BasicLocator Mac virus (Free Guide)

BasicLocator Mac virus Removal Guide

What is BasicLocator Mac virus?

BasicLocator – a Mac virus that can hijack your device and steal your data

BasicLocator

BasicLocator is a type of adware similar to others that have been present online for several years. It often reaches users’ devices through misleading prompts, such as fake updates for essential software or installers obtained from unreliable websites.

After being installed, BasicLocator secures elevated permissions on the affected system, allowing it to stay operational over a long period. It creates persistence mechanisms by modifying system settings, including adding Login Items and other entries. A key sign of its presence is the installation of a browser extension, which may affect popular browsers like Safari, Chrome, or Firefox.

This adware disrupts browsing experiences by altering search results to include intrusive advertisements and possibly dangerous links. Users might face an increase in phishing attempts, exposing them to further risks like malware infections or financial scams.

A particularly concerning feature of BasicLocator is its potential to monitor users’ browsing activities and collect sensitive data. This can include personal details such as login credentials or banking information. Removing this adware promptly is essential to safeguard both your data and your device.

Name BasicLocator
Type Mac virus, adware, browser hijacker
Malware family Adload
Distribution Fake Flash Player installers or pirated software from high-risk sources
Symptoms Installs an extension to the browser that can not be deleted easily; changes homepage/new tab to Safe Finder, Akamaihd, or something else; redirects lead to potentially malicious or scam sites, promotes suspicious software, etc.
Removal You can remove Mac malware with the help of powerful security tools, such as SpyHunter 5Combo Cleaner or Malwarebytes. We also provide manual removal steps below
System optimization Potentially unwanted programs often leave traces within web browsers – cookies, for example, are used for tracking. You should get rid of these leftovers with FortectIntego or employ our manual guide

Techniques used by cybercriminals to spread BasicLocator

BasicLocator is a type of malicious software designed to specifically target macOS users. Cybercriminals use various tactics to distribute this malware, with some of the most common methods involving fake software updates and downloads from unofficial platforms.

One of the primary techniques involves counterfeit Flash Player updates. Cybercriminals set up deceptive websites that closely imitate official pages, often using logos and designs to mimic trusted brands. These sites prompt users to download a supposed Flash Player update, but the file they install is actually malware. In some cases, these pages employ scare tactics, such as warnings about system vulnerabilities or restricted access to content, to pressure users into downloading the update.

Another method of spreading the virus involves pirated software distributed on untrustworthy websites. These packages often claim to offer free versions of premium programs, such as VPNs, Adobe products, or antivirus software. However, these downloads are bundled with malicious software.

Users who download from unofficial sources may be attempting to avoid paying for licensed software, but this choice comes with significant risks. Besides BasicLocator, they could unknowingly install additional threats, such as spyware or trojans, further compromising their system's security.

BasicLocator virus

BasicLocator: a threat to Mac users

The rising popularity of Macs has shattered the misconception that they are immune to malware. Over the past few years, there has been a sharp increase in malware targeting macOS, drawing the focus of cybercriminals globally.

Although Macs are generally less susceptible to severe threats like ransomware or rootkits, they have become a prime target for adware. Mac-specific adware is often more aggressive and disruptive compared to similar programs designed for Windows systems.

BasicLocator, a persistent and invasive adware variant, exemplifies this trend. Known for its distinct icon – featuring a magnifying glass against backgrounds in colors like teal, green, blue, or gray – this malware has plagued Mac users for years. The presence of this icon in an app or browser extension is a common sign of the infection.

One of its defining traits is its ability to evolve and bypass macOS security measures. Using advanced techniques, BasicLocator employs tools like AppleScript to circumvent Gatekeeper and XProtect, which are critical defense mechanisms for Macs.

Once it infiltrates the system, it installs extensions and other components with elevated permissions, enabling it to harvest personal information and download additional malicious software. This often results in a cascade of infections, with multiple malware variants complicating the cleanup process. Removing BasicLocator can be a difficult task, but proper measures can restore the device's security.

How to remove malicious software from your Mac

The easiest and most practical way to remove malicious software from your Mac is by running a scan with an anti-malware app like SpyHunter 5Combo Cleaner, Malwarebytes, and related ones. These programs will automatically locate and delete the harmful components of the malware, which the user running the scan cannot do, and reduces any chances of leaving any stray files behind that might reignite the malware. It's a lot faster than doing this manually.

