7-day Free Trial w/Credit card, no charge upfront or if you cancel up to 2 days before expiration; Subscription price varies per region w/ auto renewal unless you timely cancel; notification before you are billed; 30-day money-back guarantee; Read full terms and more information about free remover.

*Source of claim SH can remove it. is a browser-hijacking website that presents itself as a search engine and that is able to take over the browsers of Mac users. The hijacker can change the starting page and search engine of the browser, as well as trigger page redirects.

If you have recently started receiving notifications from in your browser or even when the browser is closed and/or if the homepage, new tab page, or search engine of any of your browsers has been modified to this or another questionable site without your permission, then you are most likely dealing with the browser hijacker. This isn’t some serious form of malware such as a Ransomware virus or a Trojan Horse, but you should still most definitely make sure to get rid of the hijacker as soon as possible. As you can see, can make unauthorized changes to your browser and can also control the content that gets shown on your screen.

The idea of such browser hijackers, in general, is to generate advertising revenue through models such as Pay-Per-View and Pay-Per-Click. This is why you are likely to be getting tons of intrusive notifications, page redirects, and ads if the hijacker is added to your browser. It’s important that you do not interact with this sort of content, as it may not always be safe and could often redirect you to phishing sites or sites that spread dangerous malware. This is also one of the main reasons why you need to get rid of as soon as possible. virus

The virus is a type of browser hijacker that targets Mac browsers and while it’s not as dangerous as a Trojan or Ransomware, it is still considered unsafe. The virus is typically distributed with the help of low-quality third-party apps.

Hijackers like have a limited number of ways to get added to a Mac computer. One of the most common techniques is to integrate the hijacker with another app – one that seems safe and legitimate – and then distribute it alongside the said app. However, due to strict security policy, it’s very rare for apps with hijacker components in them to be allowed into the official Mac App Store. For this reason, it’s much more common for such apps to be downloaded from less-secure third-party platforms. This is why you need to try to not download new software from sources you don’t know if you can trust. It’s also a good idea to conduct your own research on apps you want to get on your Mac before actually downloading them.

Another very common and much simple technique for spreading hijackers is when a browser-hijacking site shows the user a disguised notifications permission request. Typically, the request prompt is made to look like something else – for instance, a captcha prompt. The idea is for the user to unknowingly provide that site with a notifications permission, after which the rogue site can start manipulating the browser. This is why you should always carefully read the contents of any sudden prompts that may show up on your screen while browsing, and interact with them only if you are sure they aren’t some sort of scam.

TypeBrowser Hijacker
Detection Tool

*Source of claim SH can remove it.

Remove from Mac

To remove from Mac, please, complete the next steps in the order they are given:

  1. Check the Activity Monitor of your Mac for suspicious processes that may be linked to the hijacker, and forcibly stop them.
  2. Delete any questionable newly-installed apps currently located in your Applications folder.
  3. Search for remaining hijacker files in the ~/Library/LaunchAgents, /Library/LaunchDaemons, /Library/LaunchAgents, and ~/Library/Application Support folders.
  4. Lastly, to remove from Mac, delete the hijacker from Safari and from your other browsers.

Those are the four basic steps that Mac users need to complete in order to get rid of the rogue hijacker. Before you attempt to complete the removal process, however, we strongly recommend checking out the more detailed explanation for each of the steps that you will find below.

Detailer removal steps for

Before even starting the removal process, we recommend disconnecting your Mac from the Internet and keeping it that way until the hijacker gets deleted. The idea behind this is to prevent from receiving new instructions from its servers, which could make the hijacker’s deletion more difficult.

Step 1: Disable rogue processes

Open Finder, click on Go from the Menu Bar, and select Utilities. If you don’t see Utilities in the Go menu, go to Applications instead, and from the Applications folder open Utilities. Next, start the Activity Monitor app and, in it, look for questionably-looking items. Obviously, if one or more of the processes there are named or something similar, stop them by selecting them, then clicking the X from the top-left, and confirming the action. However, even if you don’t see any such processes, look for other suspicious entries – ones with too high Memory, CPU, or Battery usage and/or ones that have strange and unfamiliar names that don’t seem to be related to any of the legitimate programs on your Mac.

This image has an empty alt attribute; its file name is Screenshot-2022-01-11-at-23.21.08-2-1024x681.png

If you notice a potentially rogue process, but you aren’t sure it must be stopped, you should look up its name to see if any security experts have reported that it may be unwanted/harmful. Also, feel free to ask us in the comments if you aren’t certain about a given process, and we will try to assist you the best we can.

Obviously, if it turns out that a suspect process is rogue, you need to quit it immediately.

Step 2: Uninstall questionable apps

Now it’s time to check what apps you have on your Mac and remove anything that may be linked to the hijacker. Go to your Applications folder and look through the items shown there. Can you see any unfamiliar apps or apps you don’t think you can trust? If the answer is yes, send those apps to the Bin/Trash to uninstall them, and then also remember to empty the Bin/Trash.

This image has an empty alt attribute; its file name is Screenshot-2022-01-11-at-23.24.25-1024x604.png

In general, if there’s a specific app on your Mac that is responsible for the hijacker infection, it’s likely that the app in question has been installed fairly recently and that it has been downloaded from a third-party app platform and not the official Mac App Store. It is exceedingly rare for rogue, hijacker-carrying apps to be allowed into the Mac App Store (though you should never fully rule out this possibility).

Step 3: Cleaning remaining rogue files

Even if you have managed to stop any unwanted processes and delete the app that caused the hijacker to take over your browsers, it’s highly likely that there are still leftover data from the hijacker that needs to be removed. Though such remaining data could be located anywhere on your Mac, there are four folders where files from the unwanted software are most likely to be stored, so visiting those folders and deleting from them any potentially rogue data should get the job done. Here’s what you need to do:

First, open Finder, click the Go menu and select Go to Folder.

This image has an empty alt attribute; its file name is Screenshot-2022-01-11-at-23.25.54-1020x1024.png

Next, in the field that appears, copy-paste this folder address ~/Library/LaunchAgents and press Enter/Return. Now sort the files in the newly-opened folder by their creation date, and delete everything created since the day you first started noticing hijacker symptoms.

This image has an empty alt attribute; its file name is Screenshot-2022-01-11-at-23.27.03.png

Also, scan any other suspicious files with the following free online malware scanner, and if anything gets flagged as malware, delete it as well.

Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
This scanner is free and will always remain free for our website's users.
This file is not matched with any known malware in the database. You can either do a full real-time scan of the file or skip it to upload a new file. Doing a full scan with 64 antivirus programs can take up to 3-4 minutes per file.
Drag and Drop File Here To Scan
Drag and Drop File Here To Scan
Analyzing 0 s
Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
    This scanner is based on VirusTotal's API. By submitting data to it, you agree to their Terms of Service and Privacy Policy, and to the sharing of your sample submission with the security community. Please do not submit files with personal information if you do not want them to be shared.

    Next, you must also go to these two other folders: /Library/LaunchDaemons and /Library/LaunchAgents, and do the same thing there, deleting any recently added files and/or files that our scanner flags as malware.

    This image has an empty alt attribute; its file name is Screenshot-2022-01-11-at-23.26.55-1024x483.png

    Lastly, visit the ~/Library/Application Supportand search in it for sub-folders that may be linked to Again, you can use the scanner to test the data stored in the different sub-folders to figure out if any of them contain malware. If a sub-folder containing rogue files is found, you must delete it.

    How to remove from Safari

    To remove from Safari, you must clean the browser from any potentially unwanted extensions:

    1. Start Safari, click on the Safari menu from the top, and go to Preferences.
    2. Next, open the Extensions tab and in it look for any unfamiliar and/or untrusted items.
    3. Select the item you think may be unwanted and select Uninstall to delete them – this should remove from Safari.
    This image has an empty alt attribute; its file name is Screenshot-2022-01-11-at-23.29.00-1024x758.png

    There are a couple more actions we recommend performing in Safari to make sure that the browser is clean:

    First, from the Safari Preferences window, go to Privacy, click on Manage Website Data, wait for the website data to load, click Remove All, and confirm the action. After that, click on Done.

