Security

How To Remove Viruses and Malware From Your Mac

By Yana Khodun
Updated: May 17, 2023 Published: January 29, 2021

In this article you will find the following:

Despite what some people say, Macs can and do get viruses and other malware. If it happens to your Mac, you might notice it working slower than usual. Mac malware might also cause system instability or other unpredictable behavior, including problems with your web browser.

 

If your Mac is infected with malware, how do you remove it and give your system a clean bill of health? In this guide, we’ll explore some of the most practical Mac malware removal measures you can take.

 

Before we start
 

As well as malware, you might want to check your Mac for adware too. MacKeeper’s adware cleaning tool means you can do that in just a few clicks.  

  1. Open MacKeeper, and select Adware Cleaner
  2. Click Open
  3. Click Start scan
  4. If anything is found, you can now delete it.

MacKeeper also offers StopAd, an ad blocking feature for Chrome and Safari. Download MacKeeper, and try these and other features out for yourself.

How to tell if your Mac has a virus

In some cases, malware will do its best to remain undetected. If criminals are using it to steal your data, they don’t want you to notice too soon, so they won’t make it obvious. But in some cases, malware is designed to disrupt you and make a nuisance of itself. And sometimes, the signs of malware can be purely accidental, a side-effect that the virus coders never intended.  

Warning signs your Mac has a virus

  • An unusually slow Mac, particularly if the slowdown happens suddenly
  • Your Mac freezes up or restarts unexpectedly
  • Your web browser changes its home page and/or search engine
  • Files and folders won’t open
  • Frequent error messages pop up on your Mac
  • One or more processes take up all your RAM and/or CPU resources
  • Disk space mysteriously disappears.

But although these kinds of symptoms can result from viruses and other malware on your Mac, that’s not the only reason for them. Sometimes, there are legitimate reasons, like background downloads or software conflicts. So if you’re looking to remove malware from your Mac, you need to work out if there’s actually anything to remove at all.

How to remove malware from Mac

Now that you know how to detect the malware on your Mac, it's time to discuss how to remove it.

Check the Activity Monitor for anything suspicious

If your Mac is playing up and you suspect malware, one of the first things you should do is check the Activity Monitor. This built-in macOS tool will show you what’s running on your Mac, including in the background. If anything is taking up a lot of CPU cycles or RAM, it could be malware, and you’ll be able to see it here. So you should always make this one of your first steps in Mac malware removal.

 

Here’s how to check Activity Monitor for macOS malware:

  1. Open Activity Monitor from Applications > Utilities  
  2. Click the CPU tab, then click the % CPU column to sort processes by most CPU used
  3. Look for processes you don’t recognize that are using a lot of processing power
  4. Do the same with the Memory tab and the Memory column
  5. Repeat this with the Bytes Written column of the Disk tab
  6. Finally, click the Network tab and sort the Sent Bytes column.
Open Activity Monitor from the Utilities folder
Step 1. Find and open Activity Monitor
Select the CPU tab to check how much CPU cycles takes each app
Step 2. Open CPU tab
Click on the %CPU to sort processes to see which of them take the most of resources.
Step 3. Click % CPU > remove the top-consuming processes
Go to the Memory tab to see how much RAM take all the apps running on your Mac
Step 4. Go to Memory tab > Memory column > repeat the procedure
In the Bytes Written tab you will see the total number of bytes written by the process to the storage device.
Step 5. Do the same in Disk > Bytes Written
In Sent Bytes tabs you can see the amount of data sent by the process to the network.
Step 6. Finalize removal with Network > Sent Bytes

If you spot anything out of the ordinary, take a note of its name, then Google it. In most cases, you’ll be able to find out if it’s a legitimate application or a virus. If it’s malware or something else you don’t want, double-click on it in Activity Monitor and click the Quit button. Then click Force Quit.  

To free up RAM, open Activity Monitor, look for the apps that take most of the memory and close them

Note, though, that stopping a process doesn’t remove it. It might start up again immediately or when you restart your Mac. If the suspicious activity is coming from an app, you might be able to remove it by uninstalling that app. Just drag the app into your trash and then empty your trash. If you’re lucky, this might be enough to remove the virus from your Mac.

Disconnect from the internet  

A lot of malware is designed to connect to the internet. Sometimes, this is because it’s stealing your information and sending it to criminals. Other malware will use the internet to spread further or to send spam emails. In any case, it’s not something you want. So if you suspect your Mac is carrying a virus, you should disable your internet connection. Then you can work on getting rid of the malware.

