MacOS has built-in antivirus/anti-malware protection, but if you want another means to determine if your Mac is 'infected' I would suggest that you try either Malwarebytes for Mac or EtreCheck as the means to do so. Run Malware Scans. We’ve shown you how to remove malware and adware from your Mac, and in that article we recommended Malwarebytes for Mac for the occasional malware scan. It’s a great program to have around when you suspect your Mac is infected, but even if you don’t have any suspicions it’s a good habit to run a scan from time to time. Protect your Mac from malware. MacOS has many features that help protect your Mac and your personal information from malicious software, or malware. One common way malware is distributed is by embedding it in a harmless-looking app. You can reduce this risk.
Though it's not easy to hack into or break through a Mac's security, it is possible, especially if someone accidentally installs malware without realizing it. If your Mac is running slow or you're seeing unusual advertisements within your web browser you might have accidentally installed malware at some point. Don't worry. It happens to the best of us (not me, of course). There are things you can do without having to burn it all down.
The problem: Mac malware in the Library folder
Serenity Caldwell writing for iMore in 2017:
My father-in-law's MacBook Pro had been running into curious slowdowns for a two-year-old laptop and he kept on seeing weird sites taking over his Safari and Firefox search bars. It was clear to me that his browser had been hijacked.
We got rid of the browser hijack pretty quickly — I suggest using Cella's excellent how-to if you ever run into a browser hijack yourself — but the slowdowns were more curious. Upon further investigation, I found a couple of self-professed 'Mac security programs' that popped up, demanding money to 'clean your Mac from junk'.
Spoiler: These programs were the junk. And worst of all, they'd seemingly added a bunch of nonsense files into this computer's Library folder, with random folder names like 'prestidigitation' and 'beeswax'.
Now, I want to preface: I'd never seen an attack like this on a Mac before in my life, and finding this kind of full-Mac hijack is very rare. It's likely that he accidentally installed one of these 'security' programs (or had it installed), which spiraled out of control from there.
These hijacks didn't appear to be able to do much beyond slow down his machine with endless failed attempts to run a program — the process didn't have admin permissions, so it couldn't execute a thing from the library. But because they were there, they were constantly crashing aspects of his Mac. I knew I had a malfunctioning laptop on my hands, so I turned to my age-old troubleshooting checklist.
How to fix a corrupted Mac
If you're working on a computer that has slowed down beyond reasonable aging or is otherwise acting beyond the pale, here are my favorite tactics you can take to try and restore it to its former glory.
Update the system software
This is almost always the first thing I do when troubleshooting Macs: Chances are, the user hasn't installed a security update or other software updates that may be slowing their computer to a crawl.
If the computer is running macOS Sierra, you can avoid having to do this troubleshooting step in the future by turning on Automatic Install in System Preferences, which can automatically download newly available updates in the background, and install them overnight.
Check the disk for errors
If software updates aren't doing the trick, the next thing to check is the hard drive itself. With Apple's Internet Recovery partition, fixing a cranky drive is an easy process.
Your Mac will then run a cursory check on its hard drive to determine if there's anything wrong — and if so — if it can fix it.
Reset the NVRAM/PRAM and SMC
If neither app updates nor disk repair are helping, sometimes a good cache flush can get your Mac running just a bit more smoothly.
To reset the NVRAM (or, on older Macs, PRAM), reboot the Mac and hold down the following keyboard command during startup for at least twenty seconds: Command-Option-P-R.
After you reset your NVRAM, you may be required to reconfigure some system settings (like sound and time zones), which are stored in that cache.
An SMC reset is a bit more complicated, and Apple recommends it only after all other troubleshooting avenues have been exhausted.
If you're using a laptop:
If you're using a desktop:
How To Check For Malware On My Macbook ProPartition your disk (or erase it)
After exhausting all other avenues, this was the solution we came across to properly fix the broken laptop. The hard drive had been so corrupted by these 'security' programs that there was nothing I could do to fix it. When Safari launched over the login screen after a reboot, I knew my usual fixes wouldn't work: It was time to bring out the big guns.
In most cases, I'd grab an external drive, back up the corrupted disk, then wipe the drive clean with the Internet Recovery partition and start over. But there were a couple of reasons that wouldn't work here:
Given that this laptop had a 500GB hard drive — only 40GB of which was being used — I had an alternate idea: I'd partition the drive, again using Internet Recovery, and install macOS Sierra on the new partition. Essentially, it would be a 'clean' new computer for my father-in-law to work on, but all the original data would still exist on the old partition in case he needed to grab a file.
Note: In order to partition your drive, you'll need enough free space on your drive to do so — at least 30GB. If you're light on space, you may want to back up your corrupted disk to a USB drive, instead.
Tuxera ntfs for mac. Microsoft NTFS for Mac by Tuxera solves the problems managing Windows-formatted data on a Mac. Schools value our software for its high performance and reliability. If you’re planning to purchase the software for a whole lab or department, you’ll need individual licenses for each Mac that will use it. WHY YOU NEED MICROSOFT NTFS FOR MAC BY TUXERA. When it comes to Windows NTFS-formatted USB drives, Macs are only built for reading. That means you can open files stored on those drives, but you can’t edit, copy, move, or delete those files using your Mac.
