Get rid of "* will damage your computer. You should move it to the Trash." pop-ups

Also Known As: "* will damage your computer. You should move it to the Bin." pop-up
Type: Mac Virus
Distribution: Moderate
Damage level: Medium

How to remove "* will damage your computer. You should move it to the Trash." from Mac?

What is "* will damage your computer. You should move it to the Trash."?

"* will damage your computer. You should move it to the Trash." is a message that appears in a pop-up window on MacOS Catalina operating systems. In other cases these pop-ups contain message saying "* will damage your computer. You should move it to the Bin.". Either way, these pop-ups are displayed when adware, browser hijackers or unwanted applications are present in the system. It is very likely that people who see such pop-ups had those unwanted apps already installed prior to updating their operating system to Catalina.

* will damage your computer. You should move it to the Trash. scam

Apps that cause "* will damage your computer. You should move it to the Trash." and similar pop-ups get installed through various unwanted apps (their setups) that usually are promoted through untrustworthy, deceptive pages. Here are some examples of those unwanted apps: Mac Cleanup Pro, Smart Mac Booster and Advanced Mac Cleaner. Simply said, people who installed any of these apps probably were tricked into installing other unwanted apps, the ones that cause the aforementioned pop-ups, too. There are many cases where setups of unwanted apps are used to distribute adware, browser hijackers and other unwanted software. It means that apps that display pop-ups like "* will damage your computer. You should move it to the Trash." might be designed to serve ads, gather various information, and so on. One way or another, we advise to remove all apps of this type that are installed on computers/systems (or browsers) as soon as possible. There's a high credibility that there will be some leftovers (unwanted files) even if you'll remove these apps manually. For this reason, we recommend to perform a full system scan and delete detected files by using a reputable anti-virus/anti-spyware suite (e.g., Combo Cleaner).

Threat Summary:
Name "* will damage your computer. You should move it to the Trash." pop-up
Threat Type Mac malware, Mac virus
Symptoms Your Mac became slower than normal, you see unwanted pop-up ads, you get redirected to shady websites.
Distribution methods Deceptive pop-up ads, free software installers (bundling), fake flash player installers, torrent file downloads.
Damage Internet browsing tracking (potential privacy issues), displaying of unwanted ads, redirects to shady websites, loss of private information.
Removal

To eliminate * will damage your computer. You should move it to the Bin. pop-up our malware researchers recommend scanning your computer with Combo Cleaner.
▼ Download Combo Cleaner
Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Combo Cleaner.

Examples of apps that are being mentioned in the displayed pop-ups are: APMHelper, FocusReportingService, HIPRADE, Helperamc, Helpermcp, MapsAndDirections-1668307, ProntoApp, Smbstrhlpr, Source.app, WebSocketServerApp, hlpradc, maftask, spchlpr. If any of these apps are installed on MacOS Catalina, they should be removed with a reputable antivirus software like Combo Cleaner immediately. Instructions on how to do that are provided below.

How did potentially unwanted applications install on my computer?

In some cases potentially unwanted apps can be downloaded from their download pages. Nevertheless, most people download (and install) them either through intrusive ads that they have intentionally or unintentionally clicked, or when software developers use a deceptive marketing method called "bundling". Developers use this method to trick people into unwanted downloads or installations. To be more precise, they include unwanted apps in download or installations setups of other software and hide information about it in their "Custom", "Advanced" other similar settings. People who leave them unchanged (unchecked) agree with additional downloads or/and installations of unwanted apps by themselves.

How to avoid installation of potentially unwanted applications?

We recommend not to use various third party downloaders or installers tools, Peer-to-Peer networks like torrent clients, eMule, unofficial websites and other similar download sources. The safest way to download programs and files is to use official and trustworthy websites/sources and direct download links. Additionally, we advise to always check settings that are available in any download, installation setup and to dismiss offers to download or install additionally included apps. Furthermore, it is not safe to click ads that are displayed on shady pages (related to gambling, pornography, adult dating, and so on). To prevent a browser from opening untrustworthy pages or showing ads, we recommend to uninstall all unwanted extensions, plug-ins or add-ons that are installed on it and apply this to programs of this kind that are installed on the operating system too. If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for macOS to automatically eliminate them.

Examples of messages displayed in these pop-up windows:

Example 1:

"app_name" will damage your computer.

You should move it to the Trash.

This file was downloaded on an unknown date.

Report malware to Apple to protect other users

Example 2:

"app_name" will damage your computer.

You should move it to the Bin.

This file was downloaded on an unknown date.

