How to remove malware from a Mac

Can your Mac be infected with malware? The answer is yes. Even though malware on Macs is quite uncommon due to the built-in security features on macOS, Macs can still be hacked and infected with malware.

One of the signs of a malware infection is a much slower computer performance. If your Mac is running slower than usual, it could either mean it needs an update or a restart, or that it’s been infected. Other than a slowdown in processes, here are other signs you may have malware:

• Unresponsive applications
• Suspicious icons appearing on your desktop
• Random system crashes or freezes
• Annoying pop-ups
• Slow internet connection
• The browser homepage or search engine unexpectedly changes
• Unwanted browser extensions and add-ons
• Random redirects
• Disabled antivirus software or firewalls
• Sudden increases in data usage without a clear reason
• Pop-ups or prompts asking for your password or sensitive information

You can also consult our guide on the signs of malware to figure out if it is actually a malware infection or something else.

If you are sure your Mac has been infected with malware, you should try to remove it as soon as possible. The process of deleting malicious software from your Mac can be complicated because it all depends on the type of malware and how sophisticated it is. Here are the general steps you can take to cleanse your computer:

Before you start removing malware from your Mac, make sure to disconnect it from the internet. This will prevent the malicious software from communicating with its command and control server.

Always back up all important files and data to an external drive or cloud storage before making any changes to your system. This way you will not lose any data while removing malware.

Boot your Mac into safe mode before you deal with malware. The safe mode is a diagnostic mode that can help you determine if the issues you’re experiencing are caused by software that loads when your Mac starts up. In the safe mode, macOS loads a limited set of essential system files and disables some third-party software, including some types of malware.

A lot of malware likes to piggyback off a seemingly innocuous download. To get rid of malicious files you’ve accidentally downloaded, you need to first identify them using Activity Monitor, then remove them. For some of these steps to work, you’re going to need administrator privileges.

1. Open up “Finder.” Click on the “Downloads” option along the left of the window.
2. Open all your recent installation files and look for any suspicious files that look like they don’t relate to whichever program you originally downloaded. Send them all to the “Trash” folder.
3. Click on “Applications” above “Downloads.” Scroll down and open the “Utilities” folder.
4. Click on “Activity monitor.”
5. You’ll see a list of all files and programs your Mac is currently engaged with. Look for anything that you have no knowledge of activating. Double click on the app or program and click on “Quit.” Take note of the name of the item whose processes you just stopped.
6. Go back to your “Applications” and find those troublesome malware files. Use “Command” + f to find those file names instantly. Move them all to “Trash.”
7. Empty the “Trash.”

Open your “Applications” folder and look for any suspicious or unfamiliar apps. If you find any, move them to the “Trash” folder. Lastly, empty the “Trash” to permanently remove the apps.

Open your web browser and review your extensions and add-ons. Remove suspicious extensions and ones you did not install.

Cleaning up browser extensions by restoring the browser settings can help to get rid of some types of malware and unwanted changes caused by malicious browser extensions. When you reset your browser settings, the browser is reverted to its default state, removing unwanted extensions, home page settings, search engine changes, and other alterations along the way.

Here are the instructions on how to restore Chrome, Firefox, and safari browsers to their default settings.

1. Open up the Safari tab along to the top-left of your screen and select “Settings.”
2. Under the “General” tab, double-check and make sure your homepage is still something you chose.
3. Head over to the “Extensions” tab and click on it.
4. Find the list of extensions that you didn’t willingly install and remove them.

1. Open your Chrome app and click on the three horizontal dots to the right of the address bar.
2. When the drop-down menu opens, select “Settings.”
3. In the menu on the left, scroll down to “Reset settings” and click on it.
4. Next, click on “Restore settings to their original defaults.”
5. Read the warning message of what this action entails and, if you decide to continue, click on “Restore settings.”
6. Now open Chrome up one more time and return to the settings. Click on the “Privacy and security” section, then click on the “Site settings” option.
7. Scroll down and click on “Pop-ups and redirects.”
8. Choose the option “Don’t allow sites to send pop-ups and use redirects.”

