DominantCommand Mac virus (Free Guide)

DominantCommand Mac virus Removal Guide

What is DominantCommand Mac virus?

DominantCommand is a malicious Mac application capable of stealing personal information

DominantCommandDominantCommand stems from a broad malware family known as Adload

DominantCommand is a type of Mac virus that belongs to the Adload malware family. It infects Mac computers by injecting itself into Safari or other web browsers and displaying unwanted ads and pop-ups. The virus redirects users to malicious websites and can also track and steal sensitive information, such as browsing history, passwords, and credit card details. It consists of two main components – a browser extension and the main application, installed on the system level.

Due to its ability to bypass built-in Mac defenses, it might be difficult to remove DominantCommand. If the elimination process is not executed correctly or is unfinished, the virus and even other Adload versions could be installed on the system again. To bypass this, please follow the comprehensive guidelines below on how to get rid of this infection from your Mac.

Name DominantCommand
Type Mac virus, adware, browser hijacker
Malware family Adload
Distribution Third-party websites distributing pirated software, software bundles, fake Flash Player updates
Symptoms Installs a new extension and application on the system; changes homepage and new tab of the browser; inserts ads and malicious links; tracks sensitive user data via extension
Removal The easiest way to remove Mac malware is to perform a full system scan with SpyHunter 5Combo Cleaner security software. We also provide a manual guide below
System optimization Once you've removed the virus and all its components, we also recommend scanning your device with FortectIntego to clean out your browsers and any other leftover or junk files

How DominantCommand spreads

DominantCommand is a type of malware that primarily targets Mac users. This virus is known to spread through various means, including fake Flash Player updates and downloading software from unofficial sources.

One of the most common ways Adload versions spread is through fake Flash Player updates. Cybercriminals create fake websites that mimic the appearance of legitimate Adobe websites, encouraging users to download a fake Flash Player update. Once the user clicks the download button, they unwittingly download and install the virus onto their computer.

These fake websites are designed to look convincing, with logos and images that mimic the genuine Adobe site. They often use scare tactics to pressure users into downloading the fake update, claiming that their computer is at risk of being hacked or that they won't be able to access certain content without the update. Unfortunately, many users fall for these tricks and infect their Macs with the DominantCommand virus.

DominantCommand virus

Another way that this malware spreads is through downloading software from unofficial sources. Cybercriminals often create cracked versions of popular software, including Adobe products, VPNs, and security software. These cracked versions are often advertised as a way to get the software for free, but in reality, they are bundled with malware like DominantCommand.

Users who download these cracked versions often do so because they don't want to pay for the software or because they don't want to go through the official channels to purchase it. However, by downloading from unofficial sources, they open themselves up to a host of potential security risks. In addition to the DominantCommand virus, they could also unwittingly download other types of malware, such as trojans or spyware.

Purpose and capabilities

DominantCommand is, while primitive, a highly capable malware. Like its predecessor ExpandedOrigin, it is classified as adware because its primary function is to display ads in the browser or through other means. However, it is more than just a simple adware application, as it can perform actions beyond the scope of regular adware.

One of the most significant risks is malware's ability to install additional applications without the user's knowledge or consent. This can lead to installing other malware strains that can further compromise the security of the infected system. Additionally, the virus can steal sensitive user information, such as account passwords and credit card details, which can be used for identity theft or other malicious purposes.

DominantCommand also has elevated system permissions, which makes it challenging to remove completely from an infected system. The malware drops several malicious files, creates new profiles and login items, and uses built-in AppleScript to bypass detection by XProtect and Gatekeeper. Even if the main app or extension is removed, the malware can continue to operate, and the files and login items can reappear.

Due to its advanced impact, DominantCommand poses a significant threat to computer security and user privacy. It is essential to take immediate action to remove the malware from infected systems and take steps to prevent future infections. This includes avoiding downloading software from unofficial sources and keeping all software up to date with the latest security patches.

Removal explained

As the DominantCommand virus has been reported to bypass built-in Mac protection, we highly recommend conducting a thorough system scan using reliable anti-malware software such as SpyHunter 5Combo Cleaner or Malwarebytes. This will ensure the removal of all malicious components in one go. If you prefer manual elimination, keep in mind that clearing your browser caches is a necessary step regardless of the approach you choose.

The malware will likely run hidden processes in the background to carry out its harmful activities. To start the elimination process, we advise you to terminate any suspicious processes and then delete the main app by dragging it to the trash bin.