 

Here’s how to disable Wi-Fi on a Mac:

  1. In System Preferences, click Network
  2. Select Wi-Fi from the sidebar
  3. Click Turn Wi-Fi Off.
Go to the Network from the System Preferences to configure settings to network connection
Step 1. System Preferences > Network
Select the needed Wi-Fi network to see its settings
Step 2. Wi-Fi settings
To disable Wi-Fi click on the Turn Wi-Fi Off button
Step 3. Turn Wi-Fi Off

How to disable Ethernet on Mac:

  1. In System Preferences, click Network
  2. Select Ethernet from the sidebar
  3. Use the Configure IPv4 dropdown menu, and select Off
  4. Click Apply.
Go to the Network from the System Preferences to configure settings to network connection
Step 1. System Preferences > Network
Select the needed Ethernet network to see its settings
Step 2. Choose Ethernet
Turn off the connection by clicking on the drop down menu and selecting Off
Step 3. Configure IPv4
Click on Apple button to confirm changes
Step 4. Confirm to Apply

To be doubly sure you’re not connected to the internet, you could unplug your Ethernet cable. You could also turn off your router, but you’ll probably want to connect to the internet on another device while you fix your Mac.

Delete suspicious browser extensions

If you’re experiencing problems with your web browser, they could be caused by a rogue extension. Remove any recently installed extensions and any that don’t come from reputable sources. Here, we’ll look at removing extensions from the two most popular web browsers Mac: Safari and Chrome.

 

How to remove extensions in Safari:

  1. In Safari, click Safari, from the top menu, and select Preferences
  2. Select the Extensions tab
  3. To remove an extension, click it, then click the Uninstall button.
To start removing extensions in Safari go to Safari Preferences.
Step 1. Safari > Preferences
Select the Extensions tab to see the list of installed extensions.
Step 2. Extensions
Select the unneeded extension and click on Uninstall button to remove it
Step 3. Click Uninstall

Remove any extensions you don’t recognize or which are using a lot of CPU in Activity Monitor.  

 

How to remove extensions from Chrome:

  1. In Chrome, select Window > Task Manager
  2. Sort the CPU column to see if any extensions are using a lot of processing power. Do the same with the Memory footprint and Network columns
  3. Now select Window > Extensions from the menu bar
  4. Look through the installed extensions, and click the Remove button on any that seem suspicious.
To start removing the extensions, you need to see which of them take the most of recourses. Click on Task Manager from the Window tab.
Step 1. Find and open Task Manager
Sort Memory, CPU and Network tabs to see what processes take the most recourses
Step 2. Check CPU, Memory, and Network columns
To remove extensions in Chrome Open Extensions from the Window tab in menu bar.
Step 3. Go to Window > Extensions
Select the unneeded extension and click on Remove button to delete it
Step 4. Remove the redundancy

Boot into safe mode

Sometimes, malware is difficult to remove, because it loads up as soon as macOS starts. But if you boot into safe mode, you might be able to remove this malware, because it’s designed to load only the files and apps macOS needs to run. Safe mode also deletes some system caches, so they can be rebuilt again automatically.

 

How you get into safe mode depends on whether you have an Intel processor or one of Apple’s new ARM-based M1 chips.  

 

How to boot into safe mode on an Intel Mac:

  1. Hold down Shift as soon as your Mac turns on or restarts
  2. When you see the login window, take your finger off the Shift key
  3. Log in using your usual details
  4. You should see Safe Boot in the top-right corner of the login screen.

How to boot into safe mode on an M1 Mac:

  1. Shut down your Mac. Press and hold the power button for 10 seconds
  2. Release it when you see the startup options window
  3. Choose your startup disk, then hold down Shift
  4. When prompted, click Continue in Safe Mode and release the Shift key
  5. Log in, and you should find your Mac in safe mode.

To check safe boot is on, click the Apple logo in the top-left of your screen, then go to About This Mac > System Report > Software. Check Boot Mode says Safe.

To check if you are in a Safe Mode click on System Report from the About this Mac settings.

If your Mac is now running normally, then there’s either malware on it that doesn’t load in safe mode, or you have some other kind of software-related problem. Provided you know what you’re looking for, you can try deleting suspicious files, extensions and so on.  

 

When you’re done, reboot your Mac normally and see if your problem has been fixed.  

Run an antivirus app

Although it’s possible to manually identify and remove malware from your Mac, it’s not the best way to deal with the problem. It’s time consuming and difficult, and there’s a chance you might delete something you need.  

 

A good antivirus app can scan your entire Mac in just a few minutes and check every single file against a vast database of threats and suspicious behavior. MacKeeper Antivirus is one such app, which makes it easy to find and get rid of Mac malware.  

