Most Mac users used to believe that the macOS is safe from viruses and malware that commonly affect other operating systems. However, we now know that this is not true. Virus attacks targeting macOS have been reported over the years, proving that Apple products aren’t immune to malicious software infections.
Some of these attacks included:
- The >Flashback malware, which affected more than 600,000 Macs in 2012.
- The OSX/KitM.A virus, which took screenshots of the affected computer’s desktop and uploaded them to several websites.
- The OSX.Proton in 2017, which took advantage of a vulnerability in the macOS Keychain app.
- Last year’s snooping malware called OSX/Mami, which spied on the infected computer’s internet traffic.
These attacks prove that even macOS can also be vulnerable to phishing scams, trojan horses, and online fraud. In fact, some researchers have specially created a malware to prove that macOS is not omnipotent. In 2015, researchers created Thunderstrike 2, a firmware worm that is almost impossible to detect and get rid of. The malware only needs a few seconds to attack the extensible firmware interface of the infected Mac during boot up, and the device will remain infected even if the hard drive is wiped clean and the macOS is reinstalled.
Running an antivirus software is not enough to get rid of these pesky viruses and malware. You need to do a deep clean of your computer to make sure that all malicious software is completely removed from your system. Some Mac users go as far as resetting their computer to their factory settings to get rid of the virus.
Will a Factory Reset Remove a Virus?
This is a question Mac users have been wondering about for a long time.
Can a virus survive a factory reset on Mac? The answer is Yes and No. It depends on what virus or malware your Mac is infected with.
Common malware and viruses can be easily removed by antivirus applications. Some are harder to deal with, such as bootkits which infect the boot sectors of your Mac and viruses that target your Mac’s Extensible Firmware Interface or EFI (equivalent to BIOS in Windows OS). There are also viruses that infect computer-related hardware such as routers, phones, and printers, which are quick to spread and difficult to get rid of completely.
Doing a factory reset might seem like a good idea if your Mac is infected. But even this does not guarantee that your system will be 100% clean. There are several viruses that are so persistent that they can survive a factory reset and reformat of the drive.
For example, some Mac users reported being plagued by the MyCouponize adware on Safari even though the device has been reset. Others continue to experience performance issues even after purging the malicious software from their Macs. This is a testament to how viruses and malware are becoming more resilient and more intelligent over the years.
So if you’re thinking that resetting your Mac will completely get remove the virus on your computer, then you’re in for a surprise. Resetting your Mac to its factory settings might get rid of those uncomplicated viruses, but it won’t work on highly complex ones. So what do you do when you suspect your Mac to be infected by malicious software?
How to Remove Virus or Malware From Mac
Some of the symptoms of a computer virus or malware infection are:
- Slow startup and sluggish performance
- Insufficient storage space
- Unexpected pop-up ads or messages
- Heavy RAM and hard drive activity even during inactivity
- Missing files
- App crashes and error messages
- Hijacked emails
- Too much network activity
Any of these signs could indicate a virus or malware infection. If you suspect your Mac is infected, here are the steps that you can do:
Step 1: Disconnect Your Mac From Your Home or Office Network.
Remove all connected computer peripherals such as mouse, USB keyboard, printer, speakers, and flash drives. This is to prevent the spread of the infection in case you were hit by a hardware-related virus.
Step 2: Uninstall Recently Installed Software.
If you noticed your Mac’s behavior changing after downloading and installing new software, such as an app, extension, or add-on on your computer, then it is possible that the software you downloaded is the root of the infection. Uninstall it immediately and delete all folders associated with the software from the Library.
Step 3: Run a Scan.
Scan your computer for any infection using your antivirus software. Make sure that your antivirus is updated, so that you’ll be able to scan new threats. Follow the software’s instruction to resolve any infections found and get rid of the infected files. Don’t forget to empty your Trash.
Step 4: Clean Up Your Mac.
Use Mac repair app to remove all junk files from your Mac, particularly the infected files that you’ve just deleted.
Step 5: Update Your macOS.
One of the reasons why system updates are crucial is that they usually include security or software updates that help protect your macOS against malicious attacks. Skipping these updates means not taking advantage of the security tools that should add an extra layer of protection to your Mac.
If your Mac was infected, installing all system updates could help get rid of the virus or malware. Follow the steps below to keep your macOS updated at all times:
- Click on the Apple logo in the upper-left portion of the screen.
- Choose App Store from the dropdown menu.
- Click on the Updates tab, then install all available updates.
- Type in your Apple ID and password to proceed with the installation.
You can also configure your Mac to automatically install the available updates so you don’t have to them manually every time. To do this:
- Launch App Store once again, then click App Store from the top menu.
- Choose Preferences to open the settings window.
- Under Automatically check for updates, tick off the following options:
- Download newly available updates in the background
- Install app updates
- Install macOS updates
- Install system data files and security updates
Now, you don’t ever have to check the App Store again for new updates because they will be automatically downloaded in the background and installed overnight.
Step 6: Reset Your Mac and Wipe the Drive.
If the above steps do not work, resetting your Mac is your last option. However, a simple reset is not enough. You need to wipe out your drive completely to make sure no rootkits or bootkits are left lurking in your device.
Follow these steps to reset your Mac and wipe your hard drive clean:
- Sign out of everything: iCloud, Messages, iTunes, and other Apple services.
- Restart your system and once you hear the startup sound, press the Command + R shortcut to boot into macOS Recovery.
- Choose Disk Utility, then click Continue.
- Select the hard drive where your macOS is installed.
- Hit the Erase button at the top of the Disk Utility menu.
- Choose your hard drive format: Mac OS Extended (Journaled) or APFS.
- Select GUID Partition Map under Scheme, then click Erase.
- Quit Disk Utility and re-install a fresh copy of your Mac operating system.
Once you have installed a new version of your macOS, don’t copy over your files from your backup immediately. Scan them first for viruses and malware because they might also be infected. The same goes for apps and files stored in the cloud.
Not all viruses and malware are created equal. Some can easily be removed by deleting the infected files or apps, while others need to be dealt with using an antivirus software. Those that are tough to crack can be removed by resetting the computer to its factory settings.
However, there are special viruses and malware that can’t be eliminated even after a factory reset. If this is the case, you need to wipe your hard drive clean before re-installing your macOS. You can also read implement some preventive measures to protect your Mac from malware and other malicious elements.