Facing problem chill search.xyz redirection
I downloaded something accidentally to my Macbook and I see chill search redirection.
I run Etrecheck and below is the report:
What shall I do?
Thank you in advance for help!
MacBook Air 13″, macOS 12.4
Question marked as
Backup:
Time Machine Not Configured!
If you do not back up your Mac, that means the prospect of permanently losing all the information on it does not concern you. To learn how to use Time Machine please read Back up your files with Time Machine on Mac - Apple Support.
- A backup is a fundamental prerequisite regardless of whatever method you may choose uninstall adware, and would apply even if your Mac were running perfectly well. Do not overlook this fundamental requirement. It's important.
To fix the problem at hand proceed as follows:
Restart your Mac in "Safe Mode", and log in: How to use safe mode on your Mac. Starting in Safe Mode takes longer than usual so let it finish. This step will prevent the scam products from loading so that they can be removed while they are inactive.
Then:
Open the following folder:
~/Library/LaunchAgents
To open that folder, copy the entire line above and paste it in the Finder's Go menu > Go to Folder... field:
Make it look like this:
... and click the Go button.
A Finder window will open. Locate the following files, and drag them to the Trash:
com.amin.gr.plist
com.remcore.plist
com.inspectd.plist
com.nbp.plist
com.NB3mM.plist
com.oakwood-Ochna.plist
com.Reinquire.plist
com.Rhinthonica.plist
At this point, the problems affecting that Mac should be gone. To be thorough, proceed with the following to make sure nothing else has been altered without your knowledge.
Next: open Safari and select the Safari menu > Preferences... > Extensions. If you see any Safari Extensions that you do not recognize or understand, simply click the Uninstall button and they will be gone. No Safari Extensions are required for normal operation. Then, select the General pane and review your Homepage selection. Repeat those equivalent actions for any other browser you may use (Brave, Firefox, or Opera for example).
There may also be adware-associated app icons in your Mac's Applications folder. Open it and examine its contents. Any unwanted or mysterious app icons should be obvious to you, but again please don't remove anything if you are uncertain—ask first. Identify any suspicious apps by name, or post another screenshot.
Next: In an abundance of caution, examine System Preferences > Extensions. Determine if there are any System Extensions that may have been installed without your knowledge. Ask if you're uncertain.
Remaining in System Preferences, check for the presence of any Profiles. Profiles are installed by organizations with a need to manage Macs deployed in institutional corporate or educational environments (for example), but have also been exploited by adware creators and similar malcontents. If any Profiles are installed on your Mac an icon like this will appear in System Preferences:
If you see that icon in System Preferences, select it. To remove a Profile, select it, then click the [—] (minus) button and authenticate.
Remaining in System Preferences, open Users & Groups. Select your User Account's Login Items. You may or may not find those Applications in its list. If you do, select them then click the [—] (minus) button to remove them from Login Items.
You can then restart your Mac and log in as usual. Evaluate its operation and ensure everything is working as you expect it should.
Next: if you want to thoroughly eradicate all remaining adware remnants examine the following folder, in the same manner as you did earlier:
~/Library/Application Support
It is normal for that folder to contain many items, but anything associated with the above adware may contain identical names. If you find a folder or folders bearing those names, drag those folders to the Trash. Without the files you already removed or the reintroduction of similar malware, they can do nothing but occupy space. These can be removed if you wish, but again don't remove anything if you are uncertain.
Finally: If any of the above actions result in abnormal operation or if something else stops working, the easiest way to recover would be to restore the Time Machine backup you created as a prerequisite, so the importance of that fundamental step cannot be overemphasized.