How to create a partition on your Mac
Disk Utility will check the disk and make changes. This will take several minutes.Disk Utility will then make the changes. After that's completed, quit Disk Utility to return to the main Internet Recovery menu.
After you finish setting up the new hard drive, it's time to move your files over. Because of the way partitioning works, your old hard drive partition will show up next to your currently-active partition, just like an external drive; you can then grab any files you need from it.
Note: If you want to copy over applications, I'd strongly suggest redownloading them from the source — the Mac App Store or the company's website — rather than trying to copy them over from the old partition.
From here, you can follow instructions for setting a Mac up from scratch when it comes to installing and customizing anything else.
I generally recommend keeping the old drive partition around for at least a few months in case you or your family member forgets to move something over; after that period, however, you can easily delete the old partition and move to the new partition full time.
Consider additional anti-malware protection
While malware on the Mac is rare, it does crop up, as we've demonstrated. Having the right tools to get rid of malware can be an important part of keeping your Mac safe and secure. There are a number of tools that you can choose from, including popular programs like BitDefender and Kaspersky, that will help you keep malware from infecting your Mac.
MalwarebytesQuestions?
Do you have any must-follow troubleshooting steps? Let us know in the comments.
![]()
Updated July 2019: Added a sub-section regarding anti-malware protection.
Serenity Caldwell contributed to an earlier version of this guide.
Keep yourself secure on the webMain
We may earn a commission for purchases using our links. Learn more.
Apple Arcade
STELA for Apple Arcade is a shallow, sadistic, totally fun game
Can you outrun killer dark shadows? Take leaps of faith into the unknown? Traverse a world where nothing is what it seems? STELA will test your mettle.
Mac users have enjoyed a long run of fairly virus-free computing, but it shouldn’t be taken for granted that there is no virus. While Apple has kept a close grip in the App Store, some malware, on rare occasions, still make it up there. Likewise, the macOS Gatekeeper is only useful when you do not override its settings, but that will restrict you to only install apps from the App store. So if you download an app that didn’t come from the App Store, how can you check whether it is safe to install?
About Suspicious Package
Suspicious Package is a special-purpose utility program designed to check macOS packages – software files that install application programs. Packages typically contain several components, including the app itself, scripts that automate the installation process, and other files the program needs. Although the macOS packaging system is an efficient way for developers to organize all the pieces that go into an app, it’s also possible for hackers to subvert it by inserting their own malicious programming. Suspicious Package allows you to inspect the contents of any macOS package, potentially heading off a malware infection.
Download and Installation
The Suspicious Package app is available for download directly from mothersruin.com. To install it, you may have to temporarily bypass the macOS Gatekeeper which normally prevents you from installing non-App Store programs by accident. In “System Preferences” go to “Security & Privacy -> General -> Allow apps downloaded from:” and change the setting to “App Store and identified developers.” When you open the Suspicious Package dmg file, you’ll see the warning, “SuspiciousPackage.dmg blocked from opening because it is not from an identified developer.” Click the “Open Anyway” button to install the program.
Quick Look
The “Quick Look” feature displays a package summary from the Finder without having to launch the Suspicious Package app itself. This is a handy time-saver if you have several packages to check. To use Quick Look, highlight the package you want to evaluate from the Finder, then find the Quick Look item in the Finder’s File menu, or press “command + Y.”
Check a PackageHow To Check For Malware On My Macbook
To check a package you’ve downloaded, launch Suspicious Package. From the “File” menu, select “Open,” then browse your Downloads or other folder for a package file to inspect. Suspicious Package analyzes the file, then displays a set of tabs: “Package Info,” “All Files,” and “All Scripts.” If the app detects problems with the package, the Review icon indicates a warning.
Package Info
The Package Info tab gives an overview of what’s in the package. It shows how many items are installed, how many scripts it uses, and whether it is signed or not. It lists when the package was downloaded and the browser name. Finally, if the package has problems, Package Info shows the number of warnings given.
All FilesHow To Check For Malware On Mac Os Sierra
Resembling a Finder window, All Files shows all the files stored in the package, including the application itself, supporting files, and folder organization. Click on any folder to see its contents.
All Scripts
The All Scripts tab lists all the macOS shell scripts used to install the package. Each script is a mini-program containing text commands used to copy, create, and delete files. Click on a script name to see the instructions. The File menu includes options to edit a script, should you want to.
Unsigned Packages
When using Suspicious Package, you may see a warning that says the package isn’t signed. Package signing is a feature Apple developed so software developers can “stamp” their programs with a digital signature officially tying the application to the people who wrote it. The signature gives confidence that the software is legit and not a cheap knock-off. In fact, Apple requires signatures for all software in the App Store. Some developers, however, don’t spend the extra effort needed to sign their software. Many unsigned packages, including open-source and freeware programs, are actually okay to use. On the other hand, if you’re buying Mac software from a major vendor, the absence of a signature is a big red flag.
ConclusionHow To Check For Malware On Macs
The vast majority of Mac programs are free of malware. However, programs downloaded from third-party sites carry a small risk of spyware and other unwanted baggage. Though primarily aimed at technical users, Suspicious Package lets anyone evaluate macOS software for malware and other problems. The app clearly reveals the contents of a software package before you install it. Especially for Mac people who don’t use the App Store as their only source for software, Suspicious Package makes a worthy addition to your Mac toolbox.
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |