How to scan your Mac for virus

8 min read
Every year, Malwarebytes issue a report on viruses and malware, and the trend is alarming — since 2020, Mac computers have been targeted more frequently than Windows PCs, regardless of some improvements in infection rates.

So, if you're wondering how to find a virus on a Mac, this data should be treated seriously. 

Can your Mac be infected?

Once upon a time, a very mythical rumor circulated that Macs were impenetrable by viruses and malware. Over the years, that rumor left many Mac users unarmed and vulnerable to attacks.

Macs can get viruses; in fact, in 2019, Malwarebytes said in their official report that they saw a significant rise in threats to Macs — an increase of over 400% compared with the previous year. Thankfully, numbers have decreased in recent years, but Macs are still susceptible to getting infected and more attractive than Windows.

Let's take a look at where viruses live on Mac and some notorious types of Mac malware and viruses.

Where does malware live on your Mac

There are a number of locations on your Mac that may be infected by malware. 

  • Admin preferences pane

  • Applications and launch agents

  • Browser settings

  • Login items

Malware programs will first try to hijack your admin privileges. If a malware app has managed to bypass your admin password or root password, from then on, it’s a free ride. The malware will be able to install things, copy itself, change the functionality of apps, etc.

Types of malware and viruses

Adware: Although adware is not technically malware, it's clearly an unwanted and deceitful family of apps. Once installed, it displays unwanted advertisements on your Mac. Adware can collect your browsing history, bombard your Mac with pop-ups, change your browser, and install spyware. Not only is it really annoying, but it can cause lasting damage to your Mac. It will make using your Mac unbearable and can cause crashing and unresponsiveness. 
Confirmed names: Genieo, VSearch, Crossrider.

PUPS (Potentially Unwanted Programs): PUPs are software programs that you most likely didn't want to install. They can come bundled along with something that you purposely downloaded and can collect private data, slow your Mac down, add toolbars on your browser, and display annoying ads.
Confirmed names: Mindspark, Easyconverter, Mac mechanic.

Spyware: Designed to gain access and damage your Mac, often without the user even knowing. Spyware takes your personal information and gives your data to data firms or external third parties. 
Confirmed names: Veoh web player, Opinion Spy.

Trojan: A malicious software that looks authentic but can take control of your computer. They are designed to disrupt, damage, steal, or inflict other harmful actions on your data or network. One of the recent cases is Stockfolio, a Mac trojan disguised as a trading app. A Trojan will trick you into activating it. Then, once installed, it will get to work, infiltrating and damaging your Mac.
Confirmed names: Komplex, Lame Pyre, Stockfolio.

How can Macs get infected?

Here's a quick look at just some of the ways viruses and malware can get on your Mac:

  • Email attachments

  • Free downloads

  • Fake services

  • Unsafe and unofficial apps

  • Browser extensions

How to find and remove viruses on Mac

Luckily, there are a few ways to scan your Mac, remove threats, and keep your Mac protected against malicious software. Let's go.

1. Remove unknown apps

Let's start by checking what applications you have on your Mac. 

Maybe you accidentally downloaded some malware, or it came bundled in with something you purposely downloaded. You'll need to get rid of it quickly. Here's how:

  1. Open a new Finder window and select Applications. 

  2. Search for any applications that you do not recognize. If you find one, drag it to the Trash.

  3. Press cmd+space, then paste ~/Library and press Return to open it.

  4. Open the Application Support folder, look for any files related to the app, and put those in the Trash.

How to see the list of apps on Mac

Repeat this for Launch Agents and Launch Daemons folders, removing any app traces from there. You may also want to remove app-related files from other locations — here's how to find files on Mac to make the process of hunting them down easier. 

Don't forget to empty your Trash afterward.

2. Check for viruses the smart way

You could use a tool like CleanMyMac to scan for malicious software. It has a dedicated Malware Removal module that not only scans and identifies threats but also removes them completely. CleanMyMac can quickly find and delete thousands of malware threats, including adware, spyware, ransomware, worms, and cryptocurrency miners.

If it does locate something suspicious on your Mac, it offers immediate removal. But the best thing is that it has real-time malware monitor protection, warning you when you're about to install a harmful app. It is also notarized by Apple, meaning that it's absolutely safe to use.

