How to find a virus on Mac?

8 min read

2020 saw a silent revolution in the security world, if you haven’t heard. For the first time ever, Macs have surpassed Window computers in terms of malware infections. And Windows has always been a hotbed of malware.

Statistically, there are11 detected threats per infected Mac, compared with 5.8 threats found on an analogous Windows PC.

So if you're wondering how to find a virus on a Mac, this data should be treated seriously. 

Play safe rules for Mac users

Yes, macOS has some pretty good mechanisms to help fight against attacks from viruses and malware, but you'd have to follow the Apple-only rules rigorously:

  • Don’t download apps on torrent sites

  • Only use Apple native services

  • Read notifications before clicking them

If only, right? You simply can't get everything you need to work, game, and create using an Apple-only environment, and even if you did follow the Apple-only guidelines, attacks could still happen. 

Keep reading if you want to know how to find malware on your Mac, how to recognize signs of a virus, and how to remove them.

Where does malware live on your Mac

There are a number of locations on your Mac that may be infected by malware. 

  • Admin preferences pane

  • Applications and launch agents

  • Browser settings

  • Login items

Malware programs will first try to hijack your admin privileges. If a malware app has managed to bypass your admin password or root password, from then on it’s a free ride. The malware will be able to install things, copy itself, change the functionality of apps, etc.

Can your Mac model be infected?

Once upon a time, a very mythical rumor circulated that Macs were impenetrable by viruses and malware. Over the years, that rumor left many Mac users unarmed and vulnerable to attacks.

Macs can get viruses; in fact, in 2019, Malwarebytes said in their official report that they saw a significant rise in 2019 of threats to Macs, an increase of over 400% from the previous year. 

Thankfully numbers have decreased in recent years. Let's take a look at some notorious types of Mac malware and viruses.

Types of malware and viruses

Adware: Although Adware is not technically malware, it's clearly an unwanted and deceitful family of apps. Once installed, it displays unwanted advertisements on your Mac. Adware can collect your browsing history, bombard your Mac with pop-ups, change your browser, and install spyware. Not only is it really annoying, but it can cause lasting damage to your Mac. It will make using your Mac unbearable and can cause crashing and unresponsiveness. 
Confirmed names: Genieo, VSearch, Crossrider.

PUPS (Potentially Unwanted Programs): PUPs are software programs that you most likely didn't want to install. They can come bundled along with something that you purposely downloaded and can collect private data, slow your Mac down, add toolbars on your browser and display annoying ads.
Confirmed names: Mindspark, Easyconverter, Mac mechanic.

Spyware: Designed to gain access and damage your Mac, often without the user even knowing. Spyware takes your personal information and gives your data to data firms or external third-parties. 
Confirmed names: Veoh web player, Opinion Spy.

Trojan: A malicious software that looks authentic but can take control of your computer. They are designed to disrupt, damage, steal or inflict other harmful action on your data or network. One of the recent cases is Stockfolio, a Mac trojan disguised as a trading app. A Trojan will trick you into activating it, then once installed, it will get to work infiltrating and damaging your Mac.
Confirmed names: Komplex, Lame Pyre, Stockfolio.

How can Macs get infected?

Here's a quick look at just some of the ways viruses and malware can get on your Mac:

  • Email attachments

  • Free downloads

  • Fake services

  • Unsafe and unofficial apps

  • Browser extensions

Signs that your Mac has malware

Knowing how to find viruses on your Mac all starts with understanding the signs of malware:

  1. Annoying web page banners and pop-ups advertising software.

  2. Your browser homepage has changed.

  3. Programs appear that you haven't authorized.

  4. Your Mac gets very slow and can crash.

  5. You can't access some system settings.

Does anything on the list sound familiar to you? If so, it's time to jump to the next step.

How to find and remove viruses on Mac

Luckily, there are a few ways to scan your Mac, remove threats and keep your Mac protected against malicious software; let's go.

1. Remove unknown apps

Let's start by checking what applications you have on your Mac. 

Maybe you accidentally downloaded some malware, or it came bundled in with something you purposely downloaded; you'll need to get rid of it quickly. Here's how:

How to see the list of apps on Mac

  1. Open a new Finder window and select Applications. 

  2. Search for any applications that you do not recognize. If you find one, drag it to the Trash.

  3. Press cmd+space, then paste i: ~/Library and hit enter to open.

  4. Open the Application Support folder, look for any files related to the app and put those in the Trash.

Repeat this for Launch Agents and Launch Daemons folders, removing any app traces from there. 

Don't forget to empty your Trash afterward.

