How to Check for Malware on Your Mac Featured Image

How to Check for Malware on Your Mac: 8 macOS Built-in Tools

Written by

Reviewed by

Last updated: October 24, 2023

Expert verified

SVG Image


To check for malware on your Mac, you can use built-in tools like Activity Monitor, Full Disk Access, and Time Machine. Plus, third-party software like MacKeeper can assist in scanning and removing potential threats.

Key Points

  • Notice symptoms like unexpected pop-ups, slower performance, unfamiliar apps, and increased CPU usage.
  • Activity Monitor provides a detailed overview of all processes running on your system, helping spot suspicious or malicious activity.
  • Full Disk Access restricts apps that can access personal data.
  • If your system is compromised, restoring from a Time Machine backup can revert your Mac to a state before the infection.

Think your Mac is invincible? Think again! While Macs are renowned for their stellar security, they aren’t immune to the sneaky world of malware. Just like that unexpected twist in your favorite thriller, malware can creep in when you least expect it.

This concise guide is your ticket to spotting and squashing those pesky digital intruders. Dive in to learn how to check for malware on your Mac and ensure your system remains virus-free.

Before We Begin

Though Macs face fewer virus threats than Windows PCs, they aren’t immune. Use MacKeeper for a thorough Mac scan. This reliable software ensures your Mac stays clean and your data safe.

Can Macs Get Viruses?

Absolutely, Macs can get viruses. While they’re less susceptible than Windows PCs, no system is entirely immune. The simplest solution? Regularly update your macOS and use trusted antivirus software to ensure optimal protection.

Now that we’ve addressed the primary concern, let’s dive deeper into understanding the symptoms of an infected Mac and checking for malware using built-in tools.

How Do You Know If Your Mac Has a Virus?

Spotting a virus on your Mac can be subtle or glaringly obvious. Recognizing these symptoms early can make all the difference. Common signs that your Mac is infected with malware include, but are not limited to, the following:

  1. 🚨 Unexpected Pop-ups: Random advertisements or alerts that appear without any action on your part. These can be attempts to trick you into downloading more malware.
  2. 🐢 Slower Performance: A sudden and unexplained decrease in your Mac’s speed or responsiveness.
  3. 📦 Unfamiliar Apps: New applications that you didn’t install appear on your desktop or in your applications folder.
  4. 🌀 Erratic Behavior: Your Mac starts to behave unpredictably, with applications crashing or freezing frequently.
  5. 🔥 Increased CPU Usage: A sudden spike in CPU usage without any heavy applications running can indicate background malware processes.
  6. 🌐 Browser Hijacking: Your web browser’s homepage changes without your consent, or you get redirected to unfamiliar websites.
  7. 🔍 Unwanted Toolbars: New toolbars appear in your browser that you didn’t install.
  8. 📧 Emails Sent Without Your Knowledge: Friends or colleagues receiving emails from you that you didn’t send can be a sign of malware.
  9. 🛡️ Disabled Security Software: If your antivirus or firewall gets turned off without your action, it might be the work of malware.
  10. 💥 Frequent Crashes: If your Mac starts crashing or restarting on its own frequently, it could be due to a virus.

Scan Your Mac for Viruses With MacKeeper

MacKeeper is a utility software suite for macOS known for its cleaning, security, and optimization tools. One of its prominent features is its ability to scan and remove various types of malware, ensuring your Mac remains safe from potential threats.

Here’s how to use MacKeeper to scan your Mac for malware:

  1. Download and install MacKeeper.
  2. Launch MacKeeper and navigate to the Antivirus tab in the left sidebar.
click antivirus under the security section
  1. Initiate an instant virus scan by clicking the Start Scan button.
click start scan in mackeeper antivirus
  1. If any viruses are detected during the scan, click the Fix Items button to resolve the issues.
  2. If your system is threat-free, you’ll see a No threats found message. You can tap the Restart button to run the scan again.
no threats found in mackeeper antivirus
  1. Enable real-time antivirus protection to safeguard your Mac from future threats by clicking the Enable button.
click enable to allow real time protection

Once you have configured your security settings, MacKeeper will continue to operate in the background, diligently scanning for threats and actively blocking any malicious activity.

