APMHelper Mac ‘Virus’ Removal

George Herman
George Herman
IT Security Expert

Get a FREE scan to check for problems

Some infections like this virus can regenerate themselves. There is no better way to detect, remediate and prevent malware infection, than to use a professional anti-malware software like SpyHunter. One Application that is capable of solving all MAC problems.


SpyHunter Anti-Malware FREE 15-day trial available.

What is APMHelper

“APMHelper will damage your computer. You should move it to the Trash”

This is a pop-up, which appears because of malicious software activity on your Mac. It will claim that the APMHelper file is harmful and that you need to move it to the Trash. If you do as it tells you to, you may make matters even worse, as it may activate a script, supporting its nasty activities. The APMHelper parasite is known to perform various damaging actions on your PC, as well as spy on you.

How it is distributed

As mentioned, this pop-up appeared due to malware activity on your computer. The APMHelper parasite usually emerges after the user has installed unreliable software, often without their knowledge. Such applications fall into the PUA (potentially unwanted application) category. You may think you’re installing a useful program, but in reality, you’re also giving other software access to your PC. Such programs may be marked as ‘additional‘ in the installer and you should not ignore them. If you see them, make sure to opt out of their installation, since they often turn out to be malware in disguise. To make sure you have full control over the installation, always choose the custom or advanced option before you begin the process. This will make you able to see if the installer contains any hidden programs.

How it operates

Once the parasite gets active on your Mac, it will try to escalate its permissions. It may try creating a separate profile, so it can modify your browser settings and steal your personal data. Some of the things this PUA may do while it stays on your device:

  • disable your AV software;
  • download/install unreliable and harmful software;
  • spy on you through your web cam and microphone;
  • take screenshots;
  • read, modify or delete files on your computer;
  • log the keys you type.

The separate profile will also make you unable to remove it from your Mac when you click the ‘Move to Bin’ button. That being said, in order to get rid of the nasty PUA responsible for the APMHelper pop-up, you need to thoroughly remove every trace this parasite has left of itself on your Mac. This article will help you do that.

Staying safe from APMHelper

Apart from having a reliable AV software installed on your Mac, there are other things you can do to ensure your device’s safety. We highly recommend you to:

  • Pay close attention when you install third-party software, especially torrent files, so you don’t install shady additional applications that you don’t want. In most cases, that’s how malicious parasites are able to infect your computer;
  • Read any Terms and Conditions you see, so you know exactly what you agree to. The last thing you want is to unknowingly give permission to a nasty virus to infiltrate your Mac;
  • Follow links that lead to trustworthy sites only;
  • It is best to visit only reliable and official websites. You never know what dangers might lurk behind an unfamiliar site;
  • No matter how attractive an ad is, if you are not familiar with the website it redirects to, it might be best to steer clear of it and not click;
  • Always check the sender’s email address before opening a message. If it states that it’s from an official company, compare the email with the one given in their official page. If there is no match, delete the message, since it most likely is fake and has malicious aims;
  • Don’t open email attachments from unknown senders. More often than not, such files carry infections that can seriously damage your computer.

How to manually remove APMHelper from Mac

If you’ve had the misfortune of getting your Mac infected with the APMHelper PUA, the instructions below can help you to remove it manually. Here’s what you need to do:

1. Go to Utilities. You can do that by using the ⇧+⌘+U key combination, or by going to Finder and choosing Utilities from the Go main menu at the top.

2. Find Activity Monitor and double-click it.

3. A list will be displayed. Find any processes that seem suspicious to you and use the ‘Force Quit‘ option to quit them completely.

4. Open Finder. Click on the Go button from the main menu at the top, and choose Applications. An alternative way is to use the ⇧+⌘+A key combination.

5. Look for any suspicious applications, especially ones with a name similar to APMHelper. If any are found, right-click on them and select the ‘Move to Trash‘ option.

6. Remove any related left-over files by going to Finder‘s search bar and typing the name of the app you want to remove. Make sure to modify the two drop down menus above to ‘System Files‘ and ‘Are Included‘, so that any hidden files are visible for you to remove. Once you find the files you want to remove, simply drag them to Trash.

7. All that’s left for you to do is remove any related extensions to APMHelper from your Mac browsers.

For Mozilla Firefox extensions:

  • Open the Firefox browser and from the ‘burger’ menu in the top right corner of the window select ‘Add-ons’.
  • Select any suspicious extensions that may be related to the virus and click ‘Remove’.

For Google Chrome extensions:

  • Open the Chrome browser and select Tools > Extensions from the menu (the three dots in the top right corner of the browser window).
  • Locate any suspicious extensions that may be related to the virus and remove them.

For Safari extensions:

  • Open the Safari browser. From the Safari menu choose Preferences. Select Extensions from the options at the top.
  • Find any extensions you think are related to the virus, select them and click ‘Uninstall’. A new window will show up asking for confirmation. Click Uninstall again, for the extension to get deleted permanently from your browser.

Leave a Reply

Your email address will not be published. Required fields are marked *