How to remove viruses and malware from Mac
In 2021, Apple’s senior vice president Craig Federighi confirmed that the amount of malware on macOS reached an unacceptable level. Although Apple has invested a lot of resources into strengthening security and privacy on Macs, some types of malware and viruses are sophisticated enough to bypass Gatekeeper. According to Malwarebytes, there has been a 200% spike in macOS-specific malware infections. Sounds scary? Continue reading to discover our Mac malware removal guide.
What is malware
The term “malware” is a broad term for all unwanted intrusions. Although used interchangeably, it’s not synonymous with the term “virus” because the latter is only a model of distribution, i.e., how an app self-replicates. Here are common types of malware you can encounter on Mac:
- Download managers — download unauthorized objects.
- Spyware and keyloggers — steal users’ personal data.
- Backdoor infections — remotely seize control of your computer.
- Rootkit — infiltrate admin privileges.
- Botnet — turn your Mac into a shadow bot.
- Trojan horses — disguise as legit software.
- Ransomware — lock your Mac’s screen.
- PUPs — potentially unwanted programs.
Can a Mac get malware?
Mac computers have long been considered virus-free. They are indeed secure, but as the Apple security features have improved, so has malware. According to Malwarebytes, Macs are mostly attacked by adware and PUPs, which macOS has no counteraction against. So, yes, they get viruses and malware.
How do I know if my Mac has a virus?
Here are some tell-tale signs that your Mac may have been affected by a virus or malware:
- A sudden drop in performance or frequent freeze-ups.
- Pages that you visit get obscured with ads.
- Unexpected Mac reboots or apps starting for no reason.
- Your browser installs suspicious updates automatically.
- Web browser homepage has been changed without your permission.
- Folders and files won’t open.
- You’ve discovered new apps installed without your permission.
How to find and remove viruses from Mac
Regardless of the type of malware, there are common ways to remove malware from Mac — manually or automatically.
How to clean malware from Mac manually:
1. Use Activity Monitor
If you know which app on your Mac is malicious, you’re halfway through the problem. First, close the app and then root it out from the system processes:
- Open Activity Monitor from Applications.
- Locate the problematic app in the list of processes.
- Use the [x] button to quit it.
Now, go back to your Applications and move the app to the Trash. Immediately empty it.
This method is simple, but for the best malware removal results, you’d have to invest a bit more time. There are still parts and pieces of the virus app scattered around your system folders. It’s a bit like killing a dragon that regrows its head after you’ve chopped it off. So, how to remove malware from Mac completely? Uninstall apps.
2. Uninstall apps
If you’ve inadvertently downloaded an app that turns out to be a virus, you need to uninstall it immediately. There are a couple of ways to do this. Here’s the hard way:
- Go to your Applications folder and drag the app to the Trash.
- From Finder, Go > Go to Folder, type ~/Library and look in the Application Support folder for any files related to the app and drag those to the Trash.
- Look in the other folders in ~/Library, especially Launch Agents and Launch Daemons, and remove any .plist files related to the app from there.
- Repeat Step 3 for the main Library folder (/Library).
- Don’t forget to reboot your Mac — until you do, all these files are still in memory.
3. Remove Mac malware from your Login Items
Most adware or spyware will try to sneak inside the bootup process. The good news is that you don’t have to be a magician to prevent this.
- Go to the Apple menu > System Settings > General.
- Open the Login Items tab. Now, use the “—” sign to disable all the suspicious apps that you’ll find. Restart your Mac for the changes to take place.
4. Get rid of pop-up ads on Mac
Advertising pop-ups are browser-related, so whatever browser you are using, be prepared for a thorough cleanup. First off, don’t buy into whatever the ad is telling you. Some scary alerts would mention 343 viruses found on your Mac, forcing you to immediately install a “Mac Defender” or “Mac Security” tool. Just ignore it and don’t click anywhere on the pop-up. Use the [x] button and if it doesn’t close the ad, Ctrl + click the browser icon to quit the browser completely.
How to block pop-up ads in Safari
- Open Safari Settings (in the top menu) > Websites.
- Scroll down to Pop-up Windows at the bottom of the sidebar.
- Block pop-ups for individual or all websites.
How to get rid of pop-ups in Chrome
- Open Chrome Settings (a three-dot icon) > Privacy and Security.
- Go to Site Settings > Pop-ups and redirects.
- Choose Don’t allow sites to send pop-ups or use redirects.
How to get rid of pop-ups in Firefox
- Open Firefox Settings > Privacy & Security.
- Check Block pop-up windows or manage Exceptions.
5. Clean up extensions to remove adware and viruses from Mac
If you’re looking for how to delete malware from Mac, you should also check extensions in every browser you use.
