How to remove viruses and malware from Mac

In 2021, Apple’s senior vice president Craig Federighi confirmed that the amount of malware on macOS reached an unacceptable level. Although Apple has invested a lot of resources into strengthening security and privacy on Macs, some types of malware and viruses are sophisticated enough to bypass Gatekeeper. According to Malwarebytes, there has been a 200% spike in macOS-specific malware infections. Sounds scary? Continue reading to discover our Mac malware removal guide.

What is malware

The term “malware” is a broad term for all unwanted intrusions. Although used interchangeably, it’s not synonymous with the term “virus” because the latter is only a model of distribution, i.e., how an app self-replicates. Common types of malware you can encounter on Mac are download managers, backdoor infections, spyware, keyloggers, botnet, Trojans, ransomware, and potentially unwanted apps (PUAs).

Tip

If you suspect that your Mac is infected with malware, disconnect from the internet and stay offline as long as possible. It may help prevent the further spread of infection and the loss of data. 

Most of the malware removal steps below do not require internet connection, so disconnecting it is an additional precaution. If you choose to skip manual removal steps and jump straight to automatic removal, download the tool we recommend — CleanMyMac X — first and then disconnect from the internet. 

separator-protection

How to remove malware and viruses from Mac

Regardless of the type of malware, there are common ways to remove malware from Mac — manually or automatically. Here is how to get rid of malware on Mac. 

How to clean malware from Mac manually:

1. Use Activity Monitor

If you know which app on your Mac is malicious, you’re halfway through the problem. First, close the app and then root it out from the system processes:

  1. Open Activity Monitor from Applications.
  2. Locate the problematic app in the list of processes.
  3. Use the [x] button to quit it.

Now, go back to your Applications and move the app to the Trash. Immediately empty it.

This method is simple, but for the best malware removal results, you’d have to invest a bit more time. There are still parts and pieces of the virus app scattered around your system folders. It’s a bit like killing a dragon that regrows its head after you’ve chopped it off. So, how to remove malware from Mac completely? Uninstall apps.

Tip: Do a quick search for malware-infected .DMG files within your Downloads. The potential culprits could be recently downloaded files, especially media-related ones. Delete them and empty the Trash.

2. Uninstall apps

If you’ve inadvertently downloaded an app that turns out to be a virus, you need to uninstall it immediately. There are a couple of ways to do this. Here’s the hard way:

  1. Go to your Applications folder and drag the app to the Trash.
  2. From Finder, Go > Go to Folder, type ~/Library and look in the Application Support folder for any files related to the app and drag those to the Trash.
  3. Look in the other folders in ~/Library, especially Launch Agents and Launch Daemons, and remove any .plist files related to the app from there.
  4. Repeat Step 3 for the main Library folder (/Library).
  5. Don’t forget to reboot your Mac — until you do, all these files are still in memory.

3. Remove Mac malware from your Login Items

Most adware or spyware will try to sneak inside the bootup process. The good news is that you don’t have to be a magician to prevent this.

  1. Go to the Apple menu > System Settings > General.
  2. Open the Login Items tab. Now, use the “—” sign to disable all the suspicious apps that you’ll find. Restart your Mac for the changes to take place.

4. Get rid of pop-up ads on Mac

Advertising pop-ups are browser-related, so whatever browser you are using, be prepared for a thorough cleanup. First off, don’t buy into whatever the ad is telling you. Some scary alerts would mention 343 viruses found on your Mac, forcing you to immediately install a “Mac Defender” or “Mac Security” tool. Just ignore it and don’t click anywhere on the pop-up. Use the [x] button, and if it doesn’t close the ad, Ctrl + click the browser icon to quit the browser completely.

Tip: Hold the Shift key when starting a new Safari session. This way, all your previous tabs (including the ad pop-up) will not be reopened.

How to block pop-up ads in Safari
  1. Open Safari Settings (in the top menu) > Websites.
  2. Scroll down to Pop-up Windows at the bottom of the sidebar.
  3. Block pop-ups for individual or all websites.
How to get rid of pop-ups in Chrome
  1. Open Chrome Settings (a three-dot icon) > Privacy and Security.
  2. Go to Site Settings > Pop-ups and redirects.
  3. Select Don’t allow sites to send pop-ups or use redirects.
How to get rid of pop-ups in Firefox
  1. Open Firefox Settings > Privacy & Security.
  2. Select Block pop-up windows or manage Exceptions.

5. Clean up extensions to remove adware and viruses from Mac

If you’re looking for how to delete malware from Mac, you should also check extensions in every browser you use.

Safari
  1. Go to Safari Settings > Extensions.
  2. Select an extension and click Uninstall.
Chrome
  1. Open Chrome and click on the 3-dot icon in the upper right corner.
  2. Select Settings and choose Extensions from the menu that appears.
  3. Choose any extension you don’t recognize and click Remove.
Firefox
  1. Open Firefox.
  2. Click the 3-line (hamburger) icon at the top right corner.
  3. Select Add-ons and themes.
  4. Click the Extensions tab and remove any you don’t recognize.
  5. Click the ellipsis and select Remove.

6. Boot into safe mode

Sometimes, malware can make your Mac so slow that it’s impossible to do anything. Starting up your Mac in safe mode may help. It prevents loading certain software and only runs essential apps and processes macOS needs. It also performs a check of your startup disk and removes some system cache, which may be exactly what your Mac needs.