    This image has an empty alt attribute; its file name is Screenshot-2022-01-11-at-23.29.11-1024x262.png

    Next, go to the Websites tab of Preferences, click on Notifications from the left, and remove any sites shown in the right panel. Do the same thing with the Pop-up Windows section that’s below Notifications.

    This image has an empty alt attribute; its file name is Screenshot-2022-01-11-at-23.29.30-1024x715.png

    After that, open the General tab of Preferences, see what the current homepage of the browser is, and if it is or something else that you deem untrusted or unwanted, replace its address with the URL of a trusted website that you want to be your new homepage.

    This image has an empty alt attribute; its file name is Screenshot-2022-01-11-at-23.34.51-1024x586.png

    Finally, go to the History menu of Safari, select Clear History, set it to All History, and click on Clear History to perform the action.

    This image has an empty alt attribute; its file name is Screenshot-2022-01-11-at-23.35.08.png

    Cleaning other browsers

    It’s important to not forget that all other browsers that may be installed on your Mac would also need to be cleaned. Below, we will show you how to clean Chrome and Firefox from

    Chrome instructions

    If you have Chrome or any other Chromium-based browser on your Mac, here’s how to clean it from any undesirable hijacker components and data:

    1. Start the browser and go to its menu (for Chrome, the menu and most other Chromium browsers, the menu button is in the top-right, for Opera it’s in the top-left).
    2. Go to More Tools > Extensions, search for extension items that you do not trust or recognize, disable them, and then uninstall them.
      Screenshot 2022 01 11 At 23.27.44
    3. Next, from the browser menu, go to Settings, select the Privacy and Security section from the left and click on Clear browsing data. Check each box in the window that shows up except the one for your Passwords, and then select Clear data to perform the action.
      Screenshot 2022 01 11 At 23.36.01
      Screenshot 2022 01 11 At 23.36.07
    4. After that, open Site Settings, go to Notifications, see what sites are show under Allowed to send notifications, and disable the ones you do not trust and don’t want to send you notifications by clicking the three dots next to them and click on Block.
      Screenshot 2022 01 11 At 23.36.42
    5. Next, go to Appearance from the left and make sure to change the new-tab page URL if it’s currently set to or to some other suspicious website.
      Screenshot 2022 01 11 At 23.37.15
    6. Open the Search Engine section, change the default search engine used by Chrome if the current one isn’t the search engine you prefer, and then go to Manage Search Engines.
    7. On that page, see what sites are shown below Other search engines and if any of them are unknown or untrusted, click the three dots next to those sites and then click Delete.
      Screenshot 2022 01 11 At 23.37.57

    Firefox instructions

    The instructions for Firefox are similar to the ones for Chrome, but there are some slight differences, so here’s how to clean your Firefox browser:

    1. Start Firefox, select its menu from the top-right, and go to Add-ons.
    2. On the next page, select Extensions from the left, then look through the listed Firefox extensions and disable and uninstall the ones you think could be from the hijacker.
      Screenshot 2022 01 11 At 23.41.48
    3. Next, go to Settings from the Firefox menu and, in the Home section, make sure that the Homepage and New tab addresses aren’t set to or to another questionable site.
      Screenshot 2022 01 11 At 23.42.18
    4. After that, go to the Privacy and Security section, scroll down to Cookies and Site Data and select Clear Data.
      Screenshot 2022 01 11 At 23.42.43
    5. Check both of the boxes shown in the following window, click Clear and then Clear Now to delete the browsing data.
      Screenshot 2022 01 11 At 23.42.48
    6. Next, scroll down to Permissions, click on the Settings button next to Notifications, and remove any sites listed in the following window that seem rogue and untrusted.
      Screenshot 2022 01 11 At 23.43.10 › nearbyme-ioSEO title – Virus Removal GuidesMeta description preview:

    Screenshot 2022 01 11 At 23.21.08 2 1024x681


    About the author

    Violet George

    Violet is an active writer with a passion for all things cyber security. She enjoys helping victims of computer virus infections remove them and successfully deal with the aftermath of the attacks. But most importantly, Violet makes it her priority to spend time educating people on privacy issues and maintaining the safety of their computers. It is her firm belief that by spreading this information, she can empower web users to effectively protect their personal data and their devices from hackers and cybercriminals.

    Leave a Comment