Report malware to Apple to protect other users

Examples of pop-ups displayed when these rogue apps are present:

helper Will Damage Your Computer. You Should Move It To The Trash. source.app Will Damage Your Computer. You Should Move It To The Trash. amcuninstall Will Damage Your Computer. You Should Move It To The Trash. mcpuninstall Will Damage Your Computer. You Should Move It To The Trash. smbstruninstall Will Damage Your Computer. You Should Move It To The Trash.

IMPORTANT NOTE! Most of these rogue applications are hidden deep in the system and they do not appear in any list of installed software. Therefore, removal process might be complicated. Let's take the aforementioned Smbstrhlpr as an example:

The main list of files that are associated with Smbstrhlpr and should be removed from the operating system includes:

  • ~/Library/Application Support/smbstr/smbstrhlpr
  • ~/Library/Application Support/smbstr/smbstruninstall
  • ~/Library/Application Support/smbstr/com.smbstrhlpr.smbstrhlpr.plist
  • ~/Library/Application Support/smbstr/com.smbstruninstall.smbstruninstall.plist
  • ~/Library/LaunchAgents/com.smbstrhlpr.smbstrhlpr.plist

However, simply deleting these files will not work, since deleting this application without firstly terminating its associated process is impossible. The problem is that the process is automatically re-started immediately it is terminated. Therefore, to remove this application, you must perform the following steps:

1) Navigate to the "~/Library/Application Support/smbstr/" directory, right-click on the "smbstrhlpr" application, and select "Show Package Contents":

Smbstrhlpr Show Package Contents

2) Navigate to the "Contents/MacOS" directory and delete the "smbstrhlpr" application:

Smbstrhlpr delete executable

3) Once the previous steps are performed, the process associated with the Smbstrhlpr application will no longer be automatically re-started and you will be able to easily terminate it and remove the remaining application files:

Smbstrhlpr process in Activity Monitor

Note that Smbstrhlpr is only one of many examples - files of other apps will be stored in different locations. Yet it is almost certain that they'll be stored somewhere in "~/Library/Application Support/" directory. For instance, Helperamc's files are stored in "~/Library/Application Support/amc/", Helpermcp's files are stored in "~/Library/Application Support/mcp/" and so forth. In other words, users who encounter such pop-ups should closely analyze the entire "~/Library/Application Support/" directory and search for sub-directories with questionable names, and, if found, perform the aforementioned steps (right-click the executable and select "Show Package Contents", navigate to "Contents/MacOS" directory and delete the executable within, etc.) Additionally, we strongly advise to scan the system with a reputable anti-virus/anti-spyware suite (especially if you haven't found any questionable files), such as Combo Cleaner and eliminate all detected threats. By doing so you will assure that the system is clean and no longer contains files that may damage it.

Instant automatic removal of * will damage your computer. You should move it to the Bin. pop-up: Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of * will damage your computer. You should move it to the Bin. pop-up. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner for Mac By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Combo Cleaner.

Quick menu:

Video showing how to remove applications causing "* Will Damage Your Computer. You Should Move It To The Trash." pop-up messages using Combo Cleaner:

Potentially unwanted applications removal:

Remove potentially unwanted applications from your "Applications" folder:

mac browser hijacker removal from applications folder

Click the Finder icon. In the Finder window, select "Applications". In the applications folder, look for "MPlayerX", "NicePlayer", or other suspicious applications and drag them to the Trash. After removing the potentially unwanted application(s) that cause online ads, scan your Mac for any remaining unwanted components.

Remove "* will damage your computer. you should move it to the bin." pop-up related files and folders:

Finder go to folder command

Click the Finder icon, from the menu bar. Choose Go, and click Go to Folder...

step1Check for adware-generated files in the /Library/LaunchAgents folder:

removing adware from launch agents folder step 1

In the Go to Folder... bar, type: /Library/LaunchAgents

removing adware from launch agents folder step 2
In the “LaunchAgents” folder, look for any recently-added suspicious files and move them to the Trash. Examples of files generated by adware - “installmac.AppRemoval.plist”, “myppes.download.plist”, “mykotlerino.ltvbit.plist”, “kuklorest.update.plist”, etc. Adware commonly installs several files with the same string.

step2Check for adware generated files in the /Library/Application Support folder:

removing adware from application support folder step 1

In the Go to Folder... bar, type: /Library/Application Support

removing adware from application support folder step 2
In the “Application Support” folder, look for any recently-added suspicious folders. For example, “MplayerX” or “NicePlayer”, and move these folders to the Trash.

