How to remove malware and viruses from Mac

9 min read

It has been a long time since we believed that Macs cannot get viruses. They do get infected with malware or other nasty threats, just like any other device, despite Apple's best efforts to prevent it.

But is there a difference between malware and viruses? Essentially, malware is an umbrella term for any kind of malicious software that performs unauthorized tasks on your device. It can include stealing sensitive information, tracking keystrokes, unauthorized network access, or geolocations. On the other hand, a virus is just one specific type of malware.

Here are some of the latest Mac-specific threats:

Exploit HVNC — hackers use this new malware to remotely control Macs without their owners even knowing it.

ShadowVault — designed to steal sensitive data, such as credit card information, passwords, usernames, and crypto wallet data.

XMRig — cryptominer distributed via pirated copies of Final Cut Pro. 

So, for all Mac users, the best strategy is early Mac malware prevention instead of fixing the infected Mac. And knowing how to secure your Mac, spot the signs of a malware infection, and how to get rid of malware on a Mac is essential to keeping your Mac as good as new. 

How to spot malware on your Mac?

As a rule, aggressive malware comes in all shapes and sizes depending on the end goal it was created to attain. While some bring chaos and disruption, others silently steal information. There are also ones that are simply byproducts of a virus. 

So, when it comes to detecting malware, it's not always that straightforward. Watch out! Any sudden unusual behavior is the first red flag. Here are the common signs of a malware attack:

  • Your Mac becomes very slow for no reason.

  • You're missing or are not able to open files and folders.

  • Your device repeatedly restarts.

  • Your search engine homepage is different.

  • You notice new plugins installed in your browser.

  • You suddenly start losing RAM.

Have you found something suspicious? Head to the next section to learn how to get rid of malware on your Mac. 

How to remove viruses and malware from your Mac?

Introducing my fail-proof Mac virus removal tips to help you safely remove malware from your device. 

1. Disconnect from the internet

If you suspect malware, the first step is to disconnect from the internet immediately. The majority of malware uses the internet connection to easily transfer data into a hacker's hands. Disconnecting from the internet will immediately stop malware from stealing data, giving you time to spot and remove suspicious software.

Select the Wi-Fi icon from the top menu bar and toggle your Wi-Fi off. Done! 

Disconnect from the internet

2. Scan for malware

Certainly, the most efficient way to find and remove malware is using the Apple notarized app — CleanMyMac.

Its Protection feature offers real-time protection from malware and virus threats. CleanMyMac has a powerful in-depth scan designed for macOS that locates and removes malware in just a few clicks.

Here's how to clean your Mac of viruses:

  1. Open the application — download the free version here.
  2. From the sidebar, select Protection and click Scan.
  3. Once complete, click Remove if malware is found to safely delete it. 

Another reason I recommend using this handy app is that the malware database is updated once a week. So the chances of something sneaking into your Mac are pretty limited.

And last but not least, I'm a huge fan of CleanMyMac UI/UX design, particularly navigation and menu features. It allows you to get a quick visual overview of your Mac's health and see what fixes have to be done immediately. Simply run a Smart Care scan.

If you're not a fan of third-party applications, no problem. There are plenty of other useful tips below to help you locate and eliminate malware.

3. Remove suspicious applications

Remember, this method of uninstalling often leaves app traces behind. If you have CleanMyMac installed, use the Uninstaller tool to clean up those traces once and for all. Follow these steps:

  • Open the application and select Applications from the sidebar.
  • Click Scan > Manage My Applications > Leftovers.
      Leftovers in the Uninstaller module of CMM  
  • Choose unneeded apps and click Uninstall.

If you want to try and hunt down leftovers manually, here's a step-by-step guide on how to delete app leftovers from Mac.

4. Check your browser

The fourth option to get rid of viruses on your Mac is to audit your browser for any offbeat extensions and plug-ins. You'd also need to verify your browser's homepage and search engine.

Browser hijacking is a popular type of malware. Once downloaded or installed, it can take complete control of your browser, changing your homepage or bombarding you with unwanted ads (also known as Adware). Hijackers can also try downloading files on your device to track your activities or steal data.

So keep an eye on your browser settings!

Chrome extensions checkup:

  1. Open Chrome and, from the top menu, select Window > Extensions.

  2. Here, you will find all your extensions. Choose the ones you don't recognize and click Remove to uninstall them.Chrome extensions

Safari extensions checkup:

  1. Open Safari, select the Safari main menu > Settings > Extensions.

  2. All your Safari extensions are listed here. To remove those you don't recognize, click Uninstall.

Remove extensions from Safari

Firefox extensions checkup:

  1. Open Firefox, then click the main Firefox menu > Settings > Extensions & Themes.

  2. Your installed extensions will be listed under Enabled. To remove, select the three dots and click Remove.Firefox extensions

Now that you've checked extensions, it's time to verify the homepage and search engine:
  • Chrome: go to Settings > On startup and then Settings > Search engine.
  • Safari: open Settings > General and Settings > Search > Search engine. 
  • Firefox: navigate to Settings > Home and Settings > Search.