 

How to run an antivirus scan on Mac with MacKeeper:

  1. Select Antivirus from the sidebar
  2. Click Start scan
  3. Wait for the virus scan to complete
  4. Check the results, in case of false positives. Then click Move to quarantine
  5. When it’s done, you can click the Quarantine button to see the quarantined files
  6. Click Select all, followed by the Delete button.
To scan your Mac for malware and viruses, click on the Antivirus tab.
Step 1. Open MacKeeper's Antivirus tab > Start Scan
Enable Antivirus and click on Start Scan to begin scanning your Mac.
Step 2. Wait a little
When the scan is done, click on Move to Quarantine
Step 3. Check these files in Quarantine
You may see the list of quarantined files by clicking on the Quarantine button in Antivirus tab.
Step 4. Check these files in Quarantine
You may put the checkmark near the files you want to remove and click on Delete
Step 5. Find and delete

Dealing with ransomware

Most malware can be dealt with using the steps we’ve already outlined – particularly using an antivirus app. But removing ransomware from a Mac can be much more difficult. Ransomware encrypts data, demanding you pay a ransom to get an unlock code, which may or may not even work. In some cases, ransomware can lock certain files or folders, in which case you might be able to remove it using the methods above.

 

But if it encrypts all of macOS, you might not even be able to log in – even in safe mode. Unless you want to risk paying the criminals holding you hostage, there’s not much you can do, other than start again.

 

How to deal with ransomware on a Mac:

  1. Back up anything you can, if it’s not encrypted by the ransomware. Only back up to an empty drive, because ransomware can spread onto external drives
  2. If you’re able to, use antivirus like MacKeeper to remove the ransomware
  3. In the event that you can’t get into macOS, wipe your Mac and do a fresh installation of macOS
  4. Restore any backed up files you might have, from cloud services, external drives or Time Machine
  5. Install antivirus.

How to prevent malware from getting onto your Mac

Prevention is, of course, better than cure. If you take the right precautions, you might never have to remove any malware from your Mac.

 

Here are a few ways to protect your Mac from viruses and other malicious software:

  1. Don’t open email attachments from people you don’t know
  2. Don’t visit websites you don’t trust
  3. Avoid piracy websites and services
  4. Use unique, strong passwords
  5. Buy apps from the App Store where possible
  6. Use antivirus with real-time protection
  7. Use an ad blocker to stop your web browser downloading dangerous files
  8. Just in case, back up your important files regularly.

A warning on manually removing malware

You should always be very careful about manually deleting malware from your Mac. It’s all too easy to delete the wrong thing and end up making your Mac worse. In some instances, you might mistake a normal process for a virus and then damage macOS for no reason.

 

If you’re at all unsure, we recommend consulting with an expert. You might be able to speak to Apple itself, if your Mac is under warranty. Plus, Apple’s user guides cover subjects like how to protect your Mac from malware, so you can dig in for more details. We also suggest you try our professional customer support help—MacKeeper’s Premium Services—as an alternative to quickly solve your user's concern. For complicated issues, you can also resort to third-party repair shops.

To have your Mac serviced by the professional customer support use the MacKeeper Premium Services.

For most people, simply being careful about what you download and what sites you visit, combined with an antivirus app, will be enough to steer clear of malware. But if you do need to remove a virus from your Mac, don’t panic. If you’ve been backing up, you can always factory reset your Mac and start again.

 

Read more: 

Written By

Yana Khodun

A content lover who aims at telling MacKeeper’s story to the rest of the IT world. Ready to love Apple apps with me?

A content lover who aims at telling MacKeeper’s story to the rest of the IT world. Ready to love Apple apps with me?

Use your Mac to the fullest! Sign up and get:
Effective tips on how to fix Mac issues
Reliable advice on how to stay safe online
Mac-world news and updates

Thank you!

You’ll love exploring your Mac with us.

Oops, something went wrong.

Try again or reload a page.

Here’s another sign you need to upgrade your macOS ASAP:

30% off your MacKeeper subscription

Сopy the code now and use it in the MacKeeper checkout after the upgrade.

Copy Code

Please be aware that this code cannot be combined with any other discounts, offers, or promotions.

PC

MacKeeper - your all-in-one solution for more space and maximum security.

Try Now

Contents

Scan you Mac for malware and enable real-time protection to stay safe.

Start Now

Download MacKeeper when you're back at your Mac

or

Please enter your email so we can send you a download link

Check your email on your Mac

Install MacKeeper on your Mac computer to rediscover its true power.

Great! MacKeeper downloaded.

Now let’s install it on your Mac.

Here’s your download. Just click it to get started!

1. Open

Click above to open the MacKeeper file from your Downloads

first install step

2. Install

Select Continue to begin the installation

second install step

3. Complete

Hit Install to complete the installation

third install step

4. Enjoy

MacKeeper is all set to optimize your Mac

fourth install step