How to Check for Malware on Your Mac Using Built-in Tools

While many Mac users rely on third-party antivirus software to keep their systems secure, macOS has many built-in tools to detect and combat malware. These native utilities offer a first line of defense against potential threats, ensuring your Mac remains in top-notch condition without external apps.

In the following section, I’ll show you how to use built-in macOS tools to check for malware on your Mac.

1. Check Mac for Malware With Activity Monitor

The Activity Monitor functions much like the Mac Task Manager. It provides a detailed overview of all the processes running on your system, making it a valuable tool for spotting suspicious or malicious activity.

Here’s how to use Activity Monitor to check for malware on your Mac:

  1. Navigate to Applications > Utilities > Activity Monitor, or use Spotlight (Command ⌘ + Space) and type Activity Monitor.
launch activity monitor from utilities
  1. Once open, click the CPU tab and look for processes consuming an unusually high amount of resources without a clear reason.
click the cpu tab in activity monitor
  1. Click %CPU to sort the processes by CPU usage.
click the cpu tab to view each application s percentage of cpu usage
  1. Browse through the list of processes. If you come across any unfamiliar or suspicious names, select it and click the small i in the top toolbar to learn more about the process.
click i in the top bar of activity monitor
  1. For any process you’re unsure about, do a quick online search. This can help you determine if it’s a legitimate macOS process or something potentially harmful.
  2. If you identify a process that seems malicious, select it and click the X button in the top toolbar.
click the x button in the windows upper left corner
  1. This will force quit the process. However, be cautious and ensure you’re not ending essential system processes.

2. Use Full Disk Access to Check Your Mac for Malware

Full Disk Access is a security feature introduced in macOS Mojave (10.14) and later versions. It restricts the apps that can access personal data on your Mac. By reviewing which apps have been granted this permission, you can identify and remove potentially harmful software that shouldn’t have such access.

Here’s how to use Full Disk Access to check for malware on your Mac:

  1. Click the Apple logo and select System Settings.
click the apple icon and select system settings
  1. In System Settings, click the Privacy & Security tab and in the Privacy section, click Full Disk Access.
click privacy and security and select full disk access
  1. Review the apps and services that have been granted Full Disk Access. If you see any unfamiliar or suspicious names, it’s a red flag.
list of apps with full disk access
  1. Toggle off the switch next to an app you don’t recognize or trust to revoke its Full Disk Access permissions.

3. Remove Suspicious Login Items

Login items are apps, documents, or server connections your Mac automatically starts up every time you log in. While many of these items are legitimate and enhance user experience, malware or unwanted software can sometimes sneak into this list, causing potential harm.

Follow these steps to remove suspicious login items on your Mac:

  1. Click the Apple icon and select System Settings.
click the apple icon and select system settings
  1. Select General and click Login Items in the right menu.
click general and select the login items tab
  1. Review the items that automatically launch when you log in to your Mac. If you see anything suspicious, select the item, and click the button to remove it from the list.
select an item and click the minus icon to delete it
  1. Once you have removed any suspicious login items, restart your Mac.

Alternatively, you can use MacKeeper to get rid of suspicious login items in one click. Here’s how:

  1. Download MacKeeper and install it on your Mac.
  2. Click Login Items under Performance in MacKeeper.
tap login items under performance
  1. Click Start Scan.
tap start scan
  1. You will see a list of all the items that open when you log in to your Mac. Select unnecessary items from the list and click Remove Selected Items.
select the files you want to delete and tap remove selected items
  1. Tap the Remove button on the pop-up.
tap remove on the pop up
  1. It will remove your selected items from the system startup list. You can click Rescan to repeat the process.
tap rescan

4. Check Your Mac for Unwanted Apps

Over time, it’s common to accumulate a bunch of apps on your Mac. Some of these apps may have been downloaded unintentionally or come bundled with other software. These unwanted apps can take up valuable space, slow down your system, or pose security risks if they contain malicious components.

