3 Signs Your Mac Has a Virus, and How to Scan for Them
Whatsapp Pinterest

Is your Mac acting kind of…weird? Whether you’re seeing adverts you can’t explain, or your system is unreasonably slow, you might think the problem is malware. And you might be right (but probably aren’t).

Back in 2009 my co-worker Jackson asked whether Macs need virus scanners Are Antivirus Programs Necessary for Mac? Are Antivirus Programs Necessary for Mac? Read More . The common consensus at the time was “no”, but Macs have grown in popularity since then – and not surprisingly, so has Mac malware.

This doesn’t mean you should panic: widespread Mac infections are still rare. Odds are your Mac is clean, even if it seems otherwise.

What Is Mac Malware Like?

Having said that, infections do happen; here are some examples from the past few months:

  • Wirelurker was distributed via pirated Mac software. It attempted to infect any iPhone or iPad plugged into infected Macs, spreading from one platform to the other and collecting your devices’ unique IDs in the process. No one is sure what the goal of this malware is, but one researcher thinks it’s trying to identify Chinese software pirates.
  • iWorm infected users who downloaded pirated software from The Pirate Bay. Infected Macs become part of a global botnet.


  • CoinThief infected users by pretending to be legitimate software, and stole any BitCoins stored on the infected Mac. Ouch.

Learning From These Examples

All of these infections have one thing in common: they infect Macs through software installed outside of the Mac App Store. In some cases pirated software is to blame; in others it’s software from sources that shouldn’t have been trusted.

Put simply: if you never install software from outside the Mac App Store, you don’t have anything to worry about. Sure, there are some browser-related exploits from time to time, and Java is an ongoing concern, but if your OS X and browsers are up-to-date such infections are pretty unlikely.

And if you do install software from outside the Mac App Store, but are careful to research software before installing it (Googling for a review, and finding an official download), you also don’t have anything to worry about.

On the other hand: if you’ve pirated Mac software, or installed plugins at the request of a site offering pirated movies, you might have problems. Have you used a tainted USB drive or downloaded a sketchy email attachment? Viruses can spread in unexpected ways The 7 Types of Computer Viruses to Watch Out For and What They Do The 7 Types of Computer Viruses to Watch Out For and What They Do Computer viruses can steal or destroy your data in many ways. Here are some of the most common virus types and what they do. Read More . Let’s go over a few signs that your Mac might be infected, just to make sure.

Sign 1: Unexpected Ads and Pop-Ups

Adware is becoming an ever-bigger problem on the Mac platform. If you’re seeing ads in places they previously didn’t show up, there’s a good chance you’ve installed something you shouldn’t. This is particularly true if you get pop-up ads even when you’re not browsing the Internet.

Sign 2: Your Mac Is Slow For No Reason

Portrait of a tortoise

As I said before: some Mac malware makes your Mac part of a botnet, which is a global network of computers used for all sorts of things. If your Mac is infected, it could be helping to DDoS a website What Is a DDoS Attack? [MakeUseOf Explains] What Is a DDoS Attack? [MakeUseOf Explains] The term DDoS whistles past whenever cyber-activism rears up its head en-masse. These kind of attacks make international headlines because of multiple reasons. The issues that jumpstart those DDoS attacks are often controversial or highly... Read More , mine BitCoins or any number of things that take up CPU power.

If your Mac is constantly slow, even if you don’t have any programs open, this is a possibility.

Odds are malware isn’t your problem, though. You’re probably better off reading about how to speed up your Mac Speed Up an Old Mac with These Tricks [Mac OS X] Speed Up an Old Mac with These Tricks [Mac OS X] Given time, the performance of any computer will tend to degrade - even Macs (gasp!). Years of improperly un-installing applications can leave your drive littered with preference files and resources that are no longer needed.... Read More , but malware is worth looking into if none of those tips work.

