Severity scale:  

Remove Binarymove virus (Removal Instructions) - Free Guide

removal by Olivia Morelli - - | Type: Mac viruses

Binarymove virus – a potentially unwanted program that inserts intrusive ads into Macs

Binarymove virus
Binarymove virus is a potentially unwanted application that starts redirecting macOS users to suspicious or even dangerous sites

Binarymove virus is a a browser infection on macOS systems, and affects Safari, Google Chrome, Mozilla Firefox, and other web browsers. The threat is usually established as soon as a potentially unwanted program is installed on the system – it can be either an app downloaded from a random website or come as an optional component within a software bundle package. Third party software distribution sites often compile several apps into a single installer, disguising adware, browser hijackers, and other PUPs from users' eyes deliberately. As a result, users may find Binarymove Mac virus seemingly out of nowhere.

Once inside the system, Binarymove may alter the web browser settings in order to set a new homepage, new tab URL, and also apply a customized search engine. The hijacked engine then will display results that are filled with sponsored links which generate advertisement revenue for the Binarymove developers. Additionally, redirects to scam, phishing, or even malware-ridden websites may result in unexpected money loss, private data disclosure to unknown parties, computer infections, etc.

Name Binarymove virus 
Type Mac virus, potentially unwanted program 
Infiltration  users infect their macOS when downloading unapproved apps from third-party sites (software bundling) or after being tricked by a fake Flash update prompt
  • Pop-ups, in-text links, deals, banners, offers, coupons, and other ads populate all websites that you visit
  • Homepage and new tab address, along with a search engine, altered
  • Redirects lead to unknown and suspicious websites
  • Search results are filled with sponsored links and ads
  • Web browser is slow to respond and some pages do not load entireyl
Dangers  Installation of other potentially unwanted applications or malware, sensitive data disclosure due to scams, monetary loss, etc. 
Removal  Install a reputable anti-malware application like SpyHunter 5Combo Cleaner or Malwarebytes and perform a full system scan; alternatively, you could sometimes get rid of unwanted apps by resetting your browsers or cleaning Mac manually as per instructions below
Optimization  Various scams may offer you software to “speed up your Mac,” – these apps show false positives in order to boost sales but do not fix computer issues as promised. If you need a tool that can get rid of unneeded files for you quickly, enhancing its performance, resort to powerful tools like Reimage Reimage Cleaner Intego

Because Binarymove is a browser infection, it can also come as an extension/add-on. These programs can usually be eliminated relatively easily, although some might engage in borderline malicious behavior (such as establishing Profiles without permission, populating “.plist” files on the system, etc.) Therefore, Binarymove virus removal might sometimes not be that as easy as it may seem, as the unwanted app may disable extension removal function on Safari or another web browser altogether.

A particularly annoying feature of the Binarymove virus is the advertisements that are constantly displayed to Mac users – pop-ups, auto-play ads, in-text links, push notification prompts, and other intrusive content. These ads can sometimes hinder the content of the site, making regular web browsing activities difficult.

Binarymove PUP developers provide this intrusive content in order to monetize users' clicks on ads, sometimes compromising their safety. However, shady apps authors do not care about users' safety; that is why they often choose unsafe advertising platforms that serve scam messages and malicious popups.

For example, users infected with Binarymove may encounter the following:

  • Fake virus alerts. These typically claim that Mac is infected with malware, and needs to be fixed with some fake anti-virus software, which is actually malware itself.
  • Bogus Flash update prompts. Fake updates are commonly used to distribute adware and malware like Shlayer Trojan or Advanced Mac Cleaner.
  • Survey scams are designed to lure users into providing their personal information, such as email, name, phone number, or even credit card information.
  • Get-rich-quick scams[1] usually focus on promising users easy (but quick) earnings online – they ask to pay the initial “investment.” This money will never be recovered and is transferred directly into scammers' pockets.

While ads and redirects to suspicious sites may seem like a nuisance, it is important to note that interacting with the presented content might lead to malware infections, sensitive information (such as banking details) disclosure to cybercriminals, or monetary loss due to useless subscriptions or tech support scams.

Therefore, remove Binarymove virus before you suffer from its prescience. The easiest way to do it is by employing anti-malware software, although sometimes simply resetting browsers will suffice. In any case, if you want to optimize your Mac, use Reimage Reimage Cleaner Intego.

Binarymove PUP
Binarymove virus is an app that typically installed via software bundle packages or fake Flash update prompts

Avoid apps from third-party sites and watch out for fake Flash player prompts

Apple, along with other huge IT companies like Google and Microsoft, is aware of the increasing number of online scams and malware distribution attempts around the web. Therefore, corporations use multiple protection and precautionary measures to protect users from online threats. Despite that, there are still many dangers that simply cannot be contained, and the matter becomes worse when users start ignoring security advice from security experts and malware researchers.[2]

While Mac machines are considered to be safer than Windows, those who visit high-risk websites and download applications from third-party sites are at an elevated risk of malware infections. Thus, avoid such sources when possible – note that App Store alone holds approximately 1.8 million apps for your disposal, so there is plenty to choose from.

