• PRODUCT

    PRODUCT

  • PRICING
    PRICING

  • HELP
    HELP

  • BLOG
    BLOG

  • APPSTORE
    APPSTORE

  • COMPANY
    COMPANY

  • LEGAL
    LEGAL

  • LOGIN
    LOGIN

  • Remove Advanced Mac Cleaner


  • Advanced Mac Cleaner is an adware that infects Mac computers and installs itself without users knowledge. We will show you how to get rid of it.


  • Our marketing department called the IT department today and was seeing a big dialog box open about "Mac Ads Cleaner" that had been installed on their MacOS systems. We had no idea at all how it got there. We tell them to try to quit it, removed it from autostart, and deleted the app out of the Applications folder. But the thing kept appearing again and again.Removing its stuff from the Library did not help either because another pop-up box appeared asking us to register Mac Ads Cleaner.

    But our talented Steve figured out how to get rid of it.

    Quick Fix

    Restart into Safe Mode

    Force quit the processes (Cmd+Option+Esc):

    Advanced Password Manager

    Mac Ads Cleaner

    Malware Crusher

    Unpollute My Mac

    Hold the shift key when rebooting until apple icon appears.

    Remove the files

    Run the following

    find / -iname com.techy* -exec rm -rf {} \;

    find / -iname hlpradc -exec rm -rf {} \;

    find / -iname adscleaner -exec rm -rf {} \;

    find / -iname helperamc -exec rm -rf {} \;

    find / -iname ummhlpr -exec rm -rf {} \;

    find / -iname amphelper -exec rm -rf {} \;

    Details

    Process Architecture

    Creates per user daemons. So, there will be pieces in these locations:

    ~/Library/LaunchAgents

    /Library/LaunchAgents

    /Library/LaunchDaemons

    There are files such as

    com.techyutils.ummhlpr.plist

    com.techyutils.mchlpr.plist

    Some of them may even have root ownership. Dont let that fool you.

    Inspecting those files, the following suspicious items are found:

    com.adscleaner.hlpradc.plist -> ~/Library/Application Support/adc/hlpradc.app/Contents/MacOS/hlpradc

    com.mackeeper.MacKeeper.Helper.plist -> /Applications/MacKeeper.app/Contents/Services/MacKeeper Helper.app/Contents/MacOS/MacKeeper Helper

    com.pcv.hlpramcn.plist

    ~/Library/Application Support/amc/helperamc.app/Contents/MacOS/helperamc

    com.pcvark.APMHelper

    ~/Library/Application Support/apm/APMHelper.app/Contents/MacOS/APMHelper

    com.techyutils.mchlpr.plist

    ~/Library/Application Support/MCR/mchlpr.app/Contents/MacOS/mchlpr

    com.techyutils.ummhlpr.plist

    ~/Library/Application Support/umm/ummhlpr.app/Contents/MacOS/ummhlpr

    Go ahead and remove the files.

    File Locations

    Here is a sample cross referencing the places that have been affected:

    find / -iname mchlpr.app

    ~/Library/Application Support/MCR/mchlpr.app

    /Applications/Malware Crusher.app/Contents/Resources/mchlpr.app

    find / -iname com.techyutils*

    /Applications/Malware Crusher.app/Contents/Resources/com.techyutils.mchlpr.plist

    /Applications/Unpollute My Mac.app/Contents/Resources/com.techyutils.ummhlpr.plist

    ~/Library/Application Support/com.apple.sharedfilelist/com.apple.LSSharedFileList.ApplicationRecentDocuments/com.techyutils.mac-ads-cleaner.sfl