3. A Malware Scanner Confirms Infection

Think your Mac might be infected? Make sure. Here are a few free programs you can use to scan your Mac and find out about any infections:


  • BitDefender Virus Scanner for Mac is a free tool. It won’t delete infections for you, but it will point out where to delete them using the Finder. Note that the latest release has some issues, according to user reviews.
  • AdwareMedic scans for and deletes a number of common Adware infections on your Mac. It’s a quick scan, so try it if you’re seeing way too many ads. Donations are requested, be sure to contribute if the program helps you.
  • ClamXAV is the Mac version of ClamAV, a popular open source malware detection tool. It’s well worth a look.

If none of these tools come up with anything, it’s extremely unlikely that your Mac is infected. There are other such apps out there – if you know of something better, please let us know in the comments.

What Security Does My Mac Come With?

Your Mac has defenses in place that should keep you safe from malware, though like all such measures it’s not completely foolproof. Here are a few reasons why you don’t need to worry (much):

3 Signs Your Mac Has a Virus, and How to Scan for Them gatekeeper cannot open

  • Gatekeeper, which helps protect your Mac, stops uninformed users from installing potentially unsafe software. By default this means anything not from the Mac App Store, but you can also configure it to block apps from unknown developers. Of course, many Mac users disable Gatekeeper completely so they can run whatever software they like, including things they’ve compiled themselves. The hope is that well-informed users will research the apps they run before installing it.
  • Sandboxing. Apps installed through the Mac App Store have very limited access to the broader system, a limitation intended to stop one app from messing up your entire system.
  • XProtect, officially called File Quarentine, is the anti-malware program you didn’t know you had. Part of OS X since 2009, this program isn’t like Windows anti-viruses – it’s completely invisible to most users. You can’t open the program and run a scan yourself, and you can’t manually install updates. But if you’re infected with a known virus, odds are this program will eventually notify you. It also stops you from opening infected files.
  • Obscurity is another frequently argued advantage of the Mac. Macs have a growing market share now, but for a long time there were so few active computers running OS X out there that malware creators didn’t bother to target them. This is called “security through obscurity” – and more than a few security experts will tell you it’s a load of crap – but for a long time it comforted Mac users. Of course today, with a growing Mac user-base, this applies less than before – but Windows remains the primary target for malware makers.
  • We’ve also explained System Integrity Protection (SIP) in newer macOS versions 3 Signs Your Mac Has a Virus, and How to Scan for Them 3 Signs Your Mac Has a Virus, and How to Scan for Them Is your Mac acting kind of... weird? Whether you're seeing adverts you can't explain, or your system is unreasonably slow, you might think the problem is malware. But you're probably wrong. Read More .

You’re Probably Not Infected, But Stay Informed

If you want to stay informed about Mac malware, I recommend TheSafeMac.com. This blog, by Thomas Reed, offers up-to-date information about the latest Mac malware. I couldn’t have written this post without that site, so consider subscribing if you want to stay informed.

Have you ever had an infected Mac?

Explore more about: Anti-Malware, Software Piracy.

Enjoyed this article? Stay informed by joining our newsletter!

Enter your Email

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Kar
    August 20, 2017 at 6:40 pm

    Hypothetically, say a few months ago I snooped around on a pirate site, and may or may not have clicked a link by accident.
    Say, if, now, randomly, my safari field were to go gray, and a popup appear with a phone number, etc, saying, let's say, my computer had been infected with something, let's just say it said "trojan" and then my entire search history was changed to "Error" or something like that, what, hypothetically, would I do?

  2. Chu Nguyen
    January 24, 2017 at 7:25 pm

    Thank you, it is wonderful to know it!

  3. mj lee
    December 22, 2016 at 5:53 pm

    It isn't good when the article recommends virus checkers that could be harmful to users. Of the 3 Malware Scanners mentioned in section 3 of this article,
    the first goes to some russian site
    the second and third packages are not on the apple app store
    the third package seems to not really be supported

    If you can't keep an article up to date, it should be deleted rather than steer users to bad sites.

