Chill Tab virus removal from Mac is on numerous users’ to-do list because it changes browser settings without permission and harvests sensitive information.
- What is Chill Tab virus?
- Remove Chill Tab virus from Mac manually
- Restore web browser settings to their original defaults
- Remove Chill Tab virus from Mac using a security suite
What is Chill Tab virus?
There are several serious concerns about the behavioral quirks of the Chill Tab Mac app. Contrary to regular software in general and browser add-ons in particular, it ignores such a crucial thing as the user’s approval when making significant changes to the way the web surfing is done. It literally trespasses on a computer behind the victim’s back and then imposes its fishy search provider at tab.chill-tab.com or search.chill-tab.com by tampering with the browsing preferences. In addition to these unsanctioned modifications, Chill Tab engages in a sort of covert reconnaissance on the plagued Mac, collecting potentially fingerprintable information about the user and therefore poses a privacy risk. Another disconcerting fact is that although this app was first flagged malicious more than a year ago, the affiliated pseudo search provider continues to successfully escape blacklisting mechanisms in all popular browsers.
The landing pages that the infected Mac users are forced to visit iteratively look normal and even appear to be professionally tailored. However, both the tab.chill-tab.com and search.chill-tab.com websites are simply appealing wrappings with no real functionality behind them. Whatever you type in the search box, the results will be returned by the Yahoo! custom search engine rather than anything that sounds like Chill Tab. By the way, the linked-to pages are associated with another oldie on the arena of Mac PUAs (potentially unwanted apps) called Safe Finder. So, to recap on this particular subject, Chill Tab claims to enhance one’s online experience but turns out to be a dummy that causes inconveniences and a great deal of irritation to those infected. Obviously, that’s not the way legit software works.
The Chill Tab Mac virus drives traffic to its junk web service by changing the victim’s Internet defaults. It is a cross-browser entity, therefore it supports Safari, Google Chrome, and Mozilla Firefox to an equal extent. The configuration-tweaking routine comes down to altering the homepage, preferred search engine, and new tab page in the targeted browser. The baddie replaces the original values with the fake provider being promoted. By the way, whereas search.chill-tab.com and tab.chill-tab.com are pretty replicas of each other functionally and only differ on the outside (design-wise), the latter has been prevalent during the final quarter of 2018. At the end of the day, the aftermath of this malware attack is that the victims can’t stop being redirected to either nag page when they open their browser of choice, try to do a web search, or trigger a new tab. To top it off, the infection may additionally display bogus browser update alerts in an attempt to trick the user into downloading malicious programs disguised as something benign.
It goes without saying that the app in question doesn’t belong on a Mac. Its authors have no respect for users’ decision-making prerogative and engage in a dirty traffic monetization stratagem. So, continue reading to get a complete Chill Tab virus removal walkthrough.
Remove Chill Tab virus from Mac manually
If you are okay with manual troubleshooting, use the following steps to uninstall the Chill Tab rogue app from your Mac. Be advised the persistence mechanisms employed by the infection may prevent this technique from being ultimately effective. One way or another, here’s the workflow:
• Open the Utilities directory under the Go menu in your Mac’s Finder.
• When on the Utilities pane, select Activity Monitor (the Mac equivalent of Task Manager).
• Once the Activity Monitor screen appears, check the list of running processes for an item you don’t recognize. Highlight that entry and click on the Quit Process option (button with the X symbol on it). The system will respond to this action with a confirmation dialog, where you should select Force Quit.
• Now go back to your desktop, expand the Go menu and pick Applications in the drop-down.
• Spot the suspicious entry under Applications, right-click it, and select the Move to Trash option. Your Mac may request your administrator password at this point – enter it if that’s the case.
• Next, go to the Apple menu and choose System Preferences in the drop-down as shown below.
• Proceed to Users & Groups and select Login Items. Your Mac will display the list of apps that are executed automatically at boot time. Find the unwanted entry on that list and click on the “-” (minus) button down at the bottom.
• While on the System Preferences screen, select Profiles. Spot the suspicious configuration profile and click the “-” (minus) button.
• Move on to the Go drop-down menu in the Finder and click the Go to Folder option.
• When the folder search box appears, enter the following path in it: ~/Library/LaunchAgents and click Go.
• Having accessed the LaunchAgents folder, look for suspicious items in it and, if found, send them all to the Trash.
• Follow the same logic to browse to folders named /Library/LaunchAgents (no tilde prepended), /Library/LaunchDaemons, and ~Library/Application Support. Look for potentially unwanted objects and send them to the Trash once spotted.
When done with the manual process of Chill Tab removal, take your time and check if the virus has vanished from your Mac. If it continues to cause browser redirects, move on to the following section of this tutorial.
Restore web browser settings to their original defaults
In the circumstances of a complex browser hijack like this, executing a reset makes the most sense despite a few obvious downsides. Customizations such as saved passwords, bookmarked pages etc. will be gone, but so will all the changes made by the potentially unwanted program. The instructions below address the workflow for the web browsers most targeted by the Search.chill-tab.com virus.
Clean up Safari
• Go to the Safari menu and select Preferences.
• When on the Safari Preferences screen, select the Privacy tab and hit the Manage Website Data button if you are up to erasing all website data stored on your Mac (this is recommended in the SearchMarquis hijack situation).
• A dialog will appear, asking you to validate your choice. Click the Remove All button if you are sure. Be advised that this will log you out of online services and undo personalized web browser settings such as saved passwords, etc.
• With Safari opened, click Develop in the Finder bar and select Empty Caches.
• Expand the History menu in the Finder area and click Clear History at the bottom of the list.
• Keep the all history option selected (it’s the default one) and click Clear History.
• Restart Safari.
Reset Google Chrome
• Click Customize and control Google Chrome (⁝) in the upper right-hand part of the window and select Settings. Another way is to type chrome://settings in the URL bar and press Enter.
• Move on to the Advanced area under Settings.
• Find the Reset settings subsection and click the Restore settings to their original defaults link within it.
• The browser will display a popup dialog asking if you are sure you want to restore settings to their original defaults. Confirm by clicking Reset settings.
• Restart Chrome.
Reset Mozilla Firefox
• Open Firefox, type about:support in the URL area and press Enter. Alternatively, you can go to Help - Troubleshooting Information
• Click on the Refresh Firefox button and confirm the changes.
• Restart Firefox.
Remove Chill Tab virus from Mac using a security suite
The most effective way to curb increasingly sneaky and persistent Mac threats is to use trusted security software. The award-winning Intego Mac Premium Bundle X9 is one of the best options across the anti-malware spectrum.
Its VirusBarrier component boasts a high detection rate and an outstanding cleaning capability. Additionally, the product comes packed with online security, optimization, and data backup features. Follow the steps below to use this sure-shot removal method.
1. Download Intego Mac Premium Bundle X9 installer and run it. The setup client’s prompts will walk you through the installation.
2. Open Launchpad from your Dock and select the just-added VirusBarrier app.
3. Click the Full Scan button to have your Mac checked for security issues.
4. The first full scan may take 10 minutes or more, depending on the size of your disk. VirusBarrier will keep you informed about the number of files it has already checked.
5. When the scan is through, the app will display a report that provides a summary of the detected malicious items and the total number of files checked. Click Select All and then Quarantine to move the threats to an isolated environment so that they can no longer harm your system.
6. Click the Quarantine tab in the upper toolbar and examine the files listed there. If you are sure all of them are malicious (which is most likely the case), click Repair All to completely eradicate these items from your Mac.