How to Get Rid of a Virus on a Mac

Understand the signs of malware infection and clean up your system

While Macs are less vulnerable to viruses than PCs, they're not immune to malware, adware, and other nefarious online scourges. If you suspect some kind of malicious program has infected your system, here's a look at how to identify the issue and clean up your Mac.

This article addresses general Mac malware troubleshooting practices and should apply to all OS X and macOS systems.

How Do You Know Your System Is Infected?

Your Mac's behavior offers clues and warnings that it's been infected with malware. For example, if the machine starts running much more slowly than usual, or its fans are constantly running, this is a warning sign. Watch for periods where your computer stops responding or suddenly reboots.

If you find browser extensions, toolbars, or plugins you didn't install, notice third-party applications you never asked for, or your browser's settings have mysteriously changed, malware is probably the culprit.

An adware infection will reveal itself with unexpected ads and pop-ups inserted on your desktop, browser home page, or other websites you visit.

In general, consistently odd, unexplained behavior, especially in relation to internet activity, points to a malware infection.

Types of Malicious Software

There's a variety of bugs and malicious software out there that can infect your Mac. While the removal process is generally the same regardless of the exact type of infection, understanding the terms is helpful.

Malware

Malware, short for malicious software, is any kind of software that intentionally harms a computer or performs user-hostile actions. It's a catch-all term that includes adware, which displays unwanted ads; spyware, which tracks the user's behavior; ransomware, which encrypts your user files and demands payment to decrypt them; and Trojans, which seem innocent on the surface but contain hidden trouble.

Potentially Unwanted Software (PUPs)

A potentially unwanted program may actually perform some valuable function, but it comes bundled with unwanted side effects. A PUP might change your home page and search engine, add malware to your computer, or steal your credit card information when you pay for the application's dubious "service." Often, people install PUPs because they were tricked by dishonest ads or clicked through installer steps without reading them. PUPs are the most common type of malware found on Macs.

Virus

A virus is a malware subset that spreads from computer to computer like a disease, attaching itself to other files to infect more and more devices. Viruses use the internet, local network connections, or even USB drives to propagate.

True Mac viruses are virtually unheard of in the wild, but the term has become a generic word for describing any type of malware infection.

How to Get Rid of Malware on a Mac

There are a few steps to take to clean up your system and remove unwanted malware for good.

Kill Running Processes

  1. Open the Activity Monitor.

  2. Look for unfamiliar applications.

    If you're not sure what you're looking for, consult Malwarebytes' list of current viruses and malware for the Mac, or check out a list of older bugs.

  3. If you find malware listed in the Activity Monitor, select the application and then select the Quit Process icon on the left side of the top menu (it looks like a stop sign with an X).

    Screenshot of quitting malware in the Activity Monitor
  4. When asked if you're sure you want to quit this process, select Quit.

Find and Uninstall the Malicious Program

Next, it's time to find and uninstall the unwanted program. Even if you didn't see anything you thought was malware in the Activity Monitor, still go through this process.

  1. Open your Applications folder.

  2. If you know the name of the malware, find the application in the list. If you aren't sure of its name, look for any suspicious program you don't remember installing.

    Pay attention to new folders and recently installed applications.

  3. If you're sure you've found the malware's application folder, right-click and select Move to Trash, or drag it to the trash can.

    Screenshot of moving suspected malware to the trash can
  4. Empty the trash can.

Remove Login Items

Login items are programs that launch automatically when your computer boots. If you see an application's window as soon as you log in to your Mac, that's a login item. Malware often sets itself up as a login item so it can relaunch every time your computer boots.

  1. From the Apple menu, select System Preferences.

  2. Select Users and Groups.

  3. Select the Login Items tab.

    Screenshot of Login Item removal
  4. If you see something on this list you don't recognize, or you see known malware, select the item and then choose the Remove (minus sign) icon on the bottom.

Clean Your Browsers

Many forms of adware and malware install some sort of browser extension or change your browser settings in some way. Most commonly, they change your home page, search engine, or new tab page. Here's how to make sure your browsers are clean.

  1. Go to your browser extension list. In Chrome, select the More icon (three vertical dots), select Settings, and then go to the Extensions tab.

  2. Examine your extensions and make sure you know what each one does.

    Screenshot of Chrome extensions
  3. If you find an extension that shouldn't be there, select Remove.

  4. Next, look at your browser and internet preferences. In Chrome, go to Settings > Seach Engine and make sure the search engine and browser settings are what you want. If not, select Manage Search Engines and remove any unwanted search engines.

    In Chrome, also go to Settings > Default browser and make sure your preferred browser is selected.

  5. Repeat this process for every web browser installed on your computer.

Run a Malware Scan

To make sure you removed every piece of malicious software, run a trusted malware scanner such as Malwarebytes. Malwarebytes will scan your system for any kind of known malware. If any dangerous files are found, they'll be transferred to the Quarantine section, where they can be successfully deleted.

  1. Visit the Malwarebytes website, and select Free Download.

    Screenshot of Malwarebytes Free Download

    In the Malwarebytes free version, you have to run the software manually to remove adware and malware. The paid version automatically blocks malware that tries to access your device.

  2. From the Downloads folder, select the PKG file.

  3. An Install Malwarebytes for Mac window opens. Select Continue a few times to advance.

    Screenshot of Malwarebytes installation
  4. Select Agree to agree to the license terms.

  5. Select Install, enter the local administrator credentials, and select Install again.

    Screenshot of installing Malwarebytes
  6. Select Close when the installation is complete.

  7. Select Get Started.

    Screenshot of Malwarebytes installation
  8. Select Personal Computer and then Use Malwarebytes Free.

  9. Enter your email address if you want to receive updates, and then select Open Malwarebytes Free.

  10. Select Scan to begin scanning for malware.

    Screenshot of scanning Mac for malware with Malwarebytes
  11. Once the scan completes, you'll see a list of found malware or a message stating your Mac is free of malware.

  12. Select Quarantine.

    Screenshot of Malwarebytes found malware
  13. Malwarebytes will remove the problematic files. You may need to restart your computer.

    Screenshot of Malwarebytes finishing scan

Tips on Staying Malware-Free

While macOS comes with some built-in security features, changing your browsing habits is an important component of staying malware-free.

Avoid untrustworthy downloads, especially torrents from sites like BitTorrent. Always be aware of what you're installing. Read every word in an installer to avoid inadvertently agreeing to install unwanted software.

Keep your software up-to-date. In particular, download the new versions of macOS, especially the security updates.