Best ways to remove malware from Mac

7 min read

For a long time, viruses were foreign to Mac users. Macs weren’t always immune, but hackers weren’t bothering with Macs, and in-built security features kept Macs safe. With the Mac gaining in popularity, that’s no longer the case.

Between Gatekeeper – which blocks software that Apple hasn't approved and that can’t run on your Mac without your approval – and macOS running on Unix which comes with multiple security layers, known viruses, malware, and adware have a hard time getting into Macs.

Macs even have a malware scanning tool, running silently in the background, known as Xprotect, which scans everything downloaded to make sure it's not malware. Apple even has a constantly updated list of malicious software which are all blocked from finding their way into the Mac ecosystem.

But malware can still get through, and built-in macOS or OSX malware removal may be inadequate. Here, we’ll show you how to find malware on Mac computers, how to remove malware from Mac software (including how to remove malware from Mac Safari), and some free malware removal Mac apps you’ll love.

What is Malware?

A basic definition of malware is it’s any software meant to do harm to your computer, server, or network. That used to be fairly easy to narrow down, as malware was meant to actually destroy a computer by overclocking it or adding more malware to slow the machine down until it was useless.

Now, malware can be many things, and often doesn’t do harm to your machine or network at all. Malware in 2021 can be used for anything from monitoring keystrokes to using your machine’s processing power and network access to mine cryptocurrency without your knowledge. A more contextual description of malware is it’s software that performs tasks you wouldn’t have authorized yourself.

How can I find out if my Mac is infected?

The golden days when Macs were free from viruses and malware are over. In the last few years, there has been a 200% increase in Malware on Macs, and the App Store is now fighting to find and remove hundreds of scam apps and software; both are issues that didn’t really exist a few years ago.

Macs can now get infected with adware and malware. Watch for a Mac that is starting to unexpectedly slow down, overheat, or just plain act strangely. Unexpected behaviour is a red flag. You might want to run a scan and make sure that you aren't infected, then delete the offending malware, ransomware or another piece of malicious software.

Some Mac viruses, trojans and other malicious pieces of software don't alert the user to what they are doing. Those items can sneak in, thanks to hackers who steal authentic Apple digital signatures from professional developers or when hidden inside email attachments. They also gain entry via popular software like Adobe Flash or other legitimate pieces of software that Apple has already approved. These are just a few of the ways viruses can get inside your Mac before they get to work stealing and transmitting passwords, iPhone backups, bank details, and other data.

Now that you’re aware of these threats you probably feel like giving your Mac a scan to ensure it’s safe from cybercriminals. Thankfully, there are a few ways you can do this quickly and easily without interrupting your working day or taking it to an Apple Genius Bar.

How to remove malware from Mac

Know this: malware is constantly evolving, so routine checks and maintenance is a great idea. You should also find a good service that updates its list of known malware often so you feel confident your scanning tools are monitoring for the most threats possible. Sometimes, knowing how to get rid of malware on Mac is as simple as owning the best software for the job.

Check Activity Monitor

You can use Activity Monitor to scan for malware, viruses, and other malicious software, but tread lightly. Activity Monitor does a good job of telling you what’s using your Mac’s resources, but is not Apple malware removal software. 

To use Activity Monitor, simply open the app, which is included with every Mac. It will immediately show you what’s using your resources. Using it as a malware detection tool is only useful when you know what you’re looking for; not all oddly-named processes are malware. Sometimes, a browser like Chrome has services running for necessary purposes. 

Activity Monitor also doesn’t remove malware. For that, you need something better.

The easiest way to get rid of malware on mac - Using CleanMyMac X

CleanMyMac X is an app every Mac owner should have. It keeps tabs on your macOS system, and offers a routine cleaning service to make sure your Mac is operating at its peak. One of it’s best tools is malware detection and removal. Here’s how to clean malware from Mac with CleanMyMac X:

  1. Open CleanMyMac X on your Mac
  2. On the left side of the window, select “Malware Removal”
  3. On the bottom of the window, select “Scan”

CleanMyMac X has a constantly updating knowledge graph for malware, so the chances something will sneak past it are really limited. It also scans your entire system in seconds, and tells you about items it thinks may be malware. Again, if you know something to be safe, don’t remove it – but CleanMyMac X is pretty smart, so this isn’t really a concern.

malware removal cleanmymac

Find malware in Login items

A login item is typically benign software an app loads because it wants to operate in the background every time you log into your Mac. These items may be very simple operations like cloud sync to Google Drive or Dropbox, or some applications that allow you to create custom keyboard shortcuts locally. Both of those are examples of things you’d likely want running at login.

