This blog post has been made in order to best provide you with assistance on how you can detect viruses for your Mac and how you can make sure to get rid of any malware that may currently reside in it so that you can secure it.
The so-called Mac virus has seen a spike in 2018 and it has started to diversify in types as well, driving the need in the average user to be well-prepared in detecting and spotting it. As a security blog which cares about protection, we provide you with free instructions on how to identify and remove any Mac virus that may be currently residing on your machine. Since the viruses are from different types, we recommend that you do a decent backup on your Mac before proceeding with any detection and removal.
Subnote: This post was originally created in June 2019, but we gave it an update september 2019.
What Could Be the Symptoms of Having a Mac Virus?
There are many different viruses for Mac. Viruses, such as Apple Scan Macbook Live, Weknow.ac, Adobe Flash Player date scam, TuneupMyMac, #friend E-Mail virus and Auto Mac Speedup Pro are from the less harmful type and they are considered potentially unwanted programs. Then again, there are more harmful viruses for Mac out there, like OSX.Trojan.Gen, Kaseya Agent, KeRanger Mac Ransomware, Padlock Ransomware that can be very harmful to both your data and your Mac. Here we tell you about how to detect those viruses by yourself by monitoring for their symptoms and dividing them by type.
Usually the symptoms of infection with the so-called Mac virus vary, based on the type of malware that has infected your Mac. Here is a list of the types of malware usually targeting Macs:
- Rogue Antivirus programs.
- Mac adware and hijacker viruses.
- Trojan horses and other spyware.
- Ransomware and screen-lockers for Mac.
- Cryptocurrency miner viruses.
Distribution methods for a Mac virus can be the following:
- Malicious e-mail attachments.
- Malicious documents, containing Macros.
- Malicious files, disguised as portable programs, installers, key generators or any other software uploaded on websites with low reputation.
- Infection as a result of another infected device on the network (worms).
Based on these infection methods and the Mac virus types, there are several very important symptoms that you must be aware of:
Symptom #1: Poor Performance
One of the main symptoms of having a Mac virus is the performance issues the machine experiences. Usually some Macs tend to slow down when a lot of programs are opened all at once or if their memory is full. But if your Mac is generally freed up of space and is still lagging this may be a sign of a type of malware that is utilizing the resources of your CPU, so identifying the source of the CPU usage is the key to removing the malware related to this.
Symptom #2: Toolbars or Add-ons on Your Browser that You Did Not Remember Adding
If you see a new browser extension or toolbar, be advised that it may have been added by a so-called PUP (potentially unwanted program) that may currently be residing on your Mac. Here is how to remove browser extensions and toolbars manually for different web browsers. You can see the instructions underneath as they can help you remove all toolbars and browser add-ons.
Symptom #3: Ad-supported Search results, pop-ups and Redirects
This type of symptoms are usually characterized with having a very aggressive browser hijacker that takes over the spaces of your search engine by replacing them with sites that lead to some site you have not even seen before. These types of fake search engines are cleverly disguised to appear like the original search engines (Google, Bing, Yahoo search, Ask, etc.) and they often lead to harmful, scamming and even phishing websites.
Another symptom of having such a hijacker is the browser redirects on your Mac. These redirects often appear randomly while you are browsing. They often lead to harmful pages and may even lead to tech support scam sites, the aim to deceive you that your Mac is infected:
Such sites often aim to get you to either download a suspicious program such as a fake antivirus software or call a tech support number, which leads you directly to the scammers themselves.
To make sure to remove these scams, you should clear up your web browser out of absolutely any cache and also perform any removal of browser extensions as mentioned in the step above. Here is a list of several annoying redirect “viruses” and ad-supported programs that are currently plaguing Macs:
- Apple Redirect Virus
- MatchKnowledge Search “Virus”
- Yahoo Search Virus on Mac
- Searchmine.net Redirect “Virus”
- Io-search.com Redirect
We have also prepared a separate article that is specifically designed for the removal of unwanted ads. If you wish to learn how to remove Mac ads, just click on the link.
Symptom #4: A Hoax Antivirus for Mac
Sometimes, when Mac users Google a random fix for the problems on their Macs, they often end up downloading programs that only pretend to fix Mac Issues. We have been gathering more information concerning such programs and so far the main ones that are downloaded by victims according to our research are the following:
- Mac Auto Fixer
- Secure Mac TuneUp
- Mac Purifier
- Mac Heal Pro Fake Optimizer
- Smart Mac Care
- Unpollute My Mac
These types of fake optimizing programs and fake antivirus programs usually aim to get victims to pay their licensed versions in order for them to fix any issues that they have detected. The bad news here is that not only they run aggressive start-up scans that always tend to detect issues, but most of the issues detected by these fake programs are often issues that do not even exist and are completely made up.
Symptom #5: Suspicious processes running as administrator.
This symptom is likely the most dangerous one, because having it on your Mac means that it may be affected by absolutely anything, ranging from an adware program to a Trojan or a Spyware directly residing on your Mac. Usually these processes tend to be ran with administrative privileges and they are very invasive. The outcome of this in the worst case is the following:
- Your files may be stolen from your Mac.
- The malware may have access to your Apple ID and passwords.
- Your social media and other accounts may be hijacked.
- Some viruses can activate your Microphone and camera to monitor your activity.
- Your Mac may become crippled by a rootkit or other destructive malware that may attack your drive.
In some cases, some Macs even become infected with screenlockers, asking the user to type in a password, like the Padlock virus we have seen loose earlier this year:
How to Remove Malware, Adware, Hijackers and PUPs from Your Mac and Fix It
Before beginning any sort of removal process, you should do one very important step – BACKUP YOUR FILES. If you have malware on your Mac, no one knows how long until it wrecks it completely and eliminates all your files in the process as well, so it’s best to stay safe.
Removal Step #1: Securing Your Mac Accounts
If you have had your Mac affected by a Mac virus, follow these steps towards securing your Mac.
1 – Disconnect from the web and try to stay offline when possible until the issue is resolved.
2 – Do not type any passwords on your Mac, because malware may be logging your keystrokes to obtain passwords.
Removal Step #2: Stopping the Virus and Removing It
If your Mac is infected and you have located the source of the infection, make sure to first stop it and then remove it by following the steps below:
1 – Open Activity Monitor and then locate the virus process. When you locate it, click on it’s name and then quit it by tapping CMD+Q.
2 – Remove the app from the Utilities folder of the Applications list. Over there, you can use the search box to type in the same app’s name. When you find it, the app may still be running so select it and then click the X icon on top left of it. Then select Force Quit.
3 – Uninstall the program, if it is added on your Applications by following the mini-steps in dark-gray below:
Bonus: Video containing step-by-step removal and file recovery instructions for threats, like Mac Viruses: