareware itself. Some insights into its genealogy reveal a direct relation to the most infamous family of bogus Mac optimizers as yet, which is also represented by such malicious heavyweights as Mac Auto Fixer, Advanced Mac Cleaner, Mac Tonic, and the recent one called Similar Photo Cleaner. Hailing from the same rogue cradle, Mac Cleanup Pro is backed by a sizeable distribution campaign that has allowed it to reach thousands of computers already and keep on spreading. Let’s look into one of these propagation tricks.

The unprincipled developers of the scareware in question are known to engage a framework of misleading web pages to push their digital culprit. One of these landing pages is parked at lp.superutils.co/adsph/2/ domain. The site includes a script that determines and displays the visitor’s country and IP address – this way, the users are more likely to fall for the deceptive tactic. A big giveaway, though, is that the “OS version” field says the victim uses OS Sierra, even if they visit the page from a Windows PC. Anyway, the site displays a warning that goes, “Your Mac Might Be Infected!” and provides some pseudo details, namely:Your Mac might be infected by the latest viruses. If you do not remove them, they may damage your system files and slow down your Internet browsing speed.” (macOS Catalina 10.15 update: helpermcp will damage your computer. You should move it to the Trash”). To get rid of the viruses (which aren’t there for real), the user is instructed to download and run Mac Cleanup Pro, which is dubbed “Mac Cleaner” on the phony page. Incidentally, another likely source of contamination is a site that renders a counterfeit alert saying “Your Mac is infected with 3 viruses”.

There are two possible ways that Mac users end up on lp.superutils.co/adsph/2/ domain. One is via redirect activity bolstered by a PUA (potentially unwanted application) that infects one’s web browser and forces hits to the misguiding site. In this case, the user needs to get rid of the troublemaking browser add-on or plugin, which may be a nontrivial objective due to obfuscation and persistence mechanisms of these pests. The other way is through hacked websites or online ads that lead to the scareware’s landing page.

Mac Cleanup Pro is often accompanied by extra threats that allow the attackers to add one more layer of monetization to their fraudulent activity, aside from the scare tactic alone. The infections that typically arrive in the same bundle include TechSignalSearch and TechNetSearch, the former being more common. In fact, both of them share identical characteristics and goals. The objective is to hijack Safari, or whichever browser is the victim’s default one, and redirect their web traffic to Yahoo or Bing via a series of disreputable ad networks. In some cases, the infected users keep visiting tech support scam sites that display fake alerts about Mac health and security problems that aren’t actually there. The shenanigans of TechSignalSearch virus may also result in Internet connectivity issues, where the wireless and LAN connection goes missing at certain intervals, usually every couple of minutes.

Obviously, this type of offending code is subject to immediate removal, but this turns out to be easier said than done. First of all, although the TechSignalSearch.app entry can be found in the infected Mac’s Applications folder, moving it to the Trash only yields a temporary effect and the pest will reappear shortly. Secondly, the rest of the files may be hidden in the LaunchAgents folder, which is a place not every Mac user knows how to access. With that said, a special security procedure is required to spot and completely delete all the elements of the follow-up nasties.

Whereas Mac Cleanup Pro can arrive by means of different techniques, it behaves in the exact same fashion when on board any Mac. It pops up out of the blue and triggers system scans that return really unsettling results over and over. The app thus attempts to persuade the victim that their machine has hundreds of performance issues, ranging from superfluous cache to unused languages that take up a great deal of disk space. It will also notify the user how much space can be recovered in just one click. Predictably, the cleaning feature can only be unlocked by activating the full version of the program, which is a matter of making a payment. This is precisely what the gist of the Mac Cleanup Pro virus is about. It frightens users into purchasing the full version. That’s a disgusting strategy, so there is, obviously, one reasonable way to treat the double-dealing program. Remove it now and mind what you download on untrustworthy websites further on.

Mac Cleanup Pro [helpermcp] virus manual removal for Mac

The steps listed below will walk you through the removal of this potentially unwanted application. Be sure to follow the instructions in the order specified.

  1. Open up the Utilities folder as shown below

  2. Locate the Activity Monitor icon on the screen and double-click on it

  3. Under Activity Monitor, find the entry for Mac Cleanup Pro, select it and click Quit Process
  4. A dialog should pop up, asking if you are sure you would like to quit the Mac Cleanup Pro executable. Select the Force Quit option
  5. Expand the Go menu in Apple Finder and select Go to Folder.
  6. Type or paste the following string in the folder search dialog: /Library/LaunchAgents

  7. Once the LaunchAgents directory opens up, find the following entries in it and move them to Trash:
    • com.MacCleanupPro.agent.plist
    • com.MCP.agent.plist
    • com.MacCleanupPro.mcphlpr
    • com.MCP.mcphlpr
    • TechSignalSearch
    • TechNetSearch
  8. Use the Go to Folder lookup feature again to navigate to the folder named ~/Library/LaunchAgents. When this path opens, look for the same entries (see above) and send them to Trash
  9. Similarly, go to the ~Library/Application Support folder. Locate and move the following entries to Trash:
    • MacCleanupPro
    • helpermcp
    • hlprmcp
    • hlprmaccleanuppro
  10. Click the Go button again, but this time select Applications on the list. Find the entry for Mac Cleanup Pro on the interface, right-click on it and select Move to Trash. If user password is required, go ahead and enter it

  11. Now go to Apple Menu and pick the System Preferences option

  12. Select Accounts and click the Login Items button. The system will come up with the list of the items that launch when the box is started up. Locate Mac Cleanup Pro, TechSignalSearch, TechNetSearch, or other suspicious entries there, put a checkmark next to each one, and click on the “-“ button

Use automatic tool to uninstall Mac Cleanup Pro virus from your Mac

When confronted with malicious code like the Mac Cleanup Pro virus on Mac, you can neutralize its toxic impact by leveraging a specially crafted system utility. The Freshmac application (read review) is a perfect match for this purpose as it delivers essential security features along with must-have modules for Mac optimization.

This tool cleans unneeded applications and persistent malware in one click. It also protects your privacy by eliminating tracking cookies, frees up disk space, and manages startup apps to decrease boot time. On top of that, it boasts 24/7 tech support. The following steps will walk you through automatic removal of the Mac Cleanup Pro infection.

  1. Download Freshmac installer onto your machine. Double-click the Freshmac.pkg file to trigger the installer window, select the destination disk and click Continue. The system will display a dialog asking for your password to authorize the setup. Type the password and click Install Software.

    Download Now

  2. Once the installation has been completed, Freshmac will automatically start a scan consisting of 5 steps. It scans cache, logs, unused languages, trash, and checks the Mac for privacy issues.

  3. The scan report will then display your current system health status and the number of issues detected for each of the above categories. Click the Fix Safely button tto remove junk files and address privacy issues spotted during the scan.

  4. Check whether the Mac Cleanup Pro popups issue has been fixed. If it perseveres, go to the Uninstaller option on Freshmac GUI. Locate an entry that appears suspicious, select it and click Fix Safely button to force-uninstall the unwanted application.

  5. Go to Temp and Startup Apps panes on theinterface and have all redundant or suspicious items eliminated as well. The The Mac Cleanup Pro malware shouldn’t be causing any further trouble. malware shouldn’t be causing any further trouble.

FAQ

108

Was this article helpful? Please, rate this.

There are no comments yet.
Authentication required

You must log in to post a comment.

Log in