Boot into safe mode on an Intel-based Mac:
  1. Restart your Mac and press and hold the Shift key as your Mac starts up.
  2. When the login window appears, release the Shift key and log in.
  3. You should see “Safe Boot” in the upper-right corner of the screen.
Boot into safe mode on a Mac with Apple silicon:
  1. Restart your Mac and hold the power button.
  2. Release the button when you see the startup options.
  3. Select your startup disk, then press and hold the Shift key and click “Continue in Safe Mode.”
  4. Log in to your Mac. You might need to log in several times.

How to remove virus from Mac automatically

While the above steps work very well in lots of cases, sometimes, the Mac virus removal is better with a dedicated app.

There are lots of antimalware applications available, and many of them are either free or allow you to scan your Mac for free to find out whether you need to take action. Be careful, though. It’s important to choose a tool from a reputable vendor. If you just google “Mac antivirus tool,” some of the results may well be for tools that are themselves malicious.

We recommend using CleanMyMac X. It can identify thousands of malware threats, including adware, spyware, ransomware, worms, and cryptocurrency miners. If CleanMyMac X finds something suspicious, it will offer immediate removal. Here’s how to perform a full system scan:

  1. Download CleanMyMac X (free download) and open the app.
  2. Go to Malware Removal tab.
  3. Click Scan and then Remove.
Scan completed in malware removal module of CMMX

If malware removal has failed

Below are a few more ideas to help you remove malware from Mac:

How to prevent malware from getting onto a Mac

So, now you know how to get rid of virus on Mac. If you want to learn how to prevent malware, we’ve prepared a few basic tips:

  • Closely read all dialogue boxes.
  • Get a reliable password manager app.
  • Browse anonymously.
  • Use passphrases instead of passwords.
  • Create an “emergency” bootable external drive for your Mac.
  • Whenever possible, browse only secure websites — those starting with https://.
  • Avoid clicking suspicious email links, especially if you don’t identify the sender.
  • Don’t open any suspicious email attachments.
  • Avoid downloading software or data from an unfamiliar website.
  • Don’t click strange adverts or pop-ups that appear on websites.

Tip

You can prevent some malware attacks from happening by disabling JavaScript in your browser. Although it may break certain web pages, your browsing will get more secure.

To disable JavaScript in Safari:

  • Go to Safari Settings > Security.
  • Uncheck Enable JavaScript.

    How to protect Mac from malware

    Now, as we’ve described how to prevent malware, we want to focus on some protection tips. We’ve covered that in more detail in this article, but here are a few pointers.

    Create a new user profile

    Usually, viruses are attached to a particular user profile on your computer, and so they are able to seize control of your admin profile. But you can escape the virus and create a new user on your Mac. Don’t worry; you’ll be able to transfer all your important data from one user to another.

    1. Go to the Apple menu > System Settings > Users & Groups.
    2. Click Add Account and type in your admin password.
    3. Follow the on-screen instructions to create a new user. Make sure it is an administrator account. 

    To move your important information from one user to another, do this:

    1. Click on the Finder > Go > Go to Folder...
    2. Paste in this: /Users
    3. Copy the needed files from your old user account to the Shared folder.

    Run regular scans

    Viruses and malware mask well, so prevention may not be the only way to protect your Mac from malware. Another best practice is to develop the habit of running checks using a dedicated antimalware app.

    If you’re too busy to perform system scans, the app we mentioned earlier, CleanMyMac X, comes with a background scan and malware monitor tools. They not only check your system for malicious activities but also react to any active threats and let you remove them right away.

    Here’s how to bring Mac virus and malware protection to a whole new level:

    1. Install and open CleanMyMac X (free download here).
    2. Navigate to the Menu app by clicking the iMac icon on the menu bar.
    3. Go to Preferences (gear icon at the bottom right) > Protection.
    4. Make sure that all three boxes are selected. 

    It will enable background monitor. If you want to access them, all you have to do is click a little iMac icon in the menu bar and navigate to the Protection pane. But they always run in the background, and keep your Mac safe

    Protection

    As you can see, there are many different ways to remove a virus from a Mac, depending on how badly infected it is and what kind of virus it is. The main thing to remember is if you suspect your Mac is infected, don’t worry; it can be fixed. Hope your Mac stays virus-free, and may you never click on those scary Mac alerts again.


    Frequently Asked Questions

    Can a Mac get malware?

    Mac computers have long been considered virus-free. They are indeed secure, but as the Apple security features have improved, so has malware. Macs are mostly attacked by adware and PUAs, which macOS has no counteraction against. 

    How do I know if my Mac has a virus?

    Here are some tell-tale signs that your Mac may have been affected by a virus or malware: unexpected Mac reboots and freeze-ups, a sudden drop in performance, apps starting for no reason, an increased amount of pop-ups and ads, new apps installed without your permission, and an unexplained change of browser settings (such as search engine or homepage).

    Why is malware dangerous?

    Malware may put your private and sensitive information at risk, not to mention that it significantly slows down your Mac. In the worst cases, it may result in financial loss and identity theft.

    Laptop with CleanMyMac
    CleanMyMac X

    Your Mac. As good as new.