It’s a myth that Macs do not get viruses. It’s not even true that there are more Windows viruses than Mac ones anymore, getting a virus on Mac is much easier than you would expect. After all, we are interacting with the internet on various applications and non-native software – so it’s not always within Apple’s control.
Below are some of the ways you can detect a virus, and ultimately, how to remove them.
How to know if your Mac has a virus?
There are many giveaways that your Mac may be somewhat contaminated… One of these warning signs is if it’s running slower than usual. This is common if it’s being used to mine for cryptocurrency, meaning it exhausts your resources in the background without you knowing.
However, there are loads of symptoms in reality. If you’re receiving tons of adverts, more than usual, and they’re popping up in new windows then it’s likely you have adware. Furthermore, this is almost certainly the case if your homepage has been unknowingly changed or your searches are all of a sudden being redirected to Yahoo.
Finally, receiving security alerts without even scanning the Mac, not being able to access personal files, and receiving spam messages are also signs that you have a virus.
Even if you have only one of these warning signs, it’s important to scan your Mac with anti-virus software, or run through some of the manual checks that will be discussed in a moment.
Automatically check for viruses
Using anti-virus software can help speed up the process of detection and removal of malware. With just one click, you can scan all of the files on the Mac (within reason) and tackle a wide variety of viruses – from keyloggers to adware.
This is a legitimate and time-sensitive way to tackle the issue. However, it’s understandable that some people are skeptical around them, because there are many illegitimate scanning software out there that cause more problems than they solve. So, ensure you have highly reviewed, credible software.
It’s not necessary to pay for anti-virus software to ensure its credibility. There are many effective free ones out there that do the job.
Manual checks and removal of malware
If you want a thorough purging of malware without relying on automated software, below are the key ways to go and not only check if you have a virus, but also how you can remove it. The benefits of manual checks are that you can be sure no stone is left unturned by searching specific file locations.
So first and foremost, malware in the form of software saved on your Mac may very well be found in the Applications folder (which can be found in Finder). Simply scroll through your Applications and assess which ones you don’t recognise. If they appear suspicious, you may want to delete them, or at least Google them to see what they could be.
This shouldn’t take long, as we don’t tend to accumulate hundreds of apps due to storage limitations. Ideally, you should know exactly what the purpose and credibility is behind each and every app. Even if it isn’t a threat to your Mac, it may be needlessly taking up storage if you no longer need it. Plus, a full-up hard drive can cause similar symptoms to a virus (i.e. frequent freezing and slowing down).
Deleting the applications means sending them to the Trash and then emptying the Trash.
Given that a lot of malware is running malicious tasks in the background, we need to see the Mac’s activity. We can do this by opening Applications, Utilities, then pressing Activity Monitor. Now, let’s see if any background process is using an unusual amount of CPU or memory. The difficulty here is that there will be lots of tasks you don’t recognize, but it doesn’t mean it’s malware.
If you suspect foul play, press the X in the top left after having clicked on the process. This will close down the process and free up resources. Make a note of the name of the process before doing this though and see if you can find files named similarly in Finder.
Almost all of us have a messy downloads folder – it’s just very hard to keep on top of. Unlike the applications folder, this can be filled with hundreds of poorly named files, making it a huge job to overhaul.
However, this is a very possible place that malware could be hiding as opposed to Applications. So, skim through and assess which files you do not recognise, move them to Trash, and empty the Trash. Again, simply organising this folder frequently can not only improve your productivity and experience of using your device, but it could make a future virus easier to spot, as opposed to being hidden within a large mess.
As mentioned earlier, strange browser behaviour is the biggest giveaway for having malware. It’s also very dangerous too, as the browser hijacker could be spying on the sensitive data that you’re communicating with online.
In order to purge this, open Safari, go to Preferences and hit General. Under the Homepage field, see if it’s unfamiliar. If it is, you likely have a browser hijacker (do the same for Chrome, too). You can also spot this malware saved on your device, in applications or your download folder, and often spotted in the activity monitor as mentioned earlier. Keep an eye out for apps named Safe Finder or anything “Seach” related.
Finally, press the Go menu, and in Finder click on Go to Folder (or simply press Command-Shift-G). Type in “/Library/LaunchAgents” and hit the Go button. Examine this folder for any strange looking items. Files named “com.pcv.hlpramc.plist” or something very similar is highly likely to be a virus.
After ensuring you don’t have the malicious stored locally anymore, head over to the Extensions tab and see if there are suspicious extensions. Browser hijackers can sometimes install other extensions without you knowing, so uninstall them. Some of the earlier measures may have taken out the virus, but you will still need to change your search engine and homepage back to what you wish and ensure extensions are under control.
If you think about it, malware would want to automatically start each time the Mac is turned on. So, one of the most likely places to spot it is within the Login Items. You can find this by clicking on the Apple icon (top menu), going to System Preferences, then clicking Users & Groups and going on Login Items.
There won’t be many, so suspicious applications should be easy to spot. Write down their name if there are any (so you can search specifically for this later in Finder to delete other associated files). Hit the minus (-) button to remove it from Login Items.
Whilst you’re here, head back to System Preferences and click Profiles. Often, malicious software can present itself on the left-hand sidebar here, showing profile configurations under the names TechSignalSearch, AdminPrefs, Chrome Settings, AresLookup, and many others. If any of these appear, you will know you have some malware and you must first click the entity and press the minus button at the bottom to delete it.
Deleting leftover files
Below are some file locations to search through and delete suspicious files. Press Go, Finder, then Go to Folder and enter in the locations below:
- ~/Library/Application Support
How to stay virus malware-free?
It’s not possible to stay 100% safe because any interaction with the internet involves a certain level of risk – even some of the biggest institutions and organizations get hacked. But, our behaviour remains the most important thing, with anti-virus software coming in at a close second.
Being adept at spotting software, phishing attacks, and spam is vital. Not clicking on pop-up ads or opening suspicious links sent to you on Facebook is something that is an absolute must – no software is 100% reliable, so we need to rely on ourselves not to take on unnecessary risks. It is already too late if the malware is installed, meaning we need to take pre-emptive measures.
If you receive an email containing a link or attachment, first check the address it is sent from. If it’s a company, check to see if this is the exact format the company officially uses. Next, check the language used in the email (is it missing full-stops, broken English?). Finally, avoid PDFs or zip files that provide a password to access them – this is a classic way to circumvent antivirus protections within your email.
If for whatever reason you feel you need to download the file but are not 100% confident in trusting the source, try it first in a contained Virtual Machine software. This will partition your hard drive and should protect the rest of your computer from malware that you may accidentally install. But, it’s still not advised to do this and not everyone has the time or skill.
It’s worth taking a short course on security and staying safe. The results could pay for themselves down the line if it means avoiding dangerous attacks such as keyloggers and theft of credit card details.