Mac Virus

Remove CookieMiner Malware (Mac Guide)

Parasite may reinstall itself multiple times if you don't delete its core files. We recommend downloading ComboCleaner to scan for malicious programs installed with it. This may save you hours and cut down your time to about 15 minutes. 

Download ComboCleaner Anti-Malware

More information about ComboCleaner and steps to uninstall. Please review ComboCleaner's EULA and Privacy Policy. Keep in mind, only ComboCleaner’s scanner is free. If it detects a malware, you'll need to purchase its full version to remove it.


A new Trojan-based virus named CookieMiner Malware has been reported recently to our “How to remove” team. This infection can easily compromise any Windows-based system and can cause a lot of issues in it. According to the information that we have, CookieMiner Malware has been created by a group of criminal hackers to help them initiate actions of cyber fraud, theft and other criminal activities. After entering in the system, CookieMiner Malware may create serious weaknesses in the system’s security as well as block some of the safety features such as the firewall or the default antivirus program. In this way, the Trojan might open a backdoor for other nasty infections, including Ransomware and Spyware, to secretly sneak inside the PC and launch their malicious agenda.

How to remove CookieMiner Malware?

If you think that your computer might have been infected with CookieMiner Malware, we highly recommend you check your entire system with a trusted malware-removal tool. Trojans like this one could be awfully difficult to spot without the help of reliable security software because they oftentimes trick the users by mimicking regular system processes and files. They also spread various malicious files inside different system locations which are usually not easily accessible for the regular web users. Deleting the wrong files may lead to unintentional corruption of and damage to vital system processes and files and the effects of that will actually cause even more damage. At the same time, the malware may remain undisturbed there and may continue to perform its criminal tasks. For this reason, the need for proper software that can handle the infection is not to be ignored. If you don’t have a trusted removal tool at hand, we suggest you use the one in the removal guide below or follow the manual removal instructions published there. To have better chances against CookieMiner, you may even combine both methods so that you can double check the system for any hidden malicious data.

In addition to the malicious actions that we have already mentioned above, CookieMiner may provide its creators with secret unauthorized access to all of your personal data and the software that you have installed on your machine. This may result in the theft of sensitive information and files such as passwords, debit or credit card details, login credentials, confidential work-data, etc. CookieMiner may connect to remote servers and transmit your personal data to people with malicious intentions without you having any idea about what’s really happening. For this reason, having this Trojan on your computer poses great danger to your virtual safety and that is why you need to take immediate actions to remove it.

How to keep your PC safe?

If you want to minimize the chances of catching a Trojan Horse infection, you should know the most common sources of this type of malware and the locations where it hides most frequently. Very popular and quite effective malware distribution methods are the email spam campaigns. Many hackers load their malicious software inside intriguing emails which carry harmless-looking attachments. They usually prompt the victims to click on the file and to download it in order to get infected. Another common method is the malvertising where legitimate-looking ads spread malicious links and compromised third-party programs. That’s why the general rule is to  try to keep away from everything sketchy and stick to well-known web locations while you are on the Internet.


Name CookieMiner
Type Trojan
Danger Level  High (Trojans are often used as a backdoor for Ransomware)
Symptoms  You may eventually notice unusual system behavior such as higher CPU or RAM usage, sudden crashes, instability.
Distribution Method  Infected email attachments, ads, spam, torrents, pirated materials, cracked software, illegal websites. 
Detection Tool

Remove CookieMiner Malware


We get asked this a lot, so we are putting it here: Removing parasite manually may take hours and damage your system in the process. We recommend downloading ComboCleaner to see if it can detect parasite files for you.

The first thing you need to do is to Quit Safari (if it is opened). If you have trouble closing it normally, you may need to Force Quit Safari:

You can choose the Apple menu and click on Force Quit.

Alternatively you can simultaneously press (the Command key situated next to the space bar), Option (the key right next to it) and Escape (the key located at the upper left corner of your keyboard).

If you have done it right a dialog box titled Force Quit Applications will open up.

In this new dialog window select Safari, then press the Force Quit button, then confirm with Force Quit again.

Close the dialog box/window.



To remove parasite on your own, you may have to meddle with system files and registries. If you were to do this, you need to be extremely careful, because you may damage your system.

If you want to avoid the risk, we recommend downloading ComboCleaner
a professional malware removal tool.

More information on ComboCleaner, steps to uninstallEULA, and Privacy Policy.

Start Activity Monitor by opening up Finder, then proceed to activity-monitor

Once there, look at all the processes: if you believe any of them are hijacking your results, or are part of the problem, highlight the process with your mouse, then click the “i” button at the top. This will open up the following box:


Now click on Sample at the bottom:


Do this for all processes you believe are part of the threat, and run any suspicious files in our online virus scanner, then delete the malicious files:

Drag and Drop Files Here to Scan
Maximum file size: 128MB.

This scanner is free and will always remain free for our website's users. You can find its full-page version at:

Scan Results

Virus Scanner Result


The next step is to safely launch Safari again. Press and hold the Shift key while relaunching Safari. This will prevent Safari’s previously opened pages from loading again. Once Safari is opened up, you can release the Shift key.

On the off chance that you are still having trouble with scripts interrupting the closing of unwanted pages in Safari, you may need to take some additional measures.

First, Force Quit Safari again.

Now if you are using a Wi-Fi connection turn it off by selecting Wi-Fi off in you Mac’s Menu. If you are using a cable internet (Ethernet connection), disconnect the Ethernet cable.


Re-Launch Safari but don’t forget to press and hold the Shift button while doing it, so no previous pages can be opened up. Now, Click on Preferences in the Safari menu,

Preferences in Safari

and then again on the Extensions tab,

extensions in safari

Select and Uninstall any extensions that you don’t recognize by clicking on the Uninstall button. If you are not sure and don’t want to take any risks you can safely uninstall all extensions, none are required for normal system operation.

The threat has likely infected all of your browsers. The instructions below need to be applied for all browsers you are using.

Again select Preferences in the Safari Menu, but this time click on the Privacy tab,
Privacy in Safari

Now click on Remove All Website Data, confirm with Remove Now. Keep in mind that after you do this all stored website data will be deleted. You will need to sign-in again for all websites that require any form of authentication.

Still in the Preferences menu, hit the General tab

General Tab in Safari

Check if your Homepage is the one you have selected, if not change it to whatever you prefer.
Default Home Page

Select the History menu this time, and click on Clear History. This way you will prevent accidentally opening a problematic web page again.

firefox-512 How to Remove CookieMiner From Firefox in OSX:

Open Firefoxclick on mozilla menu (top right) ——-> Add-onsHit Extensions next.

pic 6

The problem should be lurking somewhere around here –  Remove it. Then Refresh Your Firefox Settings.

chrome-logo-transparent-backgroundHow to Remove CookieMiner From Chrome in OSX:

 Start Chrome, click chrome menu icon —–>More Tools —–> Extensions. There,  find the malware and  select  chrome-trash-icon.

pic 8

 Click chrome menu icon again, and proceed to Settings —> Search, the fourth tab, select Manage Search Engines.  Delete everything but the search engines you normally use. After that Reset Your Chrome Settings.

If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!

Leave a Comment