1. Open Firefox and click on the three horizontal lines in the top-right corner to open Firefox menu.
2. Click on “Help” and select “More troubleshooting information.”
3. In the “Troubleshooting information” window, you will see a section on the right “Give Firefox a tune-up.” Under this section, you will see a “Refresh Firefox” button — click on it.
4. A confirmation dialog will appear. Read the information and click the “Refresh Firefox” button.
5. Firefox will close, and the reset process will begin. It might take a few minutes.
6. A new window will appear informing you about the actions performed during the reset. Click the “Let’s go!” button to start using the refreshed Firefox.

Clearing your cache removes all harmful traces of malware left behind within cached files, making it very challenging for malware to persist or reinfect your system.

1. Open Safari.
2. In the top menu, click on Safari and select “Preferences.”
3. Open the “Advanced” tab.
4. Check the box next to “Show Develop menu in menu bar.”
5. Select the “Develop” menu and click “Empty caches.”

1. Open Chrome, click on the three vertical dots to open the menu, and select “Settings.”
2. Click “Privacy and security” in the left panel and select “Clear browsing data.”
3. Under the “Time range,” select how far back you want your data to be wiped. Choose “All time” to completely wipe out your Mac’s Chrome cache.
4. In the “Clear browsing data” window, under the “Basic” section, tick all three boxes including “Cached images and files” and click “Clear data.”

1. Open Firefox. In the top menu bar, click “Clear recent history.”
2. Under “Time range to clear,” select “Everything.”
3. In the “Clear all history” window, check all the boxes, especially the “Cache” one, and click “OK.”

Install antivirus software on your Mac, and if you already have one, get in the habit of running it regularly. An antivirus program detects and removes malicious software that might compromise your data and privacy.

After clearing your Mac from malware and viruses, you should take steps to prevent future malware infections. Here are some general cybersecurity safety tips that should keep hackers at bay and protect your Mac:

• Install reputable anti-malware and antivirus software to detect, remove, and prevent your devices and system from infections. And keep the software up to date.
• Turn on Firewall protection. To prevent malware from entering or communicating with your computer, turn on Firewall protection. On your Mac, open the Apple menu, then “System settings,” click “Network” in the sidebar, then click “Firewall” and turn it on.
• Keep your macOS up to date. Make sure to regularly update your Mac’s operating system and all software to patch any vulnerabilities that hackers might abuse to infect your system.
• Check your “Downloads” folder whenever you install a new program. If you find any suspicious files or apps that arrived with a seemingly innocent download, find out if they’re legitimate and delete them at once if they’re not.
• Be careful with ads, emails, and links. Never press on any links in suspicious ads or emails from unfamiliar senders to prevent being directed to malicious websites. And never download suspicious files from unknown sources as they could be malware-ridden.
• Use a VPN for Mac. It will encrypt your traffic and protect you from snoopers. NordVPN also offers the Threat Protection feature that helps you identify and protects you from malware-ridden files, stops you from landing on malicious websites, and blocks trackers and intrusive ads on the spot.

Following these tips together with a robust antivirus program will guarantee a bug-free Mac.

FAQ

Is it possible for a Mac to have malware?

It is possible for a Mac to get infected with malware. Due to built-in security features, macOS devices get infected less often then Windows devices, but it’s not impossible. If you download suspicious files from unknown websites, don’t install operating system and software updates, don’t use any antivirus software or a reliable VPN service, and use public Wi-Fi, your Mac can get infected.

How can I remove malware from my Mac for free?

You can remove malware from your Mac for free by taking these steps, described in this article: disconnect your computer from the internet, boot your Mac into safe mode, identify and remove suspicious programs and apps, delete unknown browser extensions, reset your browser, and clear the cache. You can also run an antivirus software if you have one.