    /Library/Application Support/MCR/com.techyutils.mchlpr.plist

    /Library/Application Support/umm/com.techyutils.ummhlpr.plist

    ~/Library/Caches/com.techyutils.Mac-Ads-Cleaner

    ~/Library/Caches/com.techyutils.Malware-Crusher

    ~/Library/Caches/com.techyutils.mchlpr

    ~/Library/Caches/com.techyutils.ummhlpr

    ~/Library/Cookies/com.techyutils.Mac-Ads-Cleaner.binarycookies

    ~/Library/Cookies/com.techyutils.Malware-Crusher.binarycookies

    ~/Library/Preferences/com.techyutils.Mac-Ads-Cleaner.plist

    ~/Library/Preferences/com.techyutils.Malware-Crusher.plist

    ~/Library/Preferences/com.techyutils.mchlpr.plist

    ~/Library/Preferences/com.techyutils.ummhlpr.plist

    ~/Library/Saved Application State/com.techyutils.Mac-Ads-Cleaner.savedState

    ~/Library/Saved Application State/com.techyutils.Malware-Crusher.savedState

    find / -iname ummhlp*

    ~/Library/Logs/ummhlpr.log

    ~/Library/Application Support/umm/ummhlpr.app

    ~/Library/Application Support/umm/ummhlpr.app/Contents/MacOS/ummhlpr

    /Applications/Unpollute My Mac.app/Contents/Resources/ummhlpr.app

    /Applications/Unpollute My Mac.app/Contents/Resources/ummhlpr.app/Contents/MacOS/ummhlpr

    ~/Library/Application Support>sudo find / -iname prmpsc*

    /Applications/Unpollute My Mac.app/Contents/Resources/prmpsc.plist

    ~/Library/Application Support/Unpollute My Mac/prmpsc.plist

    ~/Library/Application Support>sudo find / -iname settpsc*

    /Applications/Unpollute My Mac.app/Contents/Resources/settpsc.plist

    ~/Library/Application Support/Unpollute My Mac/settpsc.plist

    ~/Library/Application Support>sudo find / -iname hlpradc*

    /Applications/Mac Ads Cleaner.app/Contents/Resources/hlpradc.app

    /Applications/Mac Ads Cleaner.app/Contents/Resources/hlpradc.app/Contents/MacOS/hlpradc

    ~/Library/Application Support/adc/hlpradc.app

    ~/Library/Application Support/adc/hlpradc.app/Contents/MacOS/hlpradc

    ~/Library/hlpradc

    ~/Library/Logs/hlpradc.log

    ~/Library/Application Support>sudo find / -iname com.ads*

    /Applications/Mac Ads Cleaner.app/Contents/Resources/com.adscleaner.hlpradc.plist

    ~/Library/Application Support/adc/com.adscleaner.hlpradc.plist

    ~/Library/Application Support/com.apple.sharedfilelist/com.apple.LSSharedFileList.ApplicationRecentDocuments/com.adscleaner.hlpradc.sfl

    ~/Library/Caches/com.adscleaner.hlpradc

    ~/Library/Preferences/com.adscleaner.hlpradc.plist

    ~/Library/Application Support>sudo find / -iname com.pcva*

    /Applications/Advanced Password Manager.app/Contents/Resources/com.pcvark.APMHelper.plist

    /private/var/db/receipts/com.pcvark.advancedPasswordManagerUpdate.Root.pkg.bom

    /private/var/db/receipts/com.pcvark.advancedPasswordManagerUpdate.Root.pkg.plist

    ~/Library/Application Support>sudo find / -iname apmhelper*

    /Applications/Advanced Password Manager.app/Contents/Resources/APMHelper.app

    /Applications/Advanced Password Manager.app/Contents/Resources/APMHelper.app/Contents/MacOS/APMHelper

    ~/Library/Application Support/apm/APMHelper.app

    ~/Library/Application Support/apm/APMHelper.app/Contents/MacOS/APMHelper

    ~/Library/Logs/APMHelper.log

    ~/Library/Application Support>sudo find / -iname Mac\ File*

    ~/Library/Application Support/Mac File Opener

    ~/Library/Application Support/Mac File Opener/Mac File Opener.app/Contents/MacOS/Mac File Opener

    Items to remove

    ~/Library/Application Support/Unpollute My Mac

    /Applications/Unpollute My Mac.app

    /Applications/Mac Ads Cleaner.app

    ~/Library/Application Support/adc

    ~/Library/hlpradc

    ~/Library/LaunchAgents/com.pcvark.APMHelper.plist

    ~/Library/Application Support/apm

    /Applications/Advanced Password Manager.app

    ~/Library/Application Support/Mac File Opener

    Postmorterm

    There are log files left behind that you can inspect to gain insight:

    ~/Library/Logs/ummhlpr.log

    Things you can figure out:

    Time it was installed: i.e. time stamp 2017-04-07 11:49:26

    Their campaign tracking info for the the distibutor of the software.

    The files associated with it.


  • Izyware Blog
    Izyware Blog