How to eliminate MacSweeper malware on a Mac

What is MacSweeper?

MacSweeper malware first appeared in 2008. When it was first discovered, those who downloaded this seemingly legitimate piece of software could be forgiven for thinking they're getting something that would keep a Mac safe from new malware, adware, and other cyber threats. There weren't as many viruses that could infect a Mac in 2008, but it started to become more of an issue.

Since then, new versions of MacSweeper have been released to keep pace with core changes in the macOS. Meaning this rogue software is still a threat, and it's not something that can help make your Mac safer. MacSweeper was developed by KiVVi software, a company that is still apparently operational and offering genuine software.

Unsuspecting Mac users either download it accidentally in what is known as a 'drive-by-download' — whereby you end up on the seemingly legit website (usually through a company deploying 'black hat' marketing activities) and the virus silently downloads onto your Mac — or it comes through a bundle. Again, both routes involve Mac users getting this on their computer without wanting it or clicking to accept this new piece of software, making it unwelcome and something that is best avoided.

MacSweeper plays a similar role to other software, including one that KiVVi developed for the Windows operating system, known as Cleanator. It is also similar to the SpySheriff and SpyAxe applications. In every case, once this app gets into a Mac, it creates fake reports, indicating that your macOS isn't working properly, has several — if not dozens — of malware and other infections, and the only way to remove them is to pay for a lifetime license, which was worth around $39.99.


What does MacSweeper do?

It essentially hijacks your web browser and, to a certain extent, your macOS without your permission. But far worse than that, it can disable other legitimate third-party security systems, such as antivirus software, VPNs, and firewalls, leaving your Mac vulnerable to cyber-attacks and more dangerous viruses.

However, if you are infected, don't believe that the "security reports" it generates are true. There would be a good chance, unless this was downloaded with more serious spyware and other viruses, that your Mac is as smooth as ever, albeit with this new unwanted infection. All it aims to do is extract payment, making it more ransomware than malware.

Whatever you do: don't give it your card or PayPal details. Even if KiVVi is seemingly legitimate, this could easily lead to your payment details ending up in the wrong hands or for sale on the dark web. Paying is a terrible idea.

Instead, let's look at ways you can remove MacSweeper.

How to remove MacSweeper?

In a further attempt to extract money from an infected Mac user, MacSweeper appears to be helpful in offering an uninstall page. Except for the irritating fact that this takes you to another payment page.

So, instead of going down that cyber rabbit hole, you can attempt to uninstall it manually or safely using a special app like CleanMyMac X.

Let's start with a safe and easy way:) Here's how CleanMyMac X looks. 

CleanMyMac X - Smart Scan

CleanMyMac X is a powerful Mac performance tool capable of removing known viruses, malware, adware, spyware, and dozens of other cyber problems. It also cleans your Mac and dramatically improves performance.

To get rid of MacSweeper, follow these simple steps:

  1. Download CleanMyMac X here.
  2. Launch the app.
  3. Use the Malware Removal tab.
  4. Click Scan — it will show you any unwanted malware.
  5. Click Remove, and they will vanish.
Removing malware files

How to remove MacSweeper manually

Before we get to that, here is how you can attempt a manual uninstall. Firstly, go to your primary browser, although check every browser you have, just in case it has made a home on your Mac elsewhere. Here is how you do this with Safari, Chrome, and Firefox.

#1: Uninstall MacSweeper from Safari

  1. Go to Safari > Preferences.
  2. Click on Extensions.
  3. Pick the extension that you don't recognize to delete.
  4. Click Uninstall.
  5. Confirm that you want to Uninstall the extension.

#2: Remove MacSweeper from Chrome

  1. Open Chrome.
  2. Go to the Menu in your browser.
  3. Click on More Tools > Extensions.
  4. Pick the extension that you don't recognize to delete.
  5. Click Remove.
  6. Confirm that you want to remove the extension.

#3: Delete MacSweeper from Firefox

  1. Open Firefox.
  2. Go to the Menu in your browser.
  3. Click on Add-ons and themes.
  4. Select the extension you want to remove.
  5. Click Remove.
  6. Confirm that you want to delete it.

#4: Next, uninstall the program from your application folders.

  1. Open Finder > Go > Go to Folder and paste the following: /Library/LaunchAgents
  2. Within LaunchAgents, look for the following folders:
    • MacSweeper.update.plist
    • MacSweeper.AppRemoval.plist
    • MacSweeper.ltvbit.plist
    • .com.MacSweeper.agent.plist
    • .com.SoftwareUpdater.agent.plist
  3. Move every file you find to Trash. And then repeat the above process in the following folders: ~/Library/LaunchAgents and ~/Library/Application Support
  4. Finally, delete any folders in Applications that indicate they're the home of this software, such as:
  • SoftwareUpdater
  • MacSweeper

Note: Always be careful while doing this. The last thing you want is to delete something that your Mac needs to operate. It may disguise itself as something else, so don't delete anything the manual way if in doubt.

No matter how genuine MacSweeper and other similar rogue software applications appear, they're not going to 'sweep' your Mac for threats. Instead, these applications threaten your Mac security, disable real security systems, and attempt to extract payment. Don't let them get away with it, and don't give them any money. You can solve this problem either through a manual or automatic removal process, quickly restoring your Mac to full working order.