Other times, login items are less necessary, and can house malware. Some applications even use login items as covers for straight-up malware – like cryptocurrency miners.

There are two ways to check to see which login items you’ve got active on your Mac. The first is via System Preferences:

  1. In your Mac’s menu bar, select the Apple logo on the top left
  2. Select “System Preferences”
  3. Select “Users & Groups”
  4. Select “Login Items”

This shows you all of your Mac’s login items. From there, you can select the items you want to disable or remove.

A better way is with CleanMyMac X. It shows a much more thorough list of login items, and even lists launch agents right next to it (we’ll get to that in a bit). Here’s how to check login items on your Mac using CleanMyMac X:

  1. Open CleanMyMac X on your Mac
  2. Select “Optimization” on the left side of the window
  3. Select “View All Items”
  4. Select “Login Items”

From here, you can quickly disable or remove the login items you want to manage. Where our Mac only showed two login items, ClanMyMac X shows a dozen or more. It’s incredibly thorough!

login items removal mac

Uninstall unknown apps

Apps you don’t want on your computer can also be causing it to slow down. Finding and removing them is often important.

From your Mac’s applications drawer, you can long-press on an app to bring up the familiar iOS-like icon wiggling, where you can simply click the “x” next to apps ready for removal. This is the simplest method for removing an app, but often only scratches the surface; usually, an app’s files are left behind, where malware can hide. 

A better option is, again, CleanMyMac X! It has an “Uninstaller” module that helps you clean apps from your Mac with ease. We especially enjoy that it segments apps by developer; if you decide you no longer want Google in your life, CleanMyMac shows you all of your Google apps in one single list.

One of the features that really sets it apart is its “Leftovers” module within the uninstaller. It discovers and offers to remove leftover files. As you can see in the screenshot below, Cisco’s Webex left behind files when it was deleted. No thanks! All you have to do is select the files you want removed, and click “Uninstall” at the bottom of the window.

delete leftovers

Remove malware from browsing extensions (Safari, Google Chrome, Firefox)

Now that you know about malware removal Mac computers have another place to look: browsers.

Browser extensions run when a browser is being used, but for most of us, that’s just about all day, every day. Browsers are basic tools to access the internet, but can be very powerful, too.

If you use Chrome, extensions can be managed by selecting “Window” in the Mac menu bar when Chrome is open, then “Extensions.” This takes you to a dedicated page in Chrome where you can disable or remove extensions.

In Firefox, you can select “Add-ons” from the settings menu in the top right of the browser window, then “Extensions” from the list on the left side of the browser window. This page allows you to disable or remove extensions.

In Safari, extensions are a bit tougher to get to. You have to select “Safari” from the menu bar, then “Preferences.” In that window is a tab named “Extensions” where you can disable or uninstall your extensions. 

Not all extensions are bad – and not all trusted extensions are good! A great way to know if an extension is doing more than it should is to use iStat Menus, an app that monitors your Mac performance, including browsers and extensions.

Computer performance is an indicator of malware, and iStat Menus gives you a real-time look at what apps or extensions are using resources on your Mac, then offering to delete them. 

manage browser extensions mac

Agents and Daemons

Like login items, agents and daemons are bits of code packaged with apps meant to operate behind the scenes. Agents and daemons run on bootup; the difference is, daemons run on a system-wide level, while agents are restricted to operating with apps.

It’s important to keep an eye out for these two items when looking for malware. Daemons can be especially tricky because they tend to hide deep in your Mac’s filesystem, and operate at such a level they remain undetectable. 

Keep in mind not all agents or daemons are bad. Like login items, they’re typically useful, and necessary. In the screenshot below, we’ve highlighted a few daemons running on the system, none of which are cause for alarm! But it’s also worth knowing what to look for; daemons often have names ending in ‘d’ or, as with iStat Menus, are named ‘daemon’ properly.

mac daemons monitor

How to protect your macOS from malware

Routine checks with CleanMyMac X help keep your machine free of malware, and routine backups of a cleaned up Mac can help when you need to reboot from a backup. Once you’ve got your system in perfect working order with CleanMyMac X, Get Backup Pro is your best option for creating bootable, compressed backups for Mac. 


Malware is nefarious; there’s just no such thing as ‘good’ malware, which is why it’s critical to keep your Mac scanned and cleaned up. Weaving CleanMyMac X, iStat Menus, and Get Backup Pro into your workflow helps you monitor, clean, and save backups of your Mac with ease.

All three apps are available for free as part of a seven day trial of Setapp. You will get access to nearly 200 great Mac apps during your trial period, and continued access is only $9.99 per month once the trial ends.

Get 230+ Mac apps for any job

Sign up to Setapp and try them for free.