2. Check for viruses the smart way

You could use a tool like CleanMyMac X to scan for malicious software. It has a dedicated Malware Removal module that not only scans and identifies threats but removes them too. 

What I also like about CleanMyMac X is that it can actually do quite a few of the manual steps that I also mentioned above, like:

  • Remove apps safely

  • Remove browser extensions

  • Manage login items 

Apple also notarizes CleanMyMac X, and to me, that's a huge bonus point. If you just Google the term virus scanner or anti-virus tool, many of the applications that will show are malicious tools. So please be careful out there. 

CleanMyMac X can quickly find and remove thousands of malware threats, including:

  • Adware

  • Spyware

  • Ransomware

  • Worms

  • Cryptocurrency miners

If it does locate something suspicious on your Mac, it offers immediate removal. But the best thing is, it has real-time malware monitor protection, warning you when you're about to install a harmful app. 

Here’s how to scan and protect your Mac with CleanMyMac X:

Malware scan in process

  1. Launch the app – download the free version here.

  2. Select Malware Removal in the left sidebar.

  3. Click Scan.

If anything is found, you will be guided through the removal safely. 

3. Check your browser

Check for adware extensions by removing suspicious or unknown installed browser extensions; here's how:

Chrome

How to check browser extensions in Chrome

  1. Open Chrome.

  2. Click on the 3-dot icon, top right.

  3. Select More Tools > Extensions.

  4. Search through your extensions in the window, click Remove on any that you don't recognize.

Safari

  1. Open Safari.

  2. In the top menu, select Safari >Safari Extensions.

  3. Check the list, click on any extensions that you are unsure of. If you don't remember installing it, click Uninstall.

4. Remove Login Items

Login items are apps that launch by default. Malware software especially likes to sneak into your login items without you knowing. Here's how to stop them from launching:

How to check login items on Mac

  1. Go to Apple Menu > System Preferences > Users & Groups.

  2. Select your user profile, then click the lock button at the bottom and enter your password.

  3. Select the login tab and remove any suspicious apps by pressing the "-" button.

5. Create a new user profile 

Viruses are usually attached to a user profile. What you could do is create a new user profile to escape the virus. (You'll see be able to transfer your docs and data over) here's' how:

How to create a new user profile
  1. Click Apple menu > System Preferences>Users & Groups.

  2. Now, select the lock icon at the bottom and enter your password. 

  3. Select the "-" sign to add a new user profile. 

If you want to transfer your important files from one user to another, access the Shared folder. 

How to access the shared folder

  1.  Open a Finder window; from the top menu, select Go > Go To Folder.

  2. Paste in /Users and press enter. 

  3. Select the Shared folder and copy the important files from your old user account. 

6. Check Activity Monitor

Activity Monitor, in some cases, can help you identify suspicious software that's using up your Macs resources. Here's how:

Activity monitor on Mac
  1. Open Finder window > Applications> Utilities> Activity Monitor.

  2. Scan through the CPU list, and look for applications that you don't recognize.

Remember, some trusted apps have funny names for some of their services. Another downside to this is Activity Monitor can't remove malware. But at least you can confirm your suspicions. 

7. Check your Launch Agents

Launch Agents is the most common directory to search for malware. Did you know: not all applications that work on your Mac appear in the Dock. There are dozens of tiny apps that humbly work in the background. These are called Launch Agents and this is where malware often hides.

You may check if you have undetected Launch Agents right now.

For this test, we’ll use CleanMyMac X. This antivirus detector has been notarized by Apple. And since it’s safe to use we’ll use it for our test. 

Install a free version of CleanMyMac X antivirus (Download it here).
In the app, click Optimization in the sidebar > Launch Agents.

Immediately, you’ll notice apps you’ve never seen on your Mac.

CleanMyMac X - Launch Agents
In my case, I’ve found the strange app called “De.” Don’t know what that is, so I clicked to disable it.

So, go through the list of Launch Agents you’ll find there and disable the suspicious ones.

How to protect your macOS from malware

Knowing how to find a virus on Mac is essential, but so is knowing how to protect your Mac.

Keep an eye on your applications and browsers, stay away from suspicious pop-up ads, careful what you download, and run routine checks with CleanMyMac X. It's also worth considering using encryption tools to protect your private information like FileVault and a VPN.

A final list of safety tips:

    • Don’t save your passwords in browser
    • Keep your macOS updated
    • Use a different browser for finance operations
    • Buy a strong antivirus app
    • Backup your data, just in case.

Be cautious, and above all else, only use reputable applications.

Follow us
Blog FAQ
How to

MacPaw uses cookies to personalize your experience on our website. By continuing to use this site, you agree to our cookie policy. Click here to learn more.