QuicklookPI is a rogue browser attachment of the widespread browser hijacker category – a type of apps known for causing sudden browser page redirects. QuicklookPI has been reported to look through the browser history of users in order to obtain useful advertising information.
The QuicklookPI malware on Mac
This kind of apps is one of the most commonly encountered forms of unwanted software for both Mac and Windows computers. While the representatives of the browser hijacker family are not as threatening as more dangerous software types, such as Worms, Banking Trojans, Spyware, and Ransomware viruses, they could still turn out to be a major inconvenience if they remain in the browser for long enough.
Some of the first browser hijacker symptoms most people report are different unwanted changes in their browsers. A replaced homepage address or default browser search engine inside browsers such as Firefox, Safari, or Chrome is what lets people know that some kind of unwanted application has managed to get itself attached to the system’s main browser. One of the most frustrating parts about such unauthorized browser changes is the fact you won’t be allowed to reverse them so long as the hijacker app stays added to the browser.
QuicklookPI for Mac
QuicklookPI for Mac is a type of Mac junkware known for attaching itself to the main browser and introducing undesirable changes to its settings. QuicklookPI for Mac shouldn’t be allowed to stay on the computer for long or else it may result in security weaknesses.
Most users wish to remove browser hijackers like this one mainly because of the obstruction caused by their ads, browser changes, and sudden page redirects. However, there’s actually a bigger reason why one must not allow such software to freely operate on their computer.
Even if this app is not intended to corrupt anything in your system, it is potentially possible that it may make it more likely for more threatening programs to enter your Mac. Not all of the sites that hijackers like this one popularize are particularly reliable. Sadly, some of them may even be unsafe and filled with malware.
What is QuicklookPI?
QuicklookPI is an unwanted advertising Mac app that may endanger your computer’s safety by redirecting the browser to potentially unsafe sites. QuicklookPI will not stop causing ad generation and automatic page redirects until it is fully uninstalled from the computer’s main browser.
The QuicklookPI scam product on Mac
Any online security expert will tell you that if there is a hijacker in your browser, you must immediately make sure to remove the intrusive app like SearchUp, Gsecurecontent or Search Marquis. Otherwise, you risk getting your system exposed to a wide variety of online hazards, including disguised phishing pages, Ransomware viruses, Trojan horses, Spyware, and so on.
The QuicklookPI app
The QuicklookPI app is a junkware attachment for Mac browsers that causes uncontrolled generation of page redirects and browser ads. The QuicklookPI app is typically added to other software as a bonus component and this is how it normally gets installed onto users’ computers.
To keep such apps away from your system in the future, be sure to never download new software from unverified sources or developers and to never interact with clickbait ads or the contents of spam messages.
As for the removal of QuicklookPI, the guide you will find below will give you the needed uninstallation instructions that you must complete in order to rid your Mac of the undesirable hijacker.
If you are looking for some quick instructions to remove QuicklookPI from your Mac browser, we suggest you first give a try to the following general steps and see if they can fix the browser hijacking issue without going further:
Start with opening the problematic hijacked Mac browser and clicking on its main menu icon.
Select the Preferences option if you are using Safari. In other browsers, you may need to select Add ons or More Tools instead of Preferences.
Next, search for a sub-menu or a tab called Extensions and select it.
Once on the Extensions page, search for extensions that seem to be linked to QuicklookPI and if you find any, remove them.
Finally, restart your browser and check if the hijacker is still disturbing you.
The instructions above may help in some of the cases, but if this is not your case and QuicklookPI doesn’t want to get removed once you remove its extensions, then you need to use a more detailed approach to locate and delete all of its entries from your Mac. The QuicklookPI removal guide below explains what are the steps for that.
Quit Safari in case that it is presently running (or Force Quit it if it has become unresponsive).
The Force Quit option could be found if you click on the Apple menu and select Force Quit from the options.
Once the browser is closed, proceed to the instructions in step 2.
WARNING! READ CAREFULLY BEFORE PROCEEDING!
