Find and remove malware

Powered by Moonlock Engine, malware-related features of CleanMyMac help you detect and remove common threats to your Mac, including viruses, miners, keyloggers, worms, Trojans, and malicious software of other types. At MacPaw, we regularly update our custom, purpose-built malware database to ensure CleanMyMac can protect your Mac from new threats.

To find and remove malware:

1. In CleanMyMac, click Protection in the sidebar.

2. If needed, configure the scan speed and depth.

3. Click Scan to begin, and wait for the results.

   

   To repeat the scan, click Start Over on the upper left, confirm, and click Scan again.

4. If threats were found, in the respective tile:

   • Click Remove to quickly eliminate them without reviewing.

     CleanMyMac automatically selects all threats for removal.

     

   • Click Review to get the details of the found threats.

     After reviewing, click Remove to delete the selected items.

   

When reviewing malware details, you can:

• See the malware name, its type, and the number of affected files.

• View the malware description by clicking the info icon.

  

• Select or deselect malware for removal.

• View the list of files associated with the detected malware.

  To do this, click the disclosure arrow to expand the list.

  Right-click a file to:

  • Reveal it in Finder
  • Get file info
  • Add it to the Ignore List if you're sure it's safe
  • Preview it via Quick Look

  

CleanMyMac detects the following types of malware:

• Adware: Displays unwanted ads, often to trick you into buying products or services. Removing it helps you avoid these annoyances.

• Backdoor: Allows unauthorized access to your Mac. These should always be removed.

• Botnet: Turns your Mac into part of a bot network controlled by external commands.

• Dropper: Installs additional malware, typically disguised as legitimate software.

• Exploit: Takes advantage of system vulnerabilities to gain unauthorized access, often used to steal data or cause harm.

• Installer: Installs other software, sometimes for malicious purposes.

• Keylogger: Collects your keystrokes, potentially stealing passwords, credit card numbers, and sensitive information.

• Miner: Uses your system's processing power to mine cryptocurrency without your knowledge, slowing down your Mac.

• PUA: Potentially unwanted applications, often exhibiting unwanted behavior even if you installed them intentionally.

• Ransomware: Blocks access to your data or system until you pay a ransom. Remove it immediately to avoid being locked out.

• Riskware: Legitimate software that could be exploited for malicious purposes.

• Rootkit: Grants unauthorized users administrative access to your system.

• Spyware: Collects data from your system without your knowledge and sends it to unknown entities.

• Stealer: Steals sensitive data, such as login credentials or financial information, without your consent.

• Trojan: Disguises itself as legitimate software to gain unauthorized access or control of your system.

• Virus: Infects other programs, replicating itself and modifying functionality.

• Worm: Spreads across networks, replicating itself and infecting other systems.

• Other: Undefined malicious software that should still be removed for security reasons.

You can enhance your Mac security with the following features:

• Real-time monitor: Monitors new installations and warns you of suspicious activity.

• Background scanning: Runs in the background to ensure no malicious items are missed.

Both real-time and background scanning run automatically, even if the Menu is turned off.

We recommend using the Protection module in the 'deep scan' mode at least once a month, even with real-time and background scanning enabled. Together, these features provide a complete anti-malware solution.