Nevertheless, if you insist on downloading apps from third-parties, beware of deception – pre-ticked boxes, fine print text, misplaced buttons, and other tricks are common within the installers. Besides, always opt for Advanced/Custom mode if such a setting exists, as it will allow you to get rid of optional programs before finalizing the installation.

Additionally, watch out for fake Flash (otherwise known as Shockwave Flash) update prompts – you should never “update” this plugin. The software is flawed, outdated, and is not needed by a regular computer user, as HTML 5 technology replaces it completely. Multiple software vulnerabilities[3] and its usage in scams prompted Adobe to cancel its support – it will be terminated at the end of 2020.[4]

Terminate Binarymove virus from your Mac

There are several methods to remove Binarymove virus from your computer – and it all depends on multiple factors, such as whether your machine is heavily infected (with malware), and which PUP is connected to the unwanted activity within your browser. In other words, each case is different and needs to be handled accordingly.

Because of this, we would first advise you to check your web browsers for unwanted extensions and get rid of everything you don't recognize. If some of the add-ons are grayed out and cannot be deleted, you should reset all the installed web browsers, as explained below.

In case that did not help, you will have to terminate a potentially unwanted application that is installed on your computer. First, try to enter Applications folder and then move the unknown apps to Trash and then look for the suspicious entries in the following folders:

  • /Library/LaunchAgents
  • /Library/Application Support
  • /Library/LaunchDaemons

Get rid of the unwanted Profiles:

  • Go to System Preferences…
  • Select Profiles
  • Get rid of the unwanted profile by clicking on “” at the bottom-left

And, finally, you should complete Binarymove virus removal by scanning your machine with reputable anti-malware software – it should be able to find all malicious files automatically (if you were not successful in finding them).

You may remove virus damage with a help of Reimage Reimage Cleaner Intego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.

do it now!
Reimage Happiness
Intego Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage Intego, submit a question to our support team and provide as much details as possible.
Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

To remove Binarymove virus, follow these steps:

Delete Binarymove from Mac OS X system

To get rid of unwanted apps via the Applications folder on macOS, follow these steps:

  1. If you are using OS X, click Go button at the top left of the screen and select Applications. Cick 'Go' and select 'Applications'
  2. Wait until you see Applications folder and look for Binarymove or any other suspicious programs on it. Now right click on every of such entries and select Move to Trash. Click on every malicious entry and select 'Move to Trash'

Erase Binarymove from Mozilla Firefox (FF)

Perform the following actions to reset Mozilla Firefox if you are having difficulties in terminating some browser extensions:

  1. Remove dangerous extensions
    Open Mozilla Firefox, click on the menu icon (top right corner) and select Add-ons Extensions. Click on menu icon and select 'Add-ons'
  2. Here, select Binarymove and other questionable plugins. Click Remove to delete these entries. Select 'Extensions' and look for malicious entries. Click 'Remove' to get rid of each of them
  3. Reset Mozilla Firefox
    Click on the Firefox menu on the top left and click on the question mark. Here, choose Troubleshooting Information. Click on menu icon and then on '?'. Select 'Troubleshooting Information'
  4. Now you will see Reset Firefox to its default state message with Reset Firefox button. Click this button for several times and complete Binarymove removal. Click on 'Reset Firefox' button for a couple of times

Remove Binarymove from Google Chrome

  1. Delete malicious plugins
    Open Google Chrome, click on the menu icon (top right corner) and select Tools Extensions. Click on menu icon. Select 'Tools' and 'Extensions'
  2. Here, select Binarymove and other malicious plugins and select trash icon to delete these entries. Look for malicious entries and delete each of them by clicking on the Trash bin icon
  3. Click on menu icon again and choose Settings Manage Search engines under the Search section. When in 'Settings', select 'Manage search engines...'
  4. When in Search Engines..., remove malicious search sites. You should leave only Google or your preferred domain name. Click 'X' to remove malicious URLs
  5. Reset Google Chrome
    Click on menu icon on the top right of your Google Chrome and select Settings.
  6. Scroll down to the end of the page and click on Reset browser settings. When in 'Settings', scroll down to 'Reset browser settings' button and click on it
  7. Click Reset to confirm this action and complete Binarymove removal. Click on 'Reset' button to complete your removal

Uninstall Binarymove from Safari

Reset Safari if you want to ensure that Binarymove ads do not return:

  1. Remove dangerous extensions
    Open Safari web browser and click on Safari in menu at the top left of the screen. Once you do this, select Preferences. Click on 'Safari' and select 'Preferences'
  2. Here, select Extensions and look for Binarymove or other suspicious entries. Click on the Uninstall button to get rid each of them. Go to 'Extensions' and uninstall malicious add-ons
  3. Reset Safari
    Open Safari browser and click on Safari in menu section at the top left of the screen. Here, select Reset Safari.... Click on 'Safari' and select 'Reset Safari...'
  4. Now you will see a detailed dialog window filled with reset options. All of those options are usually checked, but you can specify which of them you want to reset. Click the Reset button to complete Binarymove removal process. Select all options and click on 'Reset' button

About the author

Olivia Morelli
Olivia Morelli - Ransomware analyst

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Olivia Morelli
About the company Esolutions


Your opinion regarding Binarymove virus