Start Activity Monitor from Finder>>>Applications>>>Utilities
Scroll the list of active processes in a search for a process that looks questionable and appears to be run by QuicklookPI. Highlight the questionable process once you detect it and click the “i” button at the top. Once you do this, you should see an information window that displays some general details about the selected process. In the example image below we are demonstrating a process of Google Chrome:
Click on Sample at the bottom and this will create a sample file of the process:
Save the file and scan it with the free online virus scanner below. If danger is detected, go back to the Activity Monitor, highlight the problematic process related to the file and click on the X button next to the “i” button at the top to stop it.
If you find more than one questionable process, repeat the sample-generation steps and scan everything that looks suspicious.
Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
This scanner is free and will always remain free for our website's users.
This file is not matched with any known malware in the database. You can either do a full real-time scan of the file or skip it to upload a new file. Doing a full scan with 64 antivirus programs can take up to 3-4 minutes per file.
Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
Once you have stopped all processes that you have found are hijacker-related in the Activity Monitor, it is time to open the Safari browser and remove any changes that have been made in its settings.
For that, you need to press the Shift key from your keyboard and launch Safari while holding it. This is a trick that should prevent any QuicklookPI-related pages and sponsored links from loading inside the browser on their own.
If you find that once Safari starts, there are pages that still pop up without your permission, Force Quit the browser and switch off the Wi-Fi connection of your Mac (Mac Menu>>>Wi-Fi OFF) or disconnect the Ethernet cable from the computer until you complete the next instructions. Then try Shift-launching Safari again.
Once you are done with the guide, you can re-connect your Mac to the Internet in the same way.
Remove QuicklookPI from Safari
Now, after you have successfully Shift-launched Safari, click on the Safari menu and select Preferences.
In Preferences, find the Extensions tab and click it:
Uninstall any extensions that seem to have a relation to QuicklookPI or look questionable and you have no intentions to use.
Once you are done with that, click on the Privacy tab:
Select Remove All Website Data, and confirm your action by clicking on Remove Now. This action will delete all stored website data from the browser, including cookies, cache, and other data related to QuicklookPI-powered pages, as well as your sign-in details for all websites that require authentication.
You are not done yet with digging in the Preferences menu. After you remove all website data, click on the General tab:
Then, head to the Homepage section and check if QuicklookPI has replaced the homepage URL with one of its sponsored domains. In case it is, remove it and type a homepage address of your choice.
Finally, click on the History menu of the browser and select the Clear History option. This is not a mandatory step but it will clean up any links to problematic pages related to QuicklookPI from Safari, so we recommend that you go ahead and clear your history to ensure that there is nothing that could potentially be linked to the hijacker in your browser.
Users who don’t use Safari as the main browser or have more than one browser on their Mac should not forget to check each of them for changes. For your convenience, below we have included instructions that explain how to refresh the settings in Google Chrome and Firefox.
How to Remove QuicklookPI From Firefox in OSX:
Open Firefox, click on (at the top right corner) and click on Add-ons.
Then, select Extensions from the left, just as it is shown on the image below:
Search for problematic extensions in the list and remove everything that looks suspicious or potentially unwanted. After that use the instructions from the link to refresh Your Firefox Settings and remove any other changes that QuicklookPI might have made without your approval.
How to Remove QuicklookPI From Chrome in OSX:
Start Chrome, click and navigate to MoreTools >>> Extensions.
Again, search for extensions that seem to be problematic or have a relation to the browser hijacker and click on the trash bin icon next to them to remove them.
Once you are done with that, click the main menu icon top right once again, and select Settings. In Settings, click on the Search tab and select Manage Search Engines. If you see search engines that you don’t normally use, don’t hesitate to delete them and set a search engine that you trust as default. After that, click on the provided link here to Reset Your Chrome Settings and revoke any changes that have been made without your knowledge.
If QuicklookPI turns out to be more persistent than expected, and the instructions in this guide aren’t enough to rid you of it completely, know that you can use the professional anti-virus program linked on this page to scan your Mac for any hidden leftovers that need to be deleted.
About the author
Brandon is a researcher and content creator in the fields of cyber-security and virtual privacy. Years of experience enable him to provide readers with important information and adequate solutions for the latest software and malware problems.