ConnectionCachefld – Is This a Mac Virus?

ConnectionCachefld may claim itself as a legitimate search tool that works with common Mac internet programs, but computer security experts are certain that it is part of the adware family. Apart from that, ConnectionCachefld is also listed under the group of potentially unwanted program (PUP). Diagnostics shows that its forcible entry on the computer is assisted by different misleading techniques, and its appearance on the browser program is unexpected. For this reason, Mac users assess its infiltration as a computer virus infection.

Is ConnectionCachefld a virus?

Even if infected internet applications display a message that “ConnectionCachefld will damage your computer,” it is still not too hazardous as compared to computer viruses. Judging from its penetration tactics, one can conclude that ConnectionCachefld is a virus. But on technical aspects, it lacks the ingredients to be included in the computer virus family. While viruses were made to generally attack the system and control the operation, ConnectionCachefld is limited to the following errands:

Internet browser attack

ConnectionCachefld focuses on attacking internet browser programs for Macs like Safari or Google Chrome. To function on this application, it normally gets installed as a browser extension with above-average jurisdiction on internet programs. Like similar threats as ElemntStatefld and DebugCompile, ConnectionCachefld injects codes on the browser to execute additional tasks that are not common to typical browser add-ons.

Search hijacking

One area that ConnectionCachefld wants to rule is search settings. It was designed to monitor a web user’s online search inquiry and log important data like search keywords, search terminologies, the origin of the search, and so on. It can also divert the browser program to a fake Flash, Adobe, or Google Chrome software update website that often causes malware installation.

Screenshot of ConnectionCachefld

Homepage override by the adware

To further enhance the search hijacking function of ConnectionCachefld, it takes over homepage settings and assigns an unknown search bar that diverts search queries to its own server. Web users may never notice these search redirects because, in the end, ConnectionCachefld is able to provide a result by forwarding it through legitimate search engines like Google Chrome, Bing, or Yahoo.

Why is ConnectionCachefld risky?

After revealing some payloads of ConnectionCachefld, we can conclude that its attack is merely concentrated on internet browser programs. It is definitely not a computer virus that infects the system and is able to propagate on other computers or network shares. In fact, the installation of ConnectionCachefld on the computer is due to web users carelessness when accessing sites that purport to be fake software updates or media players, as shown in the image below.

ConnectionCachefld is a malicious browser extension that can be the root for privacy theft or additional malware infection. Therefore, it is important to get rid of this threat as soon as possible, even though it is not classified as a computer virus.

Procedures to Remove ConnectionCachefld from Mac

In this part, we will present practical recommendations for removing the malware from an infected Mac computer. You can download the suggested scanner to automatically remove ConnectionCachefld . For further instructions, please follow the manual step-by-step processes.

Instant Removal : Scan the Mac computer with antivirus program

Combo Cleaner is a trusted Mac utility application with complete antivirus and optimization features. It is useful in dealing with adware, malware, and PUP's. Moreover, it can get rid of adware like ConnectionCachefld .

1. Download the tool from the following page:

2. Double-click the downloaded file, combocleaner.dmg and proceed with the installation.

3. The installation window will open. Please double-click or drag the Combo Cleaner icon to the Applications folder.

Screenshot of Installer

4. Proceed with the installation. When it displays the Software License Agreement, please click Continue, and then click on Agree in the confirmation window. Continue with the default installation.

5. The program should run automatically after installation. If not, open your Launchpad and click on the Combo Cleaner icon.

6. Wait until antivirus downloads its latest virus definition updates and click on "Start Combo Scan" to start removing ConnectionCachefld and other issues on the Mac computer.

Screenshot of Dashboard

7. After the virus and disk scan processes, the tool will display the results. Click on Remove Selected to start cleaning the computer.

To fully optimize the features of antivirus and privacy scanners, users may have to upgrade to the premium version.

If you are comfortable manually removing the adware and other malicious objects associated with it, please proceed with the remaining steps.

Manual Removal : Step-by-step guide to get rid of ConnectionCachefld

This area contains comprehensive procedures to help you remove adware and potentially unwanted program from the Mac computer. Guide on this page are written in a manner that can be easily understand and execute by Mac users.

The procedure may require you to close the browser or restart the computer; therefore, we are suggesting to Bookmark or Print this page.

