Current recommendations for anti-malware software on the Mac?

I did a search for Malware and Virus with no results on Tidbits Talk. So. … Should I,We Mac users, with the most updated macOS that is possible, need to be running Antivirus or Anti-malware software on our Macs?

If it or they are needed, what is the best to use?

I’ve been using a Mac since 1995 - started with a Power Macintosh 6100. I think I used some sort of antivirus back when floppy disks were used and them maybe Norton Antivirus 8 and 9 about 20 years ago. Can’t remember. I haven’t used any for at least since then.

I always hesitate to offer advise along these lines since I am unfamiliar with your computing practices. Those that live on the brink with little regard for safe habits are likely to need a robust anti-malware scanner, while those that are overly cautious are unlikely to need anything more than what macOS currently provides. Somewhere in the middle are most users who may occasionally visit a page that isn’t what it appears to be or quickly dismiss a warning dialog because we all see too many. For those I believe a some free anti-malware apps that require the user to manual initiate a scan are a smart and normally trouble-free thing to do, with disk space the only investment.

From personal use, I can recommend the current version of DetectX Swift, Virus Barrier Scanner and Malwarebytes for Mac in Free mode. Those don’t use the old “scan every file for every malware every known” which take forever to complete and monopolize the CPU in the process. Rather they target known malware files located in known locations that are currently active, which takes a fraction of the time and far less computer resources. But again, you have to run scans periodically to see if you are already infected, so won’t stop a malware installer that you accidentally downloaded to your Mac.

There are a few more free ones. One that I and other users have had issues the free version of Sophos Home (not sure it’s still available). Avast and AVG (pretty much identical) have privacy concerns. You’ll find sites that find TotalAV (Avira based) to be the best free, but I’ve never found it to be useful and suspect those rating sites are run by or for TotalAV.

24 Likes

@alvarnell is an expert in this field, so I’d go with his advice, with which I agree.

5 Likes

Thank you very much for this. I don’t live on the edge at all. So, I think that I am good for now.

Thank you!!!

In case you didn’t fully grasp what I wrote, I would still recommend installing at least one of the free apps that I covered and run them periodically to make certain you don’t have anything lurking on your Mac using resources or producing annoying ads, etc. Apple is far from perfect in protecting against such minor infections and those apps take up very little drive space.

6 Likes

There was a discussion not too many months ago:

Recommendations for Mac antivirus software?

3 Likes

It’s very comforting to know that someone like Al has settled on pretty much the same apps I have. Whenever a client is having weird issues I run the both DetectX Swift and Malwarebytes for Mac in free mode. I do encourage the clients to pay for them if they find them useful, as I have.

In over 2 decades of Mac support, I ran across only a handful of actual viruses. However, these days adware is rampant. One of my neighbors asked for advice buying a new laptop. After Malwarebytes removed 72 evil files, he no longer needed a new computer.

3 Likes

Thanks you for this reminder, Al. I took your advise and checked with DetectX and Malwarebytes. Nothing found!!!

1 Like

Thanks for this, Colleen.

Thank you, David!

Quick tip, @rkitchen (and everyone else!): If you just want to thank someone for their help, click the heart button underneath the post that helped you, rather than replying, particularly multiple times. TidBITS Talk has about 11,000 users, many of whom receive everything in email, and it’s best not to clutter everyone’s mailboxes with short “thank you” messages. The heart count is a good way to get a sense of how positive the community is about a particular post.

Similarly, if you want to post short replies to multiple people in a topic, you can do so in a single message. Select some text in the first message you want to reply, click the Quote button, put your reply underneath the quoted text in the composer, and then instead of clicking the Reply button to post, select more text in a subsequent message, quote that, reply, and keep going. It’s a good way to bundle multiple replies together.

16 Likes

Al,
As a point of clarification: Do you recommend that we use all three or one of the three?
Thanks,
Steve

1 Like

You shouldn’t have more than one scanner configured to be automatically running in the background.

But if you want to install all three for manual-only scans, there’s no technical reason why you shouldn’t.

3 Likes

One should be enough, especially if you are constrained on drive space. They all rely mostly on the same sources of information about new malware/versions. The developer staffs also all participate in daily discussions in one or more private discussion forums. When I test them against a new sample, I do see differences in timing to get their databases updated, but most of the time they all get there in a day or two.

I echo David’s point about not allowing more than one anti-malware app to operate in Real-Time/On-Access mode, where available, as doing so will definitely slow your computer.

3 Likes

It may be more than just slowing down the system.

Different real-time-scan products work in different ways, but many of them exhibit behaviors that resemble a malware attack. For instance, crawling through your entire file system and possibly saving metadata to each file (e.g. a security hash in order to detect later tampering) can look very similar to a ransomware attack in progress.

Some of these apps install themselves in a way that will cause them to self-reinstall if deleted without the official uninstaller. This is designed to protect against malware that may try to delete the scanner. This is, however, something that many malware packages do in order to protect against removal.

If you have one security suite running, it’s not a problem. If you are running two, they may detect each other as malware, try to shut-down each other, and in general make a mess of things. The result will be no protection and a lot of false-positive alerts about active attacks in progress.

5 Likes

@alvarnell I realise that you were focusing on free options above, but would you consider CleanMyMac X’s anti-malware as good? I have a friend who has CleanMyMac X installed and running already, is there any reason they should be adding periodic manual scans with something like DetectX, or is the automatic CleanMyMac X scanner similar enough?

1 Like

Is ClamXAV not good? I don’t see it mentioned in this discussion

2 Likes

I don’t feel qualified to comment on CleanMyMac X’s recent anti-malware offering. I suspect they have adopted one from another vendor rather than invent a new one from scratch, which has been common practice by several other utilities, but haven’t been able to determine one way or another.

When CleanMyMac was first released, it quickly gained a reputation of causing more harm than good by deleting essential files while “cleaning”. They also suffered from MacKeeper setting up a fake CleanMyMac website that downloaded MacKeeper instead of CleanMyMac when you hit a big green “Download” button. But that’s all behind them now. MacKeeper has seemingly abandoned their aggressive advertising ways and CleanMyMac X now has a “Safety Database” list of files that should not be deleted. And for all the other functions that CleanMyMac X has, there are ways of doing them all for free. For those reasons, I’ve always recommended users avoid all “cleaning apps”. For many years it was classified as a PUP (Possibly Unneeded Program) but I think all the anti-malware utilities that did so have now dropped the designation.

You should probably take note of the fact that MacPaw is a Ukrainian base developer but has posted these assurances of continued support.

I did run across a blogger who has spent time dispelling myths about the app in Is CleanMyMac X Safe? Read Before You Buy – MacMyths. There is also a link to his experiences with using the app in that article.

Lastly, I haven’t seen any of the A-V testing organizations include CleanMyMac X in any of their testing articles, so I don’t really know how well it works.

1 Like

As mentioned, this discussion was focused on free options. ClamXAV has a free trial, but requires a subscription to continue using it in any manner.

I’ll just comment that it does have a primary mode of using rapid scans of exact location of known malware installation, coupled with a real-time watching of critical locations (downloads, newly mounted drives, launchagents/daemons, etc.) and a legacy scanner that can be scheduled or manually run against either a macOS only or all platform malware signature database.

2 Likes