If you know that malware or other unauthorized software is installed on a Mac but it's not actively running, finding it can be challenging. By nature, malware usually hides in obscure locations, uses innocent-looking or misleading names, and may use other tricks to avoid detection.
As before, the easiest way to find such programs is to run a commercial anti-malware utility. Such programs contain extensive databases of the characteristics of known malware programs — as well as heuristics that enable them to identify much as-yet-unknown malware — and can find them wherever they may lurk on your disk by scanning every file.
For more on anti-malware software, see Chapter 14.
If you can't use anti-malware software for some reason, if you don't trust its results, or if it fails to locate malicious software that you're sure is there, you can use a few tricks to track it down.
The first thing to keep in mind is that a program can't do any good (or any damage) when it's simply sitting idle on your hard disk. Only when the software is actively running can it accomplish anything. Therefore, it stands to reason that the program's designer would include some mechanism to make sure it runs — either at startup, on a recurring schedule, or in response to a frequent ...