Follow these steps to check for and uninstall unwanted apps on your Mac:

  1. Launch Finder and navigate to the Applications folder in the left sidebar.
open finder and select applications in the left sidebar
  1. Carefully go through the installed apps, looking for any you don’t recognize, no longer use, or seem suspicious.
  2. If you come across an unfamiliar app, right-click it and select Get Info to view more details, such as its source or installation date.
right click an app and select get info
  1. To uninstall an app, drag its icon to the Bin. You can also right-click the app and select Move to Bin.
right click the steam app and select move to bin
  1. Alternatively, some apps come with a dedicated uninstaller, which you should use if available.
  2. After removing unwanted apps, right-click the Bin icon in the Dock and select Empty Bin to permanently delete them.
right click the bin and select empty bin

Alternatively, you can use MacKeeper’s Smart Uninstaller to uninstall suspicious apps along with their leftover files:

  1. Download and install MacKeeper on your Mac.
  2. After installation, launch MacKeeper and click the Smart Uninstaller in the left-hand menu.
click smart uninstaller in the left sidebar
  1. Click Start Scan.
click start scan in smart uninstaller
  1. Select the applications you want to delete from the list and click Remove Selected.
select the applications you want to remove and click remove selected
  1. Tap the Remove button on the pop-up to confirm the deletion.
click remove on the pop up window in smart uninstaller
  1. MacKeeper will uninstall the apps and remove associated files and folders. You will get a Removal Completed notification. If you want to scan your Mac again, click Rescan.
click rescan in smart uninstaller

What Else Can MacKeeper Do? 

Besides scanning your Mac for viruses, removing browser extensions, managing startup items, and uninstalling apps, MacKeeper can also remove junk files, optimize Mac storage, and stop annoying ads. Check out my in-depth MacKeeper review to learn about all its features.

5. Remove Unknown Browser Extensions

Browser extensions can enhance your web browsing experience by adding functionality and features. However, some extensions might be malicious, track your online activities, or display unwanted ads. Regularly checking and removing unknown or suspicious extensions is crucial for a safe browsing experience.

Depending on which browser you use, the steps may vary slightly. Here, I’ll cover the basic steps to remove unknown browser extensions on Mac for popular browsers.

  1. Access Extensions or Add-ons:
    1. Safari: Go to Safari > Settings > Extensions.
click on the extensions tab to view all the installed extensions
  1. Chrome: Click the three vertical dots (menu) > More tools > Extensions.
select more tools from the dropdown menu then select extensions from the submenu
  1. Firefox: Click Firefox > Settings > Extensions & Themes.
click on extensions and theme in the left hand menu
  1. Review the list of installed extensions, looking for any you don’t recall adding or that seem out of place.
  2. Click the extension to view more details, such as its permissions or the developer’s name. This can help you determine its legitimacy.
  3. For any extension you wish to remove:
    1. Safari: Check the box to disable it and click the Uninstall button.
click the uninstall button to confirm that you want to remove
  1. Chrome: Click the Remove button.
click the remove button next to the extension you want to uninstall
  1. Firefox: Click the three dots next to the extension and select Remove.
click remove from the drop down menu
  1. After removing extensions, close and reopen your browser to ensure the changes take effect.

6. Clear Your Downloads Folder

The Downloads folder can become cluttered with unnecessary files, some of which might even be malicious. Regularly cleaning out this folder not only frees up storage space but also reduces potential security risks.

Here’s how to delete Downloads on your Mac:

  1. Launch Finder and select Downloads from the left sidebar.
click downloads in the left sidebar in finder
  1. Browse through the files and folders, identifying items you no longer need or don’t recognize. Be especially cautious of files you don’t recall downloading or that have suspicious names.
  2. If you come across unfamiliar files, right-click them and select Get Info to see more details, like the date it was downloaded.
right click a file and select get info
  1. Select the files or folders you want to remove, then right-click and choose Move to Bin, or simply drag them to the Bin icon in the Dock.
right click selected files and choose Move to Bin
  1. To permanently delete the items and free up space, right-click the Bin icon in the Dock and select Empty Bin.
right click the bin and select empty bin
  1. Consider moving important files to more appropriate locations on your Mac, such as the Documents folder, for better organization.