For each browser, set the homepage and search engine of your preference.

Did you know? Sometimes, viruses and malware pretend to be legitimate software, like a search engine named DuckDuckGo. If you've noticed that you use it instead of Google or any other search engine of your liking, here's an article on how to remove it from Mac.

5. Check Activity Monitor

Another option to uncover malware on your Mac is to use Activity Monitor. This Apple's built-in tool shows all Mac operations in real-time, including the background processes. Use it to detect suspicious software on your Mac. Here's how to check:
  1. Open Finder, select Applications > Utilities > Activity Monitor.
  2. Now select the CPU tab from the top and look for unrecognized high CPU programs.
  3. Choose those from the list and click X.Activity monitor
  4. Repeat this process in the Memory tab.

6. Locate login malware

And here comes tip number five on how to get rid of malware on a Mac — check your login items for any unrecognized applications.

Login items are applications that launch when we start our devices. Sometimes, malware like cryptocurrency miners can disguise themselves as a login item and launch each time you reboot your Mac.

Here's how you can check login items for malware:

  1. Go to the main Apple menu > System Settings > General > Login Items.

  2. To remove an item, select it, then click the "-" button.

System Preferences - Login Items

7. Check your Downloads folder

Often, malware comes bundled with files downloaded from unreliable sources. Watch out for .dmg files! These are well-known sources of malware. Follow the instructions below to clear out your Downloads folder.

  1. Open Finder and select Downloads from the sidebar.

  2. Select all files, then right-click and click Move To Trash/Bin.

Downloads folder

Don't forget to empty your Trash afterward.

8. Boot into safe mode

Another trick is to boot into safe mode. It is a special mode that loads only the most critical processes, so if there is malware on your Mac, it will not launch at startup. Booting into this mode also makes removing malware easier. The steps for booting into safe mode vary for Apple silicon and Intel-based Macs.

Apple silicon:

  1. Shut down your Mac and wait 10 seconds.
  2. Press and hold the power button until the startup options window shows up.
  3. Select a startup disk.
  4. Press the Shift key and click Continue in Safe Mode.
  5. Release the Shift key.

boot into safe mode

Intel:

  1. Shut down your Mac and wait 10 seconds.
  2. Restart your Mac and press the Shift key.
  3. Release the Shift key after the login window shows up.

boot into safe mode

9. Restore from a backup

If the above tips didn't help to solve your Mac malware issues, try my last tip: restoring Mac from a TimeMachine backup. Here's how:

  1. Make sure you've connected your external TimeMachine backup drive.

  2. Go to Finder > Applications > Utilities > Migration Assistant. 

  3. Select the "from a Mac, Time Machine backup, or startup disk" option and click Continue.

  4. Now, select the TimeMachine backup you want to use and click Continue.

  5. Select the items to transfer and click "Continue to start the transfer." This could take several hours.Migration assistant

Once the transfer is completed, install legit antivirus software if you still don't have one. 

How to prevent Mac from malware infection? 

Prevention is the ultimate cure for fighting the malware war. So, what can we do to prevent infections? 

1. Keep your Mac updated

Don't skip this step — it can really help you to fight malware. Keeping your macOS updated means that your Mac gets the latest improvements, bug fixes, and upgraded Apple's malware database. 

  1. Select the main Apple menu > System Settings > General > Software Update.

  2. If you have an update waiting, follow the on-screen instructions to install it.

System Preferences - Software Update

2. Download software from trusted sources

In an ideal world, if you only download software from the Apple App Store, you will probably never encounter malware. But if you have to download software from someplace else, make sure it's a trusted source. Think before you hit the download button. Try to avoid random links, junk emails, pop-up ads, and strange requests on social media. 

3. Ignore fake technical help

If you ever receive a phone call from a company — Apple or any other well-known service provider — telling you your Mac is infected, hang up! Apple never makes such calls concerning the malware.

4. Install antivirus software

Although our Macs come preloaded with XProtect (Apple's built-in antivirus tool), it doesn't provide on-demand scans and is limited in terms of its malware database. Why? Because Apple isn't a security company, after all. It's worth investing in some additional protection, especially since there are so many options to choose from. Just take your time and research first to find the software that works for you. 

Just in case, check this article about top 10 malware cleaners for Mac.

I hope you've found these tips useful and your life now is free from Mac malware. And if you haven't caught one yet, you still shouldn't forget about the prevention techniques described in this article.

The general rule is this: when it comes to browsing and downloading, get reliable antivirus software and think twice before you click. Stay safe out there!

Follow us
Blog FAQ