How to remove MacSweeper on a Mac?

What is MacSweeper?

MacSweeper malware first appeared in 2008. When it was first discovered, those who downloaded this seemingly legitimate piece of software could be forgiven for thinking they're getting something that would keep a Mac safe from new malware, adware and other cyber threats. There weren't as many viruses that could infect a Mac in 2008, but it was starting to become more of an issue.

Since then, new versions of MacSweeper have been released to keep pace with core changes in the macOS. Meaning this rogue software is still a threat, and it’s not something that can help make your Mac safer. MacSweeper was developed by KiVVi software, a company that is still apparently operational and offering genuine software.

Unsuspecting Mac users either download it accidentally - in what is known as a ‘drive-by-download’ - whereby you end up on that website (usually through a company deploying ‘black hat’ marketing activities) and it silently downloads onto your Mac, or it comes through a bundle. Again, both routes involve Mac users getting this on their computer without wanting it or clicking to accept this new piece of software, making it unwelcome and something that is best avoided.

MacSweeper plays a similar role to other software, including one that KiVVi developed for the Window’s operating system, known as Cleanator. It is also similar to the  SpySheriff and SpyAxe applications. In every case, once this app gets into a Mac, it creates fake reports, indicating that your macOS isn’t working properly, that it has several - if not dozens - of malware and other infections, and that the only way to remove them is to pay for a lifetime license, which was worth around $39.99.

how-reset-pram-smc

What does MacSweeper do?

It essentially hijacks your web browser, and to a certain extent, your macOS without your permission. But far worse than that, it can disable other legitimate third-party security systems, such as antivirus software, VPNs and firewalls, leaving your Mac vulnerable to cyber attacks and more dangerous viruses.

However, if you are infected, don't believe that the “security reports” it generates are true. There is a good chance, unless this was downloaded with more serious spyware and other viruses, that your Mac is as smoothly as ever, albeit with this new unwanted infection. All it aims to do is extract payment, making it more ransomware than malware.

Whatever you do: don't give it your card or PayPal details. Even if KiVVi are seemingly legitimate, this could easily lead to your payment details ending up in the wrong hands or for sale on the dark web. Paying is a really bad idea.

Instead, let’s look at ways you can remove MacSweeper.


How to remove MacSweeper?

In a further attempt to extract money from an infected Mac user, MacSweeper appears to be helpful in offering an uninstall page. Except for the irritating fact that this takes you to another payment page.

So, instead of going down that cyber rabbit hole, you can attempt to uninstall it manually or safely using a special app like CleanMyMac X.

Let's start with a safe and easy way:) Here's how CleanMyMac X looks. 

CleanMyMac X is a powerful Mac performance tool capable of removing known viruses, malware, adware, spyware, and dozens of other cyber problems. It also cleans your Mac and dramatically improves performance.

To get rid of MacSweeper, follow these simple steps:

  1. Download CleanMyMac X here.
  2. Launch the app.
  3. Use the Malware Removal tab.
  4. Click Scan — it will show you any unwanted malware.
  5. Click Remove and they will vanish.

How to remove MacSweeper manually

Before we get to that, here is how you can attempt a manual uninstall (firstly, go to your primary browser - here is how you do this with Safari, Chrome and Firefox - although check every browser you have, just in case it has made a home on your Mac elsewhere):

#1: Uninstall MacSweeper from Safari

  1. Go to Safari > Preferences.
  2. Click on Extensions.
  3. Pick the Extension that you don't recognize to delete.
  4. Click Uninstall.
  5. Confirm that you want to Uninstall the extension.

#2: Remove MacSweeper from Chrome

  1. Open Chrome.
  2. Go to the Menu in your browser.
  3. Click on More Tools > Extensions.
  4. Pick the Extension that you don't recognize to delete.
  5. Click Remove.
  6. Confirm that you want to Remove the extension.

#3: Delete MacSweeper from Firefox

  1. Open Firefox.
  2. Go to the Menu in your browser.
  3. Click on the Add-ons manager tab.
  4. Select the Extension you want to remove.
  5. Click Remove.
  6. Confirm that you want to delete it.

#4: Next, uninstall the program from your application folders.

  1. Go to the Applications folder
  2. Search for LaunchAgents
  3. Within LaunchAgents, look for the following folders:
  • MacSweeper.update.plist
  • MacSweeper.AppRemoval.plist
  • MacSweeper.download.plist
  • MacSweeper.ltvbit.plist
  • .com. MacSweeper.agent.plist
  • .com.SoftwareUpdater.agent.plist

4.  Move every file you find to Trash. And then repeat the above process in the following folders:

5.  ~/Library/LaunchAgents. Do the same as step 3;

6.  And the same again in this folder: ~/Library/Application Support

7.  Finally, delete any folders in Applications that indicate they're the home of this software, such as:

  • SoftwareUpdater
  • MacSweeper

Note: Always be careful while doing this. The last thing you want is to delete something that your Mac needs to operate. It may disguise itself as something else, so if in doubt, don't delete anything the manual way.

No matter how genuine MacSweeper and other similar rogue software applications appear, they're not going to ‘sweep’ your Mac for threats. Instead, these applications make up threats, disable real security systems and simply attempt to extract payment. Don't let them get away with it and don’t give them any money. You can solve this problem either through a manual or automatic removal process, quickly restoring your Mac to full working order.

CleanMyMac X
CleanMyMac X

Your Mac. As good as new.