Skip to content
  • Active
  • Severity: Medium
  • Adware
  • Windows
  • Verified · May 2022

How to remove DailyGuide Mac virus

A step-by-step removal guide for affected devices. Follow the verified procedure below — most readers complete it in under 10 minutes.

Alice Woods · Likes to teach users about virus prevention

DailyGuide is a malicious Mac application designed to steal user data and show intrusive ads

DailyGuide adware

DailyGuide is suspicious software you might find running on your Mac accidentally. It uses a unique icon that portrays a magnifying glass and manifests as a browser extension and the application. The application is installed with elevated permissions, which allows it to drop malicious files for persistence[1] and other malicious purposes. The browser extension, for example, can't be easily removed and is simply grayed out within the removal section.

The main goal of the DailyGuide virus is to ensure that users are fed ads on a regular basis so that revenue can be acquired. For that, it hijacks the homepage and the new tab address, administering an alternative provider. For example, users might find that their homepage always uses Safe Finder whenever a search function is used. Results are usually directed through Yahoo or another provider.

Name DailyGuide
Type Mac virus, adware, browser hijacker
Malware family Adload
Distribution Software bundles of illegal apps, peer-to-peer networks, fake Flash Player updates
Symptoms A new extension is installed on the browser, along with an application of the same name; search and browsing settings altered to an alternative search provider; new profiles and login items set up on the account; intrusive ads and redirects
Removal Although not recommended to novice users, manual elimination of Mac malware is possible. We recommend performing a full system scan with SpyHunterCombo Cleaner and removing all the malicious components automatically
Other tips For best performance and system remediation, employ FortectIntego. Also, cleaning web browser caches is highly advised after the elimination of malware for better privacy and security

Adload: a broad Mac malware family

DailyGuide Mac virus belongs to a broad adware family of Adload. It was first spotted back in 2017 and has had hundreds of versions released since then. Just recently, we have covered InfoMajorSearch, NetDivision, and AuraLookup.

Adload uses a distinctive naming pattern, which usually consists of randomly-generated, predetermined words hackers use. As already mentioned, all of the versions use a distinctive magnifying glass icon, usually placed on a teal, green, blue, or, most recently, gray background.

All malware versions are categorized as adware with browser-hijacking[2] capabilities, although their operation is rather malicious. For example, the strain uses distribution techniques that are common among malware creators (fake Flash Player updates, software cracks), and utilizes the built-in AppleScript to execute commands, which increases its persistence.

DailyGuide virus

Remove the main application

Before DailyGuide can be installed, users always have to enter their Apple ID, as Macs use this verification process for all unverified software installations. This permission then allows the virus to use AppleScript and put itself into the exception list of Mac's defenses, such as Gatekeeper and XProtect.[3] This means that the built-in security is no longer effective, and Adload can remain operating on the system without any interruptions.

Therefore, in order to remove the infection easily and effectively, we recommend using powerful third-party security solutions such as SpyHunterCombo Cleaner or MalwarebytesMalwarebytes. These apps can also serve as an extra layer of protection when dealing with Mac malware.

Below you can also find manual instructions for the virus removal. Using both manual and automatic removal can work the best in some cases, although if you are less IT-savvy, we recommend leaving the job for security software instead.

1. Remove the main application

Make sure you shut down the malicious processes before you attempt to remove the main application:

  • Open Applications folder
  • Select Utilities
  • Double-click Activity Monitor
  • Here, look for suspicious processes related to adware and use the Force Quit command to shut them down
  • Go back to the Applications folder
  • Find UpgradedPlatform in the list and move it to Trash.

2. Remove Login items and User groups

Login items ensure that the app starts as soon as the computer boots, and Profiles are used to manage various account settings. Get rid of malware-related components:

  • Go to Preferences and pick Accounts
  • Click Login items and delete everything suspicious
  • Next, pick System Preferences > Users & Groups
  • Find Profiles and remove unwanted profiles from the list.

3. Get rid of leftover files

The PLIST files are small config files, also known as “Properly list.” They hold various user settings and hold information about certain applications. In order to remove the virus, you have to find the related PLIST files and remove them.

  • Select Go > Go to Folder.
  • Enter /Library/Application Support and click Go or press Enter.
  • In the Application Support folder, look for any suspicious entries and then delete them.
  • Now enter /Library/LaunchAgents and /Library/LaunchDaemons folders the same way and terminate all the related .plist files.Uninstall from Mac 2

Remove the extension and clean your browser

Regardless of whether you eliminated the main app manually or automatically, you should still pay attention to your browser. Security software should be able to tackle the browser extension for you, but if you choose to remove it manually, proceed with the following steps:

Safari

  1. Click Safari > Preferences…
  2. In the new window, pick Extensions.
  3. Select the unwanted extension and select Uninstall.Remove extensions from Safari

Google Chrome

  1. Open Google Chrome, click on the Menu (three vertical dots at the top-right corner) and select More tools > Extensions.
  2. In the newly opened window, you will see all the installed extensions. Uninstall all the suspicious plugins that might be related to the unwanted program by clicking Remove.Remove extensions from Chrome

If you were unable to delete the extension in a regular way and it is still grayed out for you, you should simply reset your browser.