7. Restore Your Mac Using Time Machine

If malware or any unwanted software compromises your system, restoring from a Time Machine backup can revert your Mac to a state before the infection, ensuring your data remains intact and the system runs smoothly.

Follow these steps to restore your Mac using Time Machine:

  1. Plug in the external drive or connect to the network location where your Time Machine backups are stored.
connect an external hard drive with mac
  1. Click the Apple logo and select Restart.
click the apple icon and select restart
  1. As your Mac restarts, hold down the Command ⌘ + R keys simultaneously until you see the Apple logo or a spinning globe.
macbook air command r keys
  1. Once in macOS Recovery, select Restore from Time Machine Backup and click Continue.
select restore from time machine and click continue
  1. Choose the backup source, which is typically your external drive or network location, and click Continue.
  2. You’ll see a list of available backups organized by date. Select the one you want to restore from, ideally, a date before you suspect any malware infection.
  3. Click Continue to begin the restoration process. This will erase your Mac’s current state and replace it with the contents of the selected backup.
  4. The restoration process can take a while, depending on the size of your backup and the speed of your drive. Ensure your Mac remains powered on.
  5. Once the restoration is complete, your Mac will restart, and you should find it in the state it was on the date of the chosen backup.

8. Create a New Profile on macOS

Creating a new user profile on your Mac can be a useful troubleshooting step if you suspect that only one user account is affected by malware or other issues. A fresh profile provides a clean slate, free from any potential software conflicts or corrupted settings in the original profile.

Here’s how to create a new profile on macOS:

  1. Click the Apple icon and select System Settings.
click the apple icon and select system settings
  1. In System Settings, click Users & Groups.
click users and groups in system settings
  1. Click the Add Account button below the list of users to create a new account.
select add account in the right corner
  1. Select the type of account you want to create. For most purposes, Standard is sufficient, but you can also choose Admin if you need administrative privileges.
  2. Enter your full name, account name, password, and a password hint for the new profile, and click Create User to finalize the account creation.
write information and click create user
  1. Log out of your current account by clicking the Apple logo and selecting Log Out.
click the apple icon and select log out
  1. Then, log in to the new user account you just created.
  2. Once set up, use the new profile to see if the issues you experienced in the original profile persist.

If the new profile works without any issues, it suggests the problem might be with your original profile. You can then decide to migrate essential data to the new profile and use it as your primary account.

Remember to regularly back up any important data, especially when making significant changes or creating new user profiles.

What to Do If You Find Malware on Your Mac

If you check for malware on your Mac and find it, you must immediately address it. The faster you address the issue, the less damage the malware can do. Always keep backups of your important data, and stay informed about the latest malware threats and protection methods.

Here are some immediate actions you can take if you find malware on your Mac:

  1. 🚫 Disconnect from the Internet: Immediately disconnect your Mac from the Internet to prevent the malware from sending out sensitive data or downloading more malicious content.
  2. 🔄 Restart in Safe Mode: Reboot your Mac while holding down the Shift ⇧ key. This will start your Mac in Safe Mode, which loads only essential software, making it easier to remove malware.
  3. 🛡️ Run a Malware Scan: Use a reputable antivirus or anti-malware software to scan your Mac. This will identify and remove any malicious files or programs.
  4. 🗑️ Manually Remove Suspicious Files: If you know the location of the malware, navigate to the folder and move it to the Bin. Be cautious and ensure you’re deleting the correct files.
  5. 🔄 Clear Browser Cache: Malware can hide in your browser cache. Clearing your browser cache on Mac can remove any lingering threats. Ensure you clear cookies, history, and other stored data.
  6. 🔄 Update All Software: Ensure your macOS, browsers, and other software are up-to-date. Software updates often include patches for known security vulnerabilities.
  7. 🔐 Change Passwords: After removing the malware, change passwords for your accounts, especially if you believe any sensitive information was compromised.
  8. 📦 Reinstall macOS: If you’re still experiencing issues or believe the malware hasn’t been fully removed, consider reinstalling macOS. This is a more drastic step but can ensure a clean system.