  4. Anonymous
    April 28, 2016 at 6:54 am

    Let me start out by stating that I am not a Mac user. However, please note that this is not some part of the Mac vs. Pc war, I just don't need one. In addition, computers are tools and you use the right tool for the job.

    Against popular (put horribly incorrect) belief, the Mac OS is NOT immune to viruses, spyware, or any sort of malware for that case. So yes, you can get spyware on your Mac. The reason why so many egotistical Mac users have decided to tell uninformed users that there are no bugs for Mac, is because there are significantly less than Windows OS. Malware writers, as well as script kiddies, want to target the largest population, so they take out Window's boxes.

    On the other hand, UNIX kernels, which is what Macs are based off of, as are Linux distros, is, in my opinion, more secure than the Window's equivalent.

    At any rate, on to your question. There are anti-virus, etc. programs for Mac. GET ONE. I routinely run Linux, and while it has little malware, I still run an AV. You can tell that you have some sort of a bug if just random things start happening. If your computer is running extremely slow, check the processes (Not sure how on Mac, ps -A on Linux, so may be the same) and see if any of them seem suspicious. While most of the times a keylogger will not be called keylogger.exe, there are a lot of novice script-kiddies out there. If you see a lot of TCP or UDP connections (maybe netstat?) on strange ports, that could be a sign. Also, if you see any data being moved along port 0, that could be a problem. But most importantly, run your AV. I know that there are some free ones out there. I know that McAffee (I think) or one of the major companies has started making a mac Av, so you might consider it.

    Sorry for the long run on. Email me if you need anything and Good Luck.

  5. ben
    April 25, 2016 at 6:22 pm

    my system get hot in no time when running lightroom and photoshop, sometimes only the safari, is my system infected?i'm on macbookpro 15'' retina

  6. Rhonda Huot
    April 4, 2016 at 8:54 pm

    I'm trying to use malwarebytes on a google browser as I keep having something trying to download when I use safari. I don't know what I'm doing wrong as it shows that it is in my applications folder but won't let me eject or even run the program. I feel like I'm missing a step in the installation but have done everything the instructions say. Any help?

  7. Joe
    March 17, 2016 at 8:14 pm

    Does Webroot scan for all of these?

    • Justin Pot
      March 22, 2016 at 1:40 pm

      I can't find evidence of Webroot working on Mac at all, but I could be wrong.

  8. Dame
    January 20, 2016 at 9:27 pm

    Sooo...hypothetically speaking of course, say I did download software from The Pirate Bay and it's causing said hypothetical Mac to slow a little. What would I do in that scenario? What would I have to download in order to get rid of any infections?

  9. Grace
    December 1, 2015 at 6:14 pm

    I've tried everything and my problem has not been solved. I keep seeing popups on my browser, usually when I'm being redirected by a link. They are all from Mackeeper, and they all force me to quit Safari. I did not install anything on my computer, other than Adobe. I've searched everywhere for a way to keep the ads from appearing, but I have not found a solution yet. I downloaded and installed Malwarebytes but it has not found anything. I've followed instructions that said to delete certain files from the Library, but I don't have any of the ones mentioned. I've tried switching networks and the problem just won't go away.

    • Justin Pot
      December 1, 2015 at 6:18 pm

      Hey Grace, if you switch your browser does the problem happen there too? Download Firefox and try it out. If the ads don't pop up there, I'd suggest checking your Safari extensions and seeing if anything familiar is there.

      Sorry this is happening to you, that's frustrating.

      • Grace
        December 1, 2015 at 6:23 pm

        I don't have any Safari Extensions, but I'll try downloading Firefox.

    • CHRiS
      June 2, 2016 at 3:09 am

      Omg do not install mackeeper it is and adware virus it

    • CHRiS
      June 2, 2016 at 3:11 am

      just get rid of mackeeper it is all adware and will not go away untill you get rid of mackeeper and you can gooogle how to get rid of it.