Safari

  1. Click Safari > Preferences…
  2. Go to Advanced tab.
  3. Tick the Show Develop menu in menu bar.
  4. From the menu bar, click Develop, and then select Empty Caches.Reset Safari

Google Chrome

  1. Click on Menu and select Settings.
  2. In the Settings, scroll down and click Advanced.
  3. Scroll down and locate Reset and clean up section.
  4. Now click Restore settings to their original defaults.
  5. Confirm with Reset settings.Reset Chrome 2

Finally, make sure that your browser caches are deleted. Adware often inserts various trackers that are stored locally – they might remain operational even if the infection is removed. For example, cookies might stay on the computer for years, tracking various user activities in the background and sending that information to third parties. If you want to perform the cleaning process automatically, employ FortectIntego or proceed with the following steps:

Safari

  1. Click Safari > Preferences…
  2. Go to the Advanced tab.
  3. Tick the Show Develop menu in the menu bar.
  4. From the menu bar, click Develop, and then select Empty Caches.Reset Safari

Google Chrome

  1. Click on Menu and select Settings.
  2. In the Settings, scroll down and click Advanced.
  3. Scroll down and locate Reset and clean up section.
  4. Now click Restore settings to their original defaults.
  5. Confirm with Reset settings.Reset Chrome 2

If you are using MS Edge or Mozilla Firefox, check out the instructions below.

Remove from Microsoft Edge

Delete unwanted extensions from MS Edge:

  1. Select Menu (three horizontal dots at the top-right of the browser window) and pick Extensions.
  2. From the list, pick the extension and click on the Gear icon.
  3. Click Remove.Remove extensions from Edge

Clear cookies and other browser data:

  1. Click on the Menu (three horizontal dots at the top-right of the browser window) and select Settings > Privacy, search, and services..
  2. Under Clear browsing data, pick Choose what to clear.
  3. Select Cookies and other site data and Cached images and files. (apart from passwords, although you might want to include Media licenses as well, if applicable) and click on Clear.Clear Edge browsing data

Restore new tab and homepage settings:

  1. Click the menu icon and choose Settings.
  2. Then find On startup section.
  3. Click Remove next to any suspicious startup page.

Reset MS Edge if the above steps did not work:

  1. Press on Ctrl + Shift + Esc to open Task Manager.
  2. Click on More details arrow at the bottom of the window.
  3. Select Details tab.
  4. Now scroll down and locate every entry with Microsoft Edge name in it. Right-click on each of them and select End Task to stop MS Edge from running.Reset MS Edge

Instructions for Chromium-based Edge

Delete extensions from MS Edge (Chromium):

  1. Open Edge and click select Settings > Extensions.
  2. Delete unwanted extensions by clicking Remove.Remove extensions from Chromium Edge

Clear cache and site data:

  1. Click on Menu and go to Settings.
  2. Select Privacy, search and services.
  3. Under Clear browsing data, pick Choose what to clear.
  4. Under Time range, pick All time.
  5. Select Clear now.Clear browser data from Chroum Edge

Reset Chromium-based MS Edge:

  1. Click on Menu and select Settings.
  2. On the left side, pick Reset settings.
  3. Select Restore settings to their default values.
  4. Confirm with Reset.
  5. This will disable extensions and reset startup pages but will not delete bookmarks, saved passwords, or browsing history.Reset Chromium Edge

Remove from Mozilla Firefox (FF)

Remove dangerous extensions:

  1. Open Mozilla Firefox browser and click on the Menu (three horizontal lines at the top-right of the window).
  2. Select Add-ons.
  3. In here, select the unwanted extension and click Remove.Remove extensions from Firefox

Reset the homepage:

  1. Click three horizontal lines at the top right corner to open the menu.
  2. Choose Settings.
  3. Under Home, set your preferred homepage and new tab settings.

Clear cookies and site data:

  1. Click Menu and pick Settings.
  2. Go to Privacy & Security section.
  3. Scroll down to locate Cookies and Site Data.
  4. Click on Clear Data...
  5. Select Cookies and Site Data and Temporary cached files and pages, then click Clear.Clear cookies and site data from Firefox

Reset Mozilla Firefox

If clearing the browser as explained above did not help, reset Mozilla Firefox:

  1. Open Mozilla Firefox browser and click the Menu.
  2. Go to Help and then choose Troubleshooting Information.Reset Firefox 1
  3. Under Give Firefox a tune up section, click on Refresh Firefox...
  4. Once the pop-up shows up, confirm the action by pressing on Refresh Firefox.Reset Firefox 2

Be the first to comment

Spyware news
Privacy preferences

We use cookies to improve your experience and analyze traffic. Some cookies enable embedded content like videos and social posts. Choose what you allow — you can change this anytime.