- Go to Safari Settings > Extensions.
- Select an extension and click Uninstall.
- Open Chrome and click on the 3-dot icon in the upper right corner.
- Select More Tools and choose Extensions from the menu that appears.
- Choose any extension you don’t recognize and click Remove.
- Open Firefox.
- Click the 3-line (hamburger) icon at the top right corner.
- Choose Add-ons and themes.
- Click the Extensions tab and remove any you don’t recognize.
- Click the ellipsis and choose Remove.
6. Boot into safe mode
Sometimes, malware can make your Mac so slow that it’s impossible to do anything. Starting up your Mac in safe mode may help. It prevents loading certain software and only runs essential apps and processes macOS needs. It also performs a check of your startup disk and removes some system cache, which may be exactly what your Mac needs.
Boot into safe mode on an Intel-based Mac:
- Restart your Mac and press and hold the Shift key as your Mac starts up.
- When the login window appears, release the Shift key and log in.
- You should see “Safe Boot” in the upper-right corner of the screen.
Boot into safe mode on a Mac with Apple silicon:
- Restart your Mac and hold the power button.
- Release the button when you see the startup options.
- Select your startup disk, then press and hold the Shift key and click “Continue in Safe Mode.”
- Log in to your Mac. You might need to log in several times.
How to remove virus from Mac automatically
While the above steps work very well in lots of cases, sometimes, the Mac virus removal is better with a dedicated app.
There are lots of anti-malware applications available, and many of them are either free or allow you to scan your Mac for free to find out whether you need to take action. Be careful, though. It’s important to choose a tool from a reputable vendor. If you just google “Mac antivirus tool,” some of the results may well be for tools that are themselves malicious.
We recommend using CleanMyMac X. It can identify thousands of malware threats, including adware, spyware, ransomware, worms, and cryptocurrency miners. If CleanMyMac X finds something suspicious, it will offer immediate removal. Here’s how to perform a full system scan:
- Download CleanMyMac X (free download) and open the app.
- Go to Malware Removal tab.
- Click Scan and then Remove.
If all else fails
Below are a few more ideas to help you remove malware from Mac:
- Switch to a different user account and do a full system cleanup.
- Restore your Mac using Time Machine — to the point before it got infected.
- Update all your software, including macOS, apps, and browsers.
How to prevent malware from getting onto a Mac
So, now you know how to get rid of virus on Mac. If you want to learn how to prevent malware, we’ve prepared a few basic tips:
- Closely read all dialogue boxes.
- Get a reliable password manager app.
- Browse anonymously.
- Use passphrases instead of passwords.
- Create an “emergency” bootable external drive for your Mac.
- Whenever possible, browse only secure websites — those starting with https://.
- Avoid clicking suspicious email links, especially if you don’t identify the sender.
- Don’t open any suspicious email attachments.
- Avoid downloading software or data from an unfamiliar website.
- Don’t click strange adverts or pop-ups that appear on websites.
How to protect Mac from malware
Now, as we’ve described how to prevent malware, we want to focus on some protection tips. We’ve covered that in more detail in this article, but here are a few pointers.
Create a new user profile
Usually, viruses are attached to a particular user profile on your computer, and so they are able to seize control of your admin profile. But you can escape the virus and create a new user on your Mac. Don’t worry; you’ll be able to transfer all your important data from one user to another.
- Go to Apple menu > System Settings > Users & Groups.
- Click Add Account and type in your admin password.
- Follow the on-screen instructions to create a new user. Make sure it is an administrator account.
To move your important information from one user to another, do this:
- Click on the Finder > Go > Go to Folder...
- Paste in this: /Users
- Copy the needed files from your old user account to the Shared folder.
Run regular scans
Viruses and malware mask well, so prevention may not be the only way to protect your Mac from malware. Another best practice is to develop the habit of running checks using a dedicated anti-malware app.
If you’re too busy to perform system scans, the app we mentioned earlier, CleanMyMac X, comes with a background scan and malware monitor tools. They not only check your system for malicious activities but also react to any active threats and let you remove them right away.
Here’s how to bring Mac virus and malware protection to a whole new level:
- Install and open CleanMyMac X (free download here).
- Navigate to the Menu app by clicking the iMac icon on the menu bar.
- Go to Preferences (gear icon at the bottom right) > Protection.
- Make sure that all three boxes are checked.
As you can see, there are many different ways to remove a virus from a Mac, depending on how badly infected it is and what kind of virus it is. The main thing to remember is if you suspect your Mac is infected, don’t worry; it can be fixed. Hope your Mac stays virus-free, and may you never click on those scary Mac alerts again.