How to Stop Malware Getting on Your Mac

A proactive approach is always better than a reactive one when it comes to digital security. So, you should take steps to prevent malware from infecting your Mac. Here are a few tips to stop malware from getting on your Mac:

  1. 🛡️ Use Antivirus Software: Invest in a reputable antivirus program specifically designed for Macs. Regularly update and run scans to catch potential threats.
  2. 🔄 Keep macOS Updated: Apple frequently releases security patches in their updates. Ensure your macOS is always up-to-date to benefit from these enhancements.
  3. 🚫 Download Wisely: Only download apps and software from trusted sources like the Mac App Store or official websites. Avoid “too good to be true” offers and unofficial download links.
  4. 📧 Beware of Phishing Emails: Be cautious of unsolicited emails with attachments or links, especially if they urge immediate action or offer unbelievable deals.
  5. 🌐 Use a Secure Browser: Opt for browsers that offer advanced security features. Regularly clear cookies and cache, and consider using browser extensions that block malicious content.
  6. 🔒 Enable Firewall: Turn on the Mac’s built-in firewall to block unauthorized incoming connections.
  7. 📶 Secure Your Network: Use strong, unique passwords for your Wi-Fi network. Consider setting up a VPN for an added layer of protection when browsing.
  8. 🔐 Regularly Change Passwords: Update passwords for your accounts periodically and use a combination of letters, numbers, and symbols.
  9. 🚫 Disable Automatic File Opening: In your browser settings, disable the feature that automatically opens downloaded files to manually scan files before opening.

Keep Your Mac Safe From Malware

macOS comes with a suite of built-in tools designed to safeguard your system from malware. From the Activity Monitor’s keen eye on system processes to the protective shield of Time Machine backups, your Mac offers multiple layers of defense.

Here are some more tips to keep your Mac secure and optimized:

  • Can Macs get viruses? The short answer is yes. So, you must be proactive against potential threats.
  • Although macOS offers robust built-in security features, MacBooks need antivirus software to actively protect your system.
  • You should download reliable antivirus software and run a virus scan on Mac to identify any malicious agents lingering on your system.

Frequently Asked Questions

  1. How often should I check my Mac for malware?

    You should check your Mac for malware at least once a week. Regular scans, especially after downloading unfamiliar files or visiting new websites, ensure early detection and removal of potential threats, keeping your system secure and optimized.

  2. Does the Activity Monitor only show malicious processes?

    No, the Activity Monitor not only shows malicious processes but displays all processes running on your Mac. It provides an overview of system activity, and users must identify any suspicious processes themselves. Regularly checking Activity Monitor helps in spotting unusual behaviors indicative of malware.

  3. What should I do if I accidentally grant Full Disk Access to a suspicious app?

    If you accidentally grant Full Disk Access to a suspicious app on your Mac, immediately revoke its access in System Settings > Privacy & Security > Privacy > Full Disk Access. Then, run a malware scan to ensure your system’s safety and remove any potential threats. Always be cautious with app permissions.

Hashir Ibrahim


I'm Hashir, a tech journalist with a decade of experience. My work has been featured in some of the top tech publications like MakeUseOf and MakeTechEasier. I have a bachelor's degree in IT, a master's in cybersecurity, and extensive knowledge of Apple hardware, specifically MacBooks. As the senior writer at MacBook Journal, I write in depth guides that help you solve any issues you have with your mac and unbiased reviews that help you make the right buying decisions.



Hi there! I'm Ojash, a tech journalist with over a decade of experience in the industry. I've had the privilege of contributing to some of the world's largest tech publications, making my mark as a respected Mac expert. My passion lies in exploring, using, and writing about MacBooks, and I enjoy sharing my expertise to help others make informed decisions and get the most out of their MacBook experience. Join me as we delve into the fascinating world of MacBooks together!

You May Also Like