How to remove viruses and malware from Mac

In 2021, Apple’s senior vice president Craig Federighi confirmed that the amount of malware on macOS reached an unacceptable level. Although Apple has invested a lot of resources into strengthening security and privacy on Macs, some types of malware and viruses are sophisticated enough to bypass Gatekeeper. According to Malwarebytes, there has been a 200% spike in macOS-specific malware infections. Sounds scary? Continue reading to discover our Mac malware removal guide.

What is malware

The term “malware” is a broad term for all unwanted intrusions. Although used interchangeably, it’s not synonymous with the term “virus” because the latter is only a model of distribution, i.e., how an app self-replicates. Here are common types of malware you can encounter on Mac:

  • Download managers — download unauthorized objects.
  • Spyware and keyloggers — steal users’ personal data.
  • Backdoor infections — remotely seize control of your computer.
  • Rootkit — infiltrate admin privileges.
  • Botnet — turn your Mac into a shadow bot.
  • Trojan horses — disguise as legit software.
  • Ransomware — lock your Mac’s screen.
  • PUPs — potentially unwanted programs.

Can a Mac get malware?

Mac computers have long been considered virus-free. They are indeed secure, but as the Apple security features have improved, so has malware. According to Malwarebytes, Macs are mostly attacked by adware and PUPs, which macOS has no counteraction against. So, yes, they get viruses and malware.

How do I know if my Mac has a virus?

Here are some tell-tale signs that your Mac may have been affected by a virus or malware:

  • A sudden drop in performance or frequent freeze-ups.
  • Pages that you visit get obscured with ads.
  • Unexpected Mac reboots or apps starting for no reason.
  • Your browser installs suspicious updates automatically.
  • Web browser homepage has been changed without your permission.
  • Folders and files won’t open.
  • You’ve discovered new apps installed without your permission.
separator-protection

How to find and remove viruses from Mac

Regardless of the type of malware, there are common ways to remove malware from Mac — manually or automatically.

How to clean malware from Mac manually:

1. Use Activity Monitor

If you know which app on your Mac is malicious, you’re halfway through the problem. First, close the app and then root it out from the system processes:

  1. Open Activity Monitor from Applications.
  2. Locate the problematic app in the list of processes.
  3. Use the [x] button to quit it.

Now, go back to your Applications and move the app to the Trash. Immediately empty it.

This method is simple, but for the best malware removal results, you’d have to invest a bit more time. There are still parts and pieces of the virus app scattered around your system folders. It’s a bit like killing a dragon that regrows its head after you’ve chopped it off. So, how to remove malware from Mac completely? Uninstall apps.

Tip: Do a quick search for malware-infected .DMG files within your Downloads. The potential culprits could be recently downloaded files, especially media-related ones. Delete them and empty the Trash.

2. Uninstall apps

If you’ve inadvertently downloaded an app that turns out to be a virus, you need to uninstall it immediately. There are a couple of ways to do this. Here’s the hard way:

  1. Go to your Applications folder and drag the app to the Trash.
  2. From Finder, Go > Go to Folder, type ~/Library and look in the Application Support folder for any files related to the app and drag those to the Trash.


  3. Look in the other folders in ~/Library, especially Launch Agents and Launch Daemons and remove any .plist files related to the app from there.
  4. Repeat Step 3 for the main Library folder (/Library).
  5. Don’t forget to reboot your Mac — until you do, all these files are still in memory.

3. Remove Mac malware from your Login Items

Most adware or spyware will try to sneak inside the bootup process. The good news is that you don’t have to be Mr. Kaspersky to prevent this.

  1. Go to the Apple menu > System Preferences (System Settings in macOS Ventura) > Users & Groups.
  2. Make sure your username is highlighted.
  3. Open the Login Items tab. Now, use the “—” sign to disable all the suspicious apps that you’ll find. Restart your Mac for the changes to take place.

4. Get rid of pop-up ads on Mac

Advertising pop-ups are browser-related, so whatever browser you are using, be prepared for a thorough cleanup. First off, don’t buy into whatever the ad is telling you. Some scary alerts would mention 343 viruses found on your Mac, forcing you to immediately install a “Mac Defender” or “Mac Security” tool. Just ignore it and don’t click anywhere on the pop-up. Use the [x] button and if it doesn’t close the ad, Ctrl + click the browser icon to quit the browser completely.

Tip: Hold the Shift key when starting a new Safari session. This way, all your previous tabs (including the ad pop-up) will not be reopened.

How to block pop-up ads in Safari
  1. Open Safari Preferences (in the top menu) > Websites.
  2. Scroll down to Pop-up Windows at the bottom of the sidebar.
  3. Block pop-ups for individual or all websites.
How to get rid of pop-ups in Chrome
  1. Open Chrome Settings (a three-dot icon) > Privacy and Security.
  2. Go to Site Settings > Pop-ups and redirects.
  3. Choose Don’t allow sites to send pop-ups or use redirects.
How to get rid of pop-ups in Firefox
  1. Open Firefox Settings > Privacy & Security.
  2. Check Block pop-up windows or manage Exceptions.

5. Clean up extensions to remove adware and viruses from Mac

If you’re looking for how to delete malware from Mac, you should also check extensions in every browser you use.

Safari
  1. Go to Safari Preferences > Extensions.
  2. Select an extension and click Uninstall.
Chrome
  1. Launch Chrome and click on the 3-dot icon in the upper right corner.
  2. Select More Tools and choose Extensions from the menu that appears.
  3. Choose any extension you don’t recognize and press Remove.
Firefox
  1. Launch Firefox.
  2. Click the 3-line (hamburger) icon at the top right corner.
  3. Choose Add-ons and themes.
  4. Click the Extensions tab and remove any you don’t recognize.
  5. Press the ellipsis and choose Remove.

6. Boot into Safe mode

Sometimes, malware can make your Mac so slow that it’s impossible to do anything. Starting up your Mac in Safe mode may help. It prevents loading certain software and only runs essential apps and processes macOS needs. It also performs a check of your startup disk and removes some system cache, which may be exactly what your Mac needs.

Boot into Safe mode on an Intel-based Mac:
  1. Restart your Mac and press and hold the Shift key as your Mac starts up.
  2. When the login window appears, release the Shift key and log in.
  3. You should see “Safe Boot” in the upper-right corner of the screen.
Boot into Safe mode on a Mac with Apple silicon:
  1. Restart your Mac and hold the power button.
  2. Release the button when you see the startup options.
  3. Select your startup disk, then press and hold the Shift key and click “Continue in Safe Mode.”
  4. Log in to your Mac. You might need to log in several times.

How to remove virus from Mac automatically

While the above steps work very well in lots of cases, sometimes, the Mac virus removal is better with a dedicated app.

There are lots of anti-malware applications available, and many of them are either free or allow you to scan your Mac for free to find out whether you need to take action. Be careful, though. It’s important to choose a tool from a reputable vendor. If you just google ’Mac antivirus tool,’ some of the results may well be for tools that are themselves malicious.

We recommend using CleanMyMac X. It can identify thousands of malware threats, including adware, spyware, ransomware, worms, and cryptocurrency miners. If CleanMyMac X finds something suspicious, it will offer immediate removal. Here’s how to perform a full system scan:

  1. Download CleanMyMac X (free download) and launch the app.
  2. Go to Malware Removal ab.
  3. Click Scan and hit Remove.
Scan completed in malware removal module of CMMX

If all else fails

Below are a few more ideas to help you remove malware from Mac:

How to prevent malware from getting onto a Mac

So, now you know how to get rid of virus on Mac. If you want to learn how to prevent malware, we’ve prepared a few basic tips:

  • Closely read all dialogue boxes.
  • Get a reliable password manager app.
  • Browse anonymously.
  • Use passphrases instead of passwords.
  • Create an “emergency” bootable external drive for your Mac.
  • Whenever possible, browse only secure websites — those starting with https://.
  • Avoid clicking suspicious email links, especially if you don’t identify the sender.
  • Don’t open any suspicious email attachments.
  • Avoid downloading software or data from an unfamiliar website.
  • Don’t click strange adverts or pop-ups that appear on websites.

Tip: You can prevent some malware attacks from happening by disabling JavaScript in your browser. Although it may break certain web pages, your browsing will get more secure.

To disable JavaScript in Safari:

  1. Go to Safari Preferences > Security.
  2. Uncheck Enable JavaScript.

How to protect Mac from malware

Now, as we’ve described how to prevent malware, we want to focus on some protection tips. We’ve covered that in more detail in this article, but here are a few pointers.

Create a new user profile

Usually, viruses are attached to a particular user profile on your computer, and so they are able to seize control of your admin profile. But you can escape the virus and create a new user on your Mac. Don’t worry; you’ll be able to transfer all your important data from one user to another.

  1. Go to Apple menu > System Preferences (System Settings in macOS Ventura) > Users & Groups.
  2. Click the lock icon and type in your admin password.
  3. Use the plus sign to add a new admin profile.

To move your important information from one user to another, do this:

  1. Click on the Finder > Go > Go to Folder...
  2. Paste in this: /Users
  3. Copy the needed files from your old user account to the Shared folder.

Run regular scans

Viruses and malware mask well, so prevention may not be the only way to protect your Mac from malware. Another best practice is to develop the habit of running checks using a dedicated anti-malware app.

If you’re too busy to perform system scans, the app we mentioned earlier, CleanMyMac X, comes with a background scan and malware monitor tools. They not only check your system for malicious activities but also react to any active threats and let you remove them right away.

Here’s how to bring Mac virus and malware protection to a whole new level:

  1. Install and launch CleanMyMac X (free download here).
  2. Navigate to the Menu app by clicking the iMac icon on the menu bar.
  3. Go to Preferences (gear icon at the bottom right) > Protection.
  4. Make sure that all three boxes are checked.

As you can see, there are many different ways to remove a virus from a Mac, depending on how badly infected it is and what kind of virus it is. The main thing to remember is if you suspect your Mac is infected, don’t worry; it can be fixed. Hope your Mac stays virus-free, and may you never click on those scary Mac alerts again.

Laptop with CleanMyMac
CleanMyMac X

Your Mac. As good as new.