  10. Nicole
    November 24, 2015 at 9:14 pm

    this worked for me thank you so much :)

  11. Anonymous
    October 19, 2015 at 11:15 pm

    I was having pop up's out of no where. It was hell. I used the AdwareMedic and it fixed everything. Thanks so much for this information.

    • Justin Pot
      October 20, 2015 at 12:03 am

      I'm so glad this article was helpful for you!

  12. Anonymous
    August 15, 2015 at 5:03 pm

    Did you know that there is now Malwarebytes For Mac?

    • Justin Pot
      August 15, 2015 at 5:52 pm

      I do! I've tried it out, runs quickly. And it seems like they've hired the blogger behind The Safe Mac, which bodes well

  13. Lad
    May 23, 2015 at 4:51 pm

    Thank you very much Justin, I used AdwareMedic and it helped. Then I donated them of course. It is very frustrating constantly getting those "wasps"- adds. But now my new mac book pro is fast again.

    • Justin Pot
      May 23, 2015 at 7:30 pm

      I'm glad you got it all tuned up!

  14. Grant R.
    December 3, 2014 at 3:48 pm


    Good morning! I removed 2 different Mac viruses in my first six months (I remember because it surprised me so much), and I was only put in charge of about 30 Macs. I wouldn't call them common, but they are just as easy to get and they're just as bad. Go to a shady website, or stick in a flash drive from a co-worker and whammo, you're infected.

    The best way to describe it is the two "S" words: MacOS is safer, but not more secure. Safer in the odds - they are far lower you'll contract a virus... but not any more secure in that when a virus wants to get in, it most certainly will (assuming you are not protected).

    Check out Apple's very own security updates page:

    Often, they release security updates several times a month. That should tell you something about the current and active status of malware on the Mac. Hope that helps! Stay safe out there.

  15. Paul
    December 3, 2014 at 2:48 pm

    Having worked in both PC-centric and MAC-centric enterprise environments, I agree that the PC is decidedly more prone to infection than the Mac *** HOWEVER *** the existence of Macintosh platform viruses going (way) back to SevenDust and the AutoStart worm support the premise that ANY device (including Linux systems) connected to the Internet or to a network which has an active Internet connection needs to have some sort of active malware protection...

    • Justin Pot
      December 3, 2014 at 8:01 pm

      You're right! I didn't mean to say that viruses aren't possible, or even likely, just that if you're having trouble with your Mac the problem is usually something else. But I really appreciate you taking the time to point out that I may have underplayed malware's role, and I hope it's a useful resource to fellow readers.

      Have a great day, okay?

  16. Grant R.
    December 2, 2014 at 9:01 pm

    I think that telling Mac owners they "probably aren't" infected is not wise. I was a consultant for a Mac-only IT company, and I personally removed viruses from Macs during that time. They are computers. They are no different from any other computer in that they are susceptible to viruses through all of the same channels... including websites, external storage, email, and local area networks. Merely sticking to software downloads from the App Store is not enough to protect you. If you own a Mac, please get and use a good AV product!

    (To add to Justin's list, ESET also makes a decent Mac AV product.)

    • Justin Pot
      December 3, 2014 at 2:31 pm

      How common were Mac viruses in your experience? I also worked IT and never really ran into any (but did run into a few antivirus apps that made things unstable), but it's been a few years. Is it possible I'm a little out of date?

    • Robert Drake
      February 26, 2015 at 3:44 pm

      is this Richard?

  17. Bud
    November 27, 2014 at 3:42 pm

    Thanks for this info. here. Always good to know and to be updated.

  18. Doc
    November 26, 2014 at 11:28 pm

    You've completely forgotten the Flashback trojan, which infected more than 600,000 Macs through flaws in Java. Months later, 50,000 machines were *still* infected.

    • Justin Pot
      November 29, 2014 at 2:36 pm

      I was just giving a few examples, and tried to only pick recent ones. I wasn't trying to give a complete list of every piece of Mac malware; that would be longer than a lot of people realize.