If you want to remove the malware manually, you need to do it very carefully because incomplete removal may lead to reinfection. Start with the following steps:

  • Open Applications folder.
  • Select Utilities.
  • Double-click Activity Monitor.
  • Here, look for suspicious processes and use the Force Quit command to shut them down.
  • Go back to the Applications folder.
  • Find the malicious entry and place it in Trash.Uninstall from Mac 1

To effectively remove the malware from your Mac, you need to address two critical components that it manipulates: Login Items and Profiles. Both play a significant role in the persistence and functionality of the malware.

  • Go to Preferences and pick Accounts.
  • Click Login items and delete everything suspicious.
  • Next, pick System Preferences > Users & Groups.
  • Find Profiles and remove unwanted profiles from the list.

Finally, you should get rid of Launch Daemons and other configuration data left by malware. Proceed with the following:

  • Select Go > Go to Folder.
  • Enter /Library/Application Support and click Go or press Enter.
  • In the Application Support folder, look for any dubious entries and then delete them.
  • Now enter /Library/LaunchAgents and /Library/LaunchDaemons folders the same way and delete all the related .plist files.Uninstall from Mac 2

Taking care of the web browser components

The BasicLocator adware uses its accompanying browser extension to modify browser settings and flood Safari, Chrome, or other browsers with intrusive advertisements. These ads appear every time the browser is opened, ensuring a steady stream of revenue for the attackers from clicks and impressions.

What makes this extension particularly concerning is its elevated permissions, which enable it to collect sensitive information such as login credentials and credit card details. This poses a significant risk to user privacy and financial security. Removing the browser extension is essential and should be done using the following steps:

Safari

  1. Click Safari > Preferences…
  2. In the new window, pick Extensions.
  3. Select the unwanted extension and select Uninstall.Remove extensions from Safari

Google Chrome

  1. Open Google Chrome, click on the Menu (three vertical dots at the top-right corner) and select More tools > Extensions.
  2. In the newly opened window, you will see all the installed extensions. Uninstall all the suspicious plugins that might be related to the unwanted program by clicking Remove.Remove extensions from Chrome

It is crucial to delete all leftover components from your browser after removing the BasicLocator extension. If any remnants are left behind, the adware may continue tracking your data or reintroduce intrusive advertisements.

For a quicker and more efficient cleanup, consider using FortectIntego. This tool can help identify and remove residual files that might otherwise go unnoticed, ensuring your browser is free from malicious components. Taking this step will enhance your privacy and prevent the reappearance of unwanted ads.

Safari

  1. Click Safari > Clear History…
  2. From the drop-down menu under Clear, pick all history.
  3. Confirm with Clear History.Clear cookies and website data from Safari

Google Chrome

  1. Click on Menu and pick Settings.
  2. Under Privacy and security, select Clear browsing data.
  3. Select Browsing history, Cookies and other site data, as well as Cached images and files.
  4. Click Clear data.Clear cache and web data from Chrome

At times, the persistence mechanisms employed by the virus can make it impossible to remove the extension. In such cases, it is advisable to reset the web browser entirely, following the instructions provided below:

Safari

  1. Click Safari > Preferences…
  2. Go to Advanced tab.
  3. Tick the Show Develop menu in menu bar.
  4. From the menu bar, click Develop, and then select Empty Caches.Reset Safari

Google Chrome

  1. Click on Menu and select Settings.
  2. In the Settings, scroll down and click Advanced.
  3. Scroll down and locate Reset and clean up section.
  4. Now click Restore settings to their original defaults.
  5. Confirm with Reset settings.Reset Chrome 2

Offer
do it now!
Download
Fortect Happiness
Guarantee
Download
Intego Happiness
Guarantee
Compatible with Microsoft Windows Compatible with macOS
What to do if failed?
If you failed to fix virus damage using Fortect Intego, submit a question to our support team and provide as much details as possible.
Fortect Intego has a free limited scanner. Fortect Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Fortect, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

Getting rid of BasicLocator Mac virus. Follow these steps

FirefoxEdge

Remove from Mozilla Firefox (FF)

Remove dangerous extensions:

  1. Open Mozilla Firefox browser and click on the Menu (three horizontal lines at the top-right of the window).
  2. Select Add-ons.
  3. In here, select unwanted plugin and click Remove. Remove extensions from Firefox

Reset the homepage:

  1. Click three horizontal lines at the top right corner to open the menu.
  2. Choose Options.
  3. Under Home options, enter your preferred site that will open every time you newly open the Mozilla Firefox.