  • Open Applications folder
  • Select Utilities
  • Double-click Activity Monitor
  • Here, look for suspicious processes and use the Force Quit command to shut them down
  • Go back to the Applications folder
  • Find the malicious entry and place it in Trash.Uninstall from Mac 1

Login items ensure that the app starts as soon as the computer boots, and Profiles are used to manage various account settings. Get rid of malware-related components:

  • Go to Preferences and pick Accounts.
  • Click Login items and delete everything suspicious.
  • Next, pick System Preferences > Users & Groups.
  • Find Profiles and remove unwanted profiles from the list.

The PLIST files are small config files, also known as “Properly list.” They hold various user settings and hold information about certain applications. To remove the virus, you should find the related PLIST files and delete them as follows:

  • Select Go > Go to Folder.
  • Enter /Library/Application Support and click Go or press Enter.
  • In the Application Support folder, look for any dubious entries and then delete them.
  • Now enter /Library/LaunchAgents and /Library/LaunchDaemons folders the same way and terminate all the related .plist files.Uninstall from Mac 2

Clearing web browsers

The DominantCommand extension plays a critical role in the activities of the virus. It alters significant browser settings such as the homepage, new tab address, and search provider to deliver users a steady flow of ads. Additionally, it enables the malware to read and gather all the information typed into the browser, including sensitive data such as account passwords and credit card details.

If you have opted for the automatic elimination method, the browser extension should have been removed, and there's no need to worry about it. However, if you have chosen the manual solution, you need to ensure that the extension is deleted by following these steps:


  • Click Safari > Preferences…
  • In the new window, pick Extensions.
  • Select the unwanted extension and select Uninstall.Remove extensions from Safari

Google Chrome

  • Open Google Chrome, click on the Menu (three vertical dots at the top-right corner) and select More tools > Extensions.
  • In the newly opened window, you will see all the installed extensions. Uninstall all the suspicious plugins that might be related to the unwanted program by clicking Remove.Remove extensions from Chrome

Next, you must clear Safari or other browser caches, including cookies that are so often used to track you. Note that if you use the FortectIntego maintenance tool, you may quickly and efficiently remove various obsolete files and trackers without doing it manually.


  • Click Safari > Clear History…
  • From the drop-down menu under Clear, pick all history.
  • Confirm with Clear History.Clear cookies and website data from Safari

Google Chrome

  • Click on Menu and pick Settings.
  • Under Privacy and security, select Clear browsing data.
  • Select Browsing history, Cookies and other site data, as well as Cached images and files.
  • Click Clear data.Clear cache and web data from Chrome

Finally, you may have noticed that the virus' browser extension has returned, or you could not eliminate it in the first place. If that's the case, you should opt for a full browser reset.


  • Click Safari > Preferences…
  • Go to the Advanced tab.
  • Tick the Show Develop menu in the menu bar.
  • From the menu bar, click Develop, and then select Empty Caches.Reset Safari

Google Chrome

  • Click on Menu and select Settings.
  • In Settings, scroll down and click Advanced.
  • Scroll down and locate Reset and clean up section.
  • Now click Restore settings to their original defaults.
  • Confirm with Reset settings.Reset Chrome 2
do it now!
Fortect Happiness
Intego Happiness
Compatible with Microsoft Windows Compatible with macOS
What to do if failed?
If you failed to fix virus damage using Fortect Intego, submit a question to our support team and provide as much details as possible.
Fortect Intego has a free limited scanner. Fortect Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Fortect, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

How to prevent from getting adware

Do not let government spy on you

The government has many issues in regards to tracking users' data and spying on citizens, so you should take this into consideration and learn more about shady information gathering practices. Avoid any unwanted government tracking or spying by going totally anonymous on the internet. 

You can choose a different location when you go online and access any material you want without particular content restrictions. You can easily enjoy internet connection without any risks of being hacked by using Private Internet Access VPN.

Control the information that can be accessed by government any other unwanted party and surf online without being spied on. Even if you are not involved in illegal activities or trust your selection of services, platforms, be suspicious for your own security and take precautionary measures by using the VPN service.

Backup files for the later use, in case of the malware attack

Computer users can suffer from data losses due to cyber infections or their own faulty doings. Ransomware can encrypt and hold files hostage, while unforeseen power cuts might cause a loss of important documents. If you have proper up-to-date backups, you can easily recover after such an incident and get back to work. It is also equally important to update backups on a regular basis so that the newest information remains intact – you can set this process to be performed automatically.

When you have the previous version of every important document or project you can avoid frustration and breakdowns. It comes in handy when malware strikes out of nowhere. Use Data Recovery Pro for the data restoration process.

About the author
Ugnius Kiguolis
Ugnius Kiguolis - The mastermind

If this free guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Ugnius Kiguolis
About the company Esolutions