Here’s how to scan and protect your Mac with CleanMyMac:

  1. Open the app – download the free version here.

  2. Select Malware Removal in the left sidebar.

  3. Click Scan. If anything is found, you will be guided through the removal safely. 

Malware scan in process

3. Check your browser

Check for adware extensions by removing suspicious or unknown installed browser extensions; here's how:

Chrome

  1. Open Chrome.

  2. Click on the 3-dot icon top right.

  3. Select Extensions > Manage Extensions.

  4. Search through your extensions in the window and click Remove on any that you don't recognize.

How to remove viruses from Mac

Safari

  1. Open Safari.

  2. In the top menu, select Safari > Safari Extensions.

  3. Check the list, click on any extensions that you are unsure of. If you don't remember installing it, click Uninstall.

How to remove virus on Mac in Safari

4. Remove Login Items

Login items are apps that launch by default. Malware software especially likes to sneak into your login items without you knowing. Here's how to stop them from launching:

  1. Go to Apple Menu > System Settings > General.

  2. Navigate to Login Items.

  3. Select the login tab and remove any suspicious apps by clicking the "-" button.

System Preferences - Login Items

5. Create a new user profile 

Viruses are usually attached to a user profile. What you could do is create a new user profile to escape the virus. You'll be able to transfer your docs and data over. Here's how:

  1. Click Apple menu > System Settings> Users & Groups.

  2. Enter your admin credentials.

  3. Click Add User and fill in all of the fields. 

  4. Once done, click Create User.

How to create new user on Mac

If you want to transfer your important files from one user to another, access the Shared folder. 

  1. Open a Finder window; from the top menu, select Go > Go To Folder.

  2. Paste in /Users and press Return. 

  3. Select the Shared folder and copy the important files from your old user account. 

Use the Shared folder to transfer importnat data

Before transferring your files to a shared folder, you may want to know how to view all files — check out this article with the steps you need to follow.

6. Check Activity Monitor

Activity Monitor, in some cases, can help you identify suspicious software that's using up your Mac's resources. Here's how:

  1. Open Finder window > Applications> Utilities > Activity Monitor.

  2. Scan through the CPU list and look for applications that you don't recognize.

  3. Click X to quit unknown apps.

Use Activity Monitor to find virus on Mac

Remember, some trusted apps have funny names for some of their services. Another downside to this is Activity Monitor can't remove malware. But at least you can confirm your suspicions. 

7. Check your Launch Agents

Launch Agents is the most common directory to search for malware. Did you know that not all applications that work on your Mac appear in the Dock? There are dozens of tiny apps that humbly work in the background. These are called Launch Agents, and this is where malware often hides.

You may check if you have undetected Launch Agents right now.

For this test, we’ll use CleanMyMac. This Mac cleaning and optimization has been notarized by Apple, meaning that it's absolutely safe to use.

  1. Install a free version of CleanMyMac (download it here).
  2. In the app, click Optimization in the sidebar > View All Tasks > Launch Agents.
  3. Immediately, you’ll notice apps you’ve never seen on your Mac. Select anything you don't need and click Remove.

CleanMyMac - Performance

8. Use built-in tools

Did you know that macOS comes with a preinstalled tool for protecting your Mac from viruses and malware? It is XProtect — antivirus detection technology that scans your Mac and compares the findings with the malware signatures maintained by Apple. It is a basic level of protection that is enabled by default.

Note, though, that Apple is not a security company, meaning that XProtect will miss the most recent threats; however, you can still rely on it before you choose a third-party antimalware app that will work best for you.

In order to ensure it runs properly, it is necessary to keep macOS up to date. Here's a quick reminder on how to do it: 

  1. From the main Apple menu, click System Settings > General > Software Update. 
  2. If an update is available, click Update Now. 
  3. Also, activate Automatic Updates and, specifically, Security responses and system files.

System Preferences - Software Update

9. Clear downloads and temporary files

Another way to find suspicious-looking files is to check the Downloads folder. The thing is that viruses and malware often hide in .dmg files or archives. You may have also downloaded a different type of file that may turn out to be malicious.

Therefore, take some time to check the Downloads folder and send to Trash anything you do not need or do not remember downloading. Empty the Trash afterward.

Check the Downloads folder

10. Check user profiles

Remember we created a new user profile? Have you noticed anything suspicious when you were doing that? Because some malware and viruses can add user profiles, it's worth checking if there are any unauthorized ones and deleting them. Here's how to do it: 

  1. Go to System Settings > Users & Groups. 
  2. If there is a profile that you haven't created, click the i icon next to its name.
  3. Click Delete User and choose Delete the home folder.
  4. Once again, click Delete User. You may also want to restart your Mac.

Delete users on Mac

Hopefully, now you know how to find and remove viruses from Mac. Intimidating as it might sound, malware is not always a big deal. However, it is better to prevent infection by playing safe online and running routine checks with a smart tool like CleanMyMac.

Follow us
Blog FAQ