Find and remove malware

(Updated: )

Powered by Moonlock Engine, malware-related features of CleanMyMac help you detect and remove common threats to your Mac, including viruses, miners, keyloggers, worms, Trojans, and malicious software of other types. At MacPaw, we regularly update our custom, purpose-built malware database to ensure CleanMyMac can protect your Mac from new threats.

To find and remove malware:

  1. In CleanMyMac, click Protection in the sidebar.

    Tip

    Before you start the scan, you can set scan depth and speed and configure extra scanning options — for this, click Configure Scan.

  2. Click Scan to begin, and wait for the results.

    To repeat the scan, click Start Over on the upper left, confirm, and click Scan again.

  3. If threats are found, in the respective tile:

    • Click Remove to quickly eliminate them without reviewing.

      CleanMyMac automatically selects all threats for removal.

    • Click Review to get the details of the found threats.

      After reviewing, click Remove to delete the selected items.

Malware details

When reviewing malware details, you can:

  • Get the malware name, its type, and the number of affected files.

  • View the malware description by clicking the info button.

  • Select malware for removal.

  • View the list of files associated with the detected malware.

    To do this, click the disclosure button to expand the list.

    Right-click a file to:

    • Reveal it in Finder
    • Get file info
    • Add it to the Ignore List if you're sure it's safe
    • Preview it through Quick Look

Malware types

CleanMyMac detects the following types of malware:

  • Adware: Displays unwanted ads, often to trick you into buying products or services. Removing it helps you avoid these annoyances.

  • Backdoor: Gives unauthorized access to your Mac. These should always be removed.

  • Botnet: Turns your Mac into part of a bot network controlled by external commands.

  • Dropper: Installs additional malware, typically disguised as legitimate software.

  • Exploit: Takes advantage of system vulnerabilities to gain unauthorized access, often used to steal data or cause harm.

  • Installer: Installs other software, sometimes for malicious purposes.

  • Keylogger: Collects your keystrokes, potentially stealing passwords, credit card numbers, and sensitive information.

  • Miner: Uses your system's processing power to mine cryptocurrency without your knowledge, slowing down your Mac.

  • PUA: Potentially unwanted apps, often exhibiting unwanted behavior even if you installed them intentionally.

  • Ransomware: Blocks access to your data or system until you pay a ransom. Remove it immediately to avoid being locked out.

  • Riskware: Legitimate software that could be exploited for malicious purposes.

  • Rootkit: Grants unauthorized users administrative access to your system.

  • Spyware: Collects data from your system without your knowledge and sends it to unknown entities.

  • Stealer: Steals sensitive data, such as login credentials or financial information, without your consent.

  • Trojan: Disguises itself as legitimate software to gain unauthorized access or control of your system.

  • Virus: Infects other programs, replicating itself and modifying functionality.

  • Worm: Spreads across networks, replicating itself and infecting other systems.

  • Other: Undefined malicious software that should still be removed for security reasons.

Enhance protection

You can enhance your Mac security with the following features:

Both real-time and background scanning run automatically, even if the Menu is turned off.

Scanning recommendations

We recommend scanning your Mac for malware in the Deep Scan mode at least once a month, even with real-time and background scanning turned on. Together, these features provide a complete antimalware solution.

Was this article helpful?

Help us improve Knowledge Base

Related Articles

Contact us

Can’t find answers to your question?

Contact us and we’ll get back to you as soon as we can.

Contact us