step3Check for adware-generated files in the ~/Library/LaunchAgents folder:

removing adware from ~launch agents folder step 1


In the Go to Folder bar, type: ~/Library/LaunchAgents

removing adware from ~launch agents folder step 2

In the “LaunchAgents” folder, look for any recently-added suspicious files and move them to the Trash. Examples of files generated by adware - “installmac.AppRemoval.plist”, “myppes.download.plist”, “mykotlerino.ltvbit.plist”, “kuklorest.update.plist”, etc. Adware commonly installs several files with the same string.

step4Check for adware-generated files in the /Library/LaunchDaemons folder:

removing adware from launch daemons folder step 1
In the Go to Folder... bar, type: /Library/LaunchDaemons

removing adware from launch daemons folder step 2
In the “LaunchDaemons” folder, look for recently-added suspicious files. For example “com.aoudad.net-preferences.plist”, “com.myppes.net-preferences.plist”, "com.kuklorest.net-preferences.plist”, “com.avickUpd.plist”, etc., and move them to the Trash.

step 5 Scan your Mac with Combo Cleaner:

If you have followed all the steps in the correct order you Mac should be clean of infections. To be sure your system is not infected run a scan with Combo Cleaner Antivirus. Download it HERE. After downloading the file double click combocleaner.dmg installer, in the opened window drag and drop Combo Cleaner icon on top of the Applications icon. Now open your launchpad and click on the Combo Cleaner icon. Wait until Combo Cleaner updates it's virus definition database and click "Start Combo Scan" button.

scan-with-combo-cleaner-1

Combo Cleaner will scan your Mac for malware infections. If the antivirus scan displays "no threats found" - this means that you can continue with the removal guide, otherwise it's recommended to remove any found infections before continuing.

scan-with-combo-cleaner-2

After removing files and folders generated by the adware, continue to remove rogue extensions from your Internet browsers.

"* will damage your computer. You should move it to the Bin." pop-up removal from Internet browsers:

safari browser iconRemove malicious extensions from Safari:

Remove "* will damage your computer. you should move it to the bin." pop-up related Safari extensions:

safari browser preferences

Open Safari browser, from the menu bar, select "Safari" and click "Preferences...".

safari extensions window

In the preferences window, select "Extensions" and look for any recently-installed suspicious extensions. When located, click the "Uninstall" button next to it/them. Note that you can safely uninstall all extensions from your Safari browser - none are crucial for normal browser operation.

  • If you continue to have problems with browser redirects and unwanted advertisements - Reset Safari.

firefox browser iconRemove malicious plug-ins from Mozilla Firefox:

Remove "* will damage your computer. you should move it to the bin." pop-up related Mozilla Firefox add-ons:

accessing mozilla firefox add-ons

Open your Mozilla Firefox browser. At the top right corner of the screen, click the "Open Menu" (three horizontal lines) button. From the opened menu, choose "Add-ons".

removing malicious add-ons from mozilla firefox

Choose the "Extensions" tab and look for any recently-installed suspicious add-ons. When located, click the "Remove" button next to it/them. Note that you can safely uninstall all extensions from your Mozilla Firefox browser - none are crucial for normal browser operation.

  • If you continue to have problems with browser redirects and unwanted advertisements - Reset Mozilla Firefox.

chrome-browser-iconRemove malicious extensions from Google Chrome:

Remove "* will damage your computer. you should move it to the bin." pop-up related Google Chrome add-ons:

removing malicious google chrome extensions step 1

Open Google Chrome and click the "Chrome menu" (three horizontal lines) button located in the top-right corner of the browser window. From the drop-down menu, choose "More Tools" and select "Extensions".

removing malicious Google Chrome extensions step 2

In the "Extensions" window, look for any recently-installed suspicious add-ons. When located, click the "Trash" button next to it/them. Note that you can safely uninstall all extensions from your Google Chrome browser - none are crucial for normal browser operation.

  • If you continue to have problems with browser redirects and unwanted advertisements - Reset Google Chrome.

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

Removal Instructions in other languages
Malware activity

Global virus and spyware activity level today:

Medium threat activity
Medium

Increased attack rate of infections detected within the last 24 hours.

QR Code
* will damage your computer. You should move it to the Bin. pop-up QR code
A QR code (Quick Response Code) is a machine-readable code which stores URLs and other information. This code can be read using a camera on a smartphone or a tablet. Scan this QR code to have an easy access removal guide of "* will damage your computer. You should move it to the Bin." pop-up on your mobile device.
We Recommend:

Get rid of * will damage your computer. You should move it to the Bin. pop-up today:

▼ REMOVE IT NOW with Combo Cleaner for Mac

Platform: macOS

Editors' Rating for Combo Cleaner:
Editors ratingOutstanding!

[Back to Top]

Free scanner checks if your computer is infected. To remove malware, you have to purchase the full version of Combo Cleaner.