Step 1 : Delete ConnectionCachefld from Mac Applications

1. Go to Finder.

2. On the menu, click Go and then, select Applications from the list to open Applications Folder.

3. Find ConnectionCachefld or any unwanted program.

Screenshot of Deleting App

4. Drag ConnectionCachefld to Trash Bin to delete the application from Mac.

5. Next, go to the Dock, right-click on the Trash icon, and click on Empty Trash.

Step 2 : Remove Browser Extensions that belongs to ConnectionCachefld

Most adware and unwanted programs use an application called a "browser extension" to be able to take over the settings of internet applications. Therefore, we highly recommend checking and removing the extension that is closely related to ConnectionCachefld . If it is not present, look for and delete any suspicious browser extension.

Google Chrome

Remove the ConnectionCachefld Extension from Google Chrome

1. Open the Google Chrome browser on you Mac device.

2. Input the strings below in the address bar and press Enter on the keyboard:

chrome://extensions/

Screenshot of Chrome Extensions in PC

3. Find ConnectionCachefld or a relevant entry and remove it from Google Chrome.

Safari

Remove Malicious Extension from Safari

1. Open the Safari browser.

2. On the top menu, click Safari > Settings or Preferences.

3. The Safari settings window will open. Please select the Extensions tab.

Screenshot of Safari Extension Removal

4. Locate the suspicious extension and click the Uninstall button to remove it from Safari.

5. You may now close the window and restart Safari.

Microsoft Edge

Remove ConnectionCachefld from Mac's Microsoft Edge Browser

1. Open the Microsoft Edge program on your Mac.

2. Input or copy and paste the following string in the address bar. Press press Enter on the keyboard:

edge://extensions/

Screenshot of Edge Extension on Mac

3. Look for and Remove or Disable entries for ConnectionCachefld from the Installed Extensions area.

Screenshot of Edge Extension Removal - Mac

4. You may now close the window and restart the Microsoft Edge browser.

Mozilla Firefox

Uninstall the ConnectionCachefld Extension from Mozilla Firefox

1. Open the Mozilla Firefox browser.

2. Type or copy and paste the strings below in the address bar and press Enter on the keyboard:

about:addons

Screenshot of Firefox Extension

3. Click on Extensions from the sidebar menu.

4. Look for an entry that pertains to ConnectionCachefld and Disable or Remove it from the browser using the options button.

Step 3 : Delete Malicious Files that have installed ConnectionCachefld

1. Go to your Finder. From the menu bar, please select Go > Go to Folder.

2. Input the following string and press Enter on the keyboard.

~/Library/LaunchAgents

Screenshot of Go To Folder

3. You will now see a hidden folder named LaunchAgents. Take note of the following files inside the folder:

  • com.ConnectionCachefld .plist
  • unknown.service.plist
  • unknown.system.plist
  • unknown.download.plist
  • unknown.update.plist

4. The term unknown is just a representation of the actual malware name. Attackers may use the following file names:

- ConnectionCachefld , (random characters).plist

If you cannot find the specified file, please look for any unfamiliar or suspicious entries. It may be the one causing ConnectionCachefld to be present on your Mac. Arranging all items to see the latest ones may also help you identify recently installed unfamiliar files.

5. Please click on "Show items as..."

Screenshot of LaunhAgents Folder

6. To arrange the items in chronological order, click Date Modified.

7. Drag all suspicious files that you may find to Trash.

Take note of all the suspicious files, as you may also delete the same item in another folder as we go on.

8. Please restart the Mac computer.

9. Open another folder using the same method as above. Copy and paste the following string to easily locate the folder:

~/Library/Application Support

Screenshot of Go to Folder

10. Select any suspicious items that you have noted previously. Drag them to the Trash.

11. Repeat the process in the following non-hidden folders (without ~):

/Library/LaunchAgents
/Library/LaunchDaemons
/Library/Application Support

12. Lastly, go to your Finder > Go and open the Applications folder. Look for subfolders with the following names and drag them to Trash.

- ConnectionCachefld , (random characters)

Optional : For locked files that cannot be removed, do the following:

1. Go to Launchpad > Other folder, open the Activity Monitor.

2. Select the process you want to quit.

3. In the upper part of the window, click the Stop button.

Screenshot of Force Quit

4. Click on Force Quit button.

5. You may now delete or remove the locked file that belongs to ConnectionCachefld homepage hijacker.

Step 4 : Double-check with Malwarebytes for Mac

Use Malwarebytes for Mac to do another scan to make sure the machine is already clear of viruses, malware, and adware. This efficient anti-malware application allows you to detect things that other security software was unable to recognize.

