User profile for user: ivanandarthur
ivanandarthur Author
User level: Level 1
8 points

Search Engine Malware on MacBook Air 2015 - Find and Delete .plists

Hi,

I'm helping a friend with their early 2014 MacBook Air laptop running High Sierra 10.13.6 and a newer 2020 Air, Sonoma 14.2.1 - it looks like they've downloaded bad things. Search engine on Chrome (their favored browser) defaults to "searchbaron.com with a long string of characters following, or search-alpha.com. I've taken screenshots of the launch agents, and launch daemons but have no idea what to delete. Can anyone help?

Posted on Dec 19, 2023 5:23 PM

Reply
Question marked as Top-ranking reply
User profile for user: John Galt
John Galt
User level: Level 10
158,770 points

Posted on Dec 19, 2023 6:28 PM

First, start your Mac in "Safe Mode": How to use safe mode on your Mac - Apple Support. Starting in Safe Mode takes longer than usual so let it finish.


While in that mode, drag these files to the Trash:


First screenshot:



Second screenshot:



Third screenshot:



Then, restart your Mac normally and confirm the alert messages cease to appear.


Note: Non-Apple "drive manager" or "utility" products are not required on Macs. Western Digital's product in particular was notorious for spontaneously erasing perfectly good hard disk drives in the past. Although it is not related to the problem at hand I recommend uninstalling it for those reasons.

View in context

Similar questions

9 replies
Question marked as Top-ranking reply
User profile for user: John Galt
John Galt
User level: Level 10
158,770 points

Dec 19, 2023 6:28 PM in response to ivanandarthur

First, start your Mac in "Safe Mode": How to use safe mode on your Mac - Apple Support. Starting in Safe Mode takes longer than usual so let it finish.


While in that mode, drag these files to the Trash:


First screenshot:



Second screenshot:



Third screenshot:



Then, restart your Mac normally and confirm the alert messages cease to appear.


Note: Non-Apple "drive manager" or "utility" products are not required on Macs. Western Digital's product in particular was notorious for spontaneously erasing perfectly good hard disk drives in the past. Although it is not related to the problem at hand I recommend uninstalling it for those reasons.

Reply
User profile for user: John Galt
John Galt
User level: Level 10
158,770 points

Dec 19, 2023 6:52 PM in response to ivanandarthur

Yes. All of them should be dragged to the Trash. You may need to do that in "Safe Mode" as well.


Those things are all installed through deception. For a somewhat outdated but still relevant description of how that happens, read How to install adware - Apple Community.


People can't seem to resist installing free stuff, even if its Terms and Conditions make it abundantly clear what it's going to do — which is in essence to mess up their Mac and make it do things no reasonable person would want.


Interestingly, I have never encountered a single piece of Mac malware that does not do exactly what it says it's going to do.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Search Engine Malware on MacBook Air 2015 - Find and Delete .plists

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up