How to Remove Malware from MacBook | Protection From Malicious Attacks in 9 Simple Steps

Contrary to a popular myth, calling Macs malware-free is a misnomer. These machines are on the receiving end of large-scale adware, scareware, and spyware attacks. To top it off, crypto mining viruses and ransomware focused on this ecosystem are on the rise, too. Apple’s Gatekeeper, XProtect, and app notarization features are incredibly effective in blocking predatory code, but malicious actors are getting better at bypassing these defenses.

Mac Malware 101

Most instances of MacBook contamination happen because of users’ blunders that range from green-lighting malicious application bundles to falling for deceptive pop-up ads on junk websites. Once inside, malware may harvest sensitive data from your financial or accounting software, for example. Malware may also display exaggerated reports about security and performance issues, hold the victim’s files to ransom, take over the web browsers, and do many other nasty things.

The silver lining is that the world of MacBook threats is dominated by nuisance apps rather than deleterious malware. Things like Yahoo search malware that inject unwanted advertisements or redirect its victims’ browsers to junk sites is the name of the game. The bad news, though, is that these culprits are increasingly persistent due to their deep system footprint. In other words, they resist commonplace software uninstall methods and re-infect computers unless the cleanup is thorough enough.

No matter what kind of harmful software has cropped up inside a MacBook, the following tips will help disinfect the system and put it back on track.

Malware Removal from MacBook – Best Practices

It is important to understand that Mac malware is always manifested as a specific dubious application or a double-dealing browser plugin. Therefore, the cleanup comes down to finding and eliminating this item along with its file traces. The steps below will show you how.

Step 1. Stop the Malicious Process

  • Click the “Go” button in your MacBook’s menu bar, select “Utilities” in the pull-down list, and open the Activity Monitor.

  • Look for a suspicious process. Focus on the items that create multiple threads, have unfamiliar icons, and hoover up a good deal of CPU and memory resources.

  • If you find the unwanted process, click the “X” button in the upper left-hand section of the Activity Monitor app and then click the “Force Quit” button on the confirmation dialog.

Stopping the Malicious Process

Step 2. Uninstall the Rogue App

  • Click the “Finder” icon in your Dock and select “Applications” in the sidebar.
  • Spot a dodgy-looking app with a recent installation date and move it to the Trash.
Uninstalling the Rogue App

Step 3. Delete Malicious LaunchAgents and LaunchDaemons

  • Expand the “Go” menu once again and pick “Go to Folder”.
  • Enter ~/Library/LaunchAgents in the search box and hit the Enter key.
  • Check the LaunchAgents folder for recently added dubious *.plist files and delete them.
  • Use the “Go to Folder” feature to open the following directories: /Library/LaunchAgents (without the tilde symbol), /Library/LaunchDaemons, and ~/Library/Application Support. Examine their contents and remove suspicious files and folders.
Deleting Malicious LaunchAgents

Step 4. Purge Unwanted Login Items

  • Click the “gear” icon in your Dock to open System Preferences.
  • Select “Users & Groups”, and hit the “Login Items” tab.
  • To make changes, click the padlock symbol at the bottom left of the window and enter your admin password. Then, select the offensive app and click the “minus” sign to remove it from the list.
Purging Unwanted Login Items

Step 5. Vanquish a Malware-Cropped Device Profile

  • When on the System Preferences screen, pick “Profiles”. This item may not be there if no configuration profiles have been installed on your Mac. However, most Mac threats abuse this feature to gain persistence.
  • Click the “Profiles” icon if listed, select the malicious profile, and make it vanish by clicking the “minus” sign.

Step 6. Empty the Trash Folder

  • Right-click the Trash icon in your Dock and select “Empty Trash” in the contextual menu as illustrated below.
  • When a dialog pops up, confirm that you want to clear the contents of the Trash folder.
Emptying the Trash Folder

Step 7. Clear Sketchy Data in Safari

  • Open the browser, expand the Safari menu, and select “Preferences”.
  • Hit the “Advanced” tab and make sure that the option saying “Show Develop menu in menu bar” is enabled.
  • Open the “Develop” list in the menu bar and select “Empty Caches” as shown in the following image.
Clearing Sketchy Data
  • Click “History” in the Safari menu and select “Clear History”. Keep the default “all history” option enabled and click the “Clear History” button on the confirmation alert.

Clearing history
  • Open the Safari Preferences interface again, click the “Privacy” tab, and select “Manage Website Data”.
  • Pick “Remove All” to erase the information stored by websites you have visited. Click “Done” to confirm.
erasing the information
  • Restart Safari.
  • Step 8. Reset Google Chrome (if Hijacked)

    • Open the browser, click “Customize and control Google Chrome” at the top right, and choose “Settings”.
    • Click “Advanced” in the left-hand toolbar and select “Reset settings”. Click the “Restore settings to their original defaults” option and complete the procedure by hitting “Reset settings” one more time.
    Reseting Google Chrome
  • Restart Chrome.
  • Step 9. Reset Mozilla Firefox (if Impacted)

    • Open Firefox, click the menu button, go to “Help”, and select “More Troubleshooting Information”.
    • Click the “Refresh Firefox” button and confirm that you want to reset the browser to its default settings.
    Reseting Mozilla Firefox
  • Restart Firefox.
  • The Bottom Line

    Safeguarding your MacBook against malware proactively will save you the hassle of going through cleanup that gets complicated at times. The number one sign of proper vigilance is to avoid freeware installers hosted on unofficial resources. These items often turn out to be packages that cloak dangerous applications.

    Also, ignore software update recommendations popping up on websites and do not download email attachments – these are notorious contagions and should be treated as such. If you have slipped up and unwittingly allowed malware to raid your MacBook, use the steps above to sort out the problem.