1. Download Malwarebytes for Mac from the link below.

2. Locate the downloaded Malwarebytes-Mac.pkg and install it with the default settings.

3. Run Malwarebytes for Mac. It will check for updates and download the most recent version if one is available. This is necessary for finding recent malware threats, including ConnectionCachefld .

4. Once you are on the Malwarebytes dashboard, please click on the Scan button to start scanning your Mac computer.

Screenshot of Malwarebytes Dashboard

5. After the scan, Malwarebytes for Mac will display a list of identified threats, and ConnectionCachefld is surely part of it. Be sure to select all items in the list. Then, click the Remove button to clean the computer.

Step 5 : Fixing the Homepage and Search Engine

Google Chrome

Remove ConnectionCachefld from the Homepage and Search of Chrome

1. Open the Google Chrome browser and type the following on the address bar and press Enter on the keyboard:

chrome://settings

Screenshot of Chrome Settings

2. Go to the left sidebar and click On Startup.

3. Select "Open a specific page or set of pages" in the right panel.

Screenshot of Chrome Startup

4. Locate the unwanted Homepage URL, click on More Actions (3-dot icon), and select Edit.

5. Enter the desired web address as your home page, replacing ConnectionCachefld . Click Save.

6. To set the default search engine, go to the sidebar, and this time, select Search Engine.

Screenshot of Default Search

7. Click on the Manage search engines and site search button in the right panel.

8. Find the unwanted Search Engine in the list. Click on More Actions, and then click Delete.

9. Go back to the left side bar and click Search Engine.

Screenshot of Search Engine Address Bar

10. In the right panel, choose a valid entry from the "Search engine used in the address bar."

You can now restart the Google Chrome browser to see if the unwanted homepage and search engine related to ConnectionCachefld are gone.

Safari

Get Rid of ConnectionCachefld from Safari's Homepage and Search

1. Open your Safari browser.

2. Go to the Safari Menu located in the upper left-hand corner, and then select Settings or Preferences.

3. In the General tab, remove the ConnectionCachefld item or unwanted URL from the Homepage section. Replace it with your preferred URL to be set as your default homepage.

Screenshot of Safari Home Settings

4. Next, be sure that the "New windows open with" and "New tabs open with" fields are set to "Homepage".

5. Please click on the Search tab, and in the "Search engine" section, select Google or any valid search engine.

Screenshot of Safari Search Settings

6. You may now restart the Safari browser.

Microsoft Edge

Remove ConnectionCachefld from the Homepage of Edge Browser

1. Open the Microsoft Edge browser on your Mac computer.

2. In the address bar, type or copy and paste the string below, then press Enter on the keyboard:

edge://settings/startHomeNTP

Screenshot of Edge Homepage Settings on Mac

3. Go to the "When Edge Starts" area. Under the "Open these pages" section, click More Actions (3-dot).

4. Select Edit to open the Edit Page window.

5. Input your desired address to replace the homepage settings of ConnectionCachefld .

Screenshot of Edge for Mac Default Homepage

6. Click the Save button. You may now restart Microsoft Edge for Mac.

Mozilla Firefox

Delete ConnectionCachefld from the Homepage and Search of Firefox.

1. Open the Mozilla Firefox browser on your Mac computer.

2. Type the following on the address bar, then press Enter on the keyboard:

about:preferences

3. Click Home in the sidebar area.

Screenshot of Firefox Homepage Settings

4. Under "Homepage and new windows", you may choose Firefox Home (Default) or Custom URLs.

5. If you chose Custom URLs, input the desired URL to replace ConnectionCachefld settings.

6. To configure the default search engine, select Search in the sidebar to display the settings.

Screenshot of Firefox Search Settings

7. Under the Default Search Engine list, please select a legitimate one (i.e., Google).

8. Scroll down to "Search Shortcuts" and select an unwanted search engine.

Screenshot of Deleting Search

9. Click on the Remove button to delete the unwanted search engine. You may now restart the Mozilla Firefox for Mac.

System Compatibility Notice

Logo of Macs

To provide you with easy and accurate methods, the commands used in the guide are common, useful, and tested. We ensured that our tutorial to get rid of ConnectionCachefld is compatible with the majority of Mac operating systems. Please let us know via email or the comment section below if you run into any incompatibility when using this tutorial. We will be pleased to reply and make the required corrections.

About the author

Discussion

Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Scroll to Top