Clear cookies and site data:

  1. Click Menu and pick Settings.
  2. Go to Privacy & Security section.
  3. Scroll down to locate Cookies and Site Data.
  4. Click on Clear Data…
  5. Select Cookies and Site Data, as well as Cached Web Content and press Clear. Clear cookies and site data from Firefox

Reset Mozilla Firefox

If clearing the browser as explained above did not help, reset Mozilla Firefox:

  1. Open Mozilla Firefox browser and click the Menu.
  2. Go to Help and then choose Troubleshooting Information. Reset Firefox 1
  3. Under Give Firefox a tune up section, click on Refresh Firefox…
  4. Once the pop-up shows up, confirm the action by pressing on Refresh Firefox. Reset Firefox 2

Remove from Microsoft Edge

Delete unwanted extensions from MS Edge:

  1. Select Menu (three horizontal dots at the top-right of the browser window) and pick Extensions.
  2. From the list, pick the extension and click on the Gear icon.
  3. Click on Uninstall at the bottom. Remove extensions from Edge

Clear cookies and other browser data:

  1. Click on the Menu (three horizontal dots at the top-right of the browser window) and select Privacy & security.
  2. Under Clear browsing data, pick Choose what to clear.
  3. Select everything (apart from passwords, although you might want to include Media licenses as well, if applicable) and click on Clear. Clear Edge browsing data

Restore new tab and homepage settings:

  1. Click the menu icon and choose Settings.
  2. Then find On startup section.
  3. Click Disable if you found any suspicious domain.

Reset MS Edge if the above steps did not work:

  1. Press on Ctrl + Shift + Esc to open Task Manager.
  2. Click on More details arrow at the bottom of the window.
  3. Select Details tab.
  4. Now scroll down and locate every entry with Microsoft Edge name in it. Right-click on each of them and select End Task to stop MS Edge from running. Reset MS Edge

If this solution failed to help you, you need to use an advanced Edge reset method. Note that you need to backup your data before proceeding.

  1. Find the following folder on your computer: C:\\Users\\%username%\\AppData\\Local\\Packages\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe.
  2. Press Ctrl + A on your keyboard to select all folders.
  3. Right-click on them and pick Delete Advanced MS Edge reset 1
  4. Now right-click on the Start button and pick Windows PowerShell (Admin).
  5. When the new window opens, copy and paste the following command, and then press Enter:

    Get-AppXPackage -AllUsers -Name Microsoft.MicrosoftEdge | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\\AppXManifest.xml” -Verbose Advanced MS Edge reset 2

Instructions for Chromium-based Edge

Delete extensions from MS Edge (Chromium):

  1. Open Edge and click select Settings > Extensions.
  2. Delete unwanted extensions by clicking Remove. Remove extensions from Chromium Edge

Clear cache and site data:

  1. Click on Menu and go to Settings.
  2. Select Privacy, search and services.
  3. Under Clear browsing data, pick Choose what to clear.
  4. Under Time range, pick All time.
  5. Select Clear now. Clear browser data from Chroum Edge

Reset Chromium-based MS Edge:

  1. Click on Menu and select Settings.
  2. On the left side, pick Reset settings.
  3. Select Restore settings to their default values.
  4. Confirm with Reset. Reset Chromium Edge

How to prevent from getting adware

Choose a proper web browser and improve your safety with a VPN tool

Online spying has got momentum in recent years and people are getting more and more interested in how to protect their privacy online. One of the basic means to add a layer of security – choose the most private and secure web browser. Although web browsers can't grant full privacy protection and security, some of them are much better at sandboxing, HTTPS upgrading, active content blocking, tracking blocking, phishing protection, and similar privacy-oriented features. However, if you want true anonymity, we suggest you employ a powerful Private Internet Access VPN – it can encrypt all the traffic that comes and goes out of your computer, preventing tracking completely.

 

Lost your files? Use data recovery software

While some files located on any computer are replaceable or useless, others can be extremely valuable. Family photos, work documents, school projects – these are types of files that we don't want to lose. Unfortunately, there are many ways how unexpected data loss can occur: power cuts, Blue Screen of Death errors, hardware failures, crypto-malware attack, or even accidental deletion.

To ensure that all the files remain intact, you should prepare regular data backups. You can choose cloud-based or physical copies you could restore from later in case of a disaster. If your backups were lost as well or you never bothered to prepare any, Data Recovery Pro can be your only hope to retrieve your invaluable files.

About the author
Alice Woods
Alice Woods - Likes to teach users about virus prevention

If this free guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Alice Woods
About the company Esolutions