I did a search for Malware and Virus with no results on Tidbits Talk. So. … Should I,We Mac users, with the most updated macOS that is possible, need to be running Antivirus or Anti-malware software on our Macs?
If it or they are needed, what is the best to use?
I’ve been using a Mac since 1995 - started with a Power Macintosh 6100. I think I used some sort of antivirus back when floppy disks were used and them maybe Norton Antivirus 8 and 9 about 20 years ago. Can’t remember. I haven’t used any for at least since then.
I always hesitate to offer advise along these lines since I am unfamiliar with your computing practices. Those that live on the brink with little regard for safe habits are likely to need a robust anti-malware scanner, while those that are overly cautious are unlikely to need anything more than what macOS currently provides. Somewhere in the middle are most users who may occasionally visit a page that isn’t what it appears to be or quickly dismiss a warning dialog because we all see too many. For those I believe a some free anti-malware apps that require the user to manual initiate a scan are a smart and normally trouble-free thing to do, with disk space the only investment.
From personal use, I can recommend the current version of DetectX Swift, Virus Barrier Scanner and Malwarebytes for Mac in Free mode. Those don’t use the old “scan every file for every malware every known” which take forever to complete and monopolize the CPU in the process. Rather they target known malware files located in known locations that are currently active, which takes a fraction of the time and far less computer resources. But again, you have to run scans periodically to see if you are already infected, so won’t stop a malware installer that you accidentally downloaded to your Mac.
There are a few more free ones. One that I and other users have had issues the free version of Sophos Home (not sure it’s still available). Avast and AVG (pretty much identical) have privacy concerns. You’ll find sites that find TotalAV (Avira based) to be the best free, but I’ve never found it to be useful and suspect those rating sites are run by or for TotalAV.
In case you didn’t fully grasp what I wrote, I would still recommend installing at least one of the free apps that I covered and run them periodically to make certain you don’t have anything lurking on your Mac using resources or producing annoying ads, etc. Apple is far from perfect in protecting against such minor infections and those apps take up very little drive space.
It’s very comforting to know that someone like Al has settled on pretty much the same apps I have. Whenever a client is having weird issues I run the both DetectX Swift and Malwarebytes for Mac in free mode. I do encourage the clients to pay for them if they find them useful, as I have.
In over 2 decades of Mac support, I ran across only a handful of actual viruses. However, these days adware is rampant. One of my neighbors asked for advice buying a new laptop. After Malwarebytes removed 72 evil files, he no longer needed a new computer.
Quick tip, @rkitchen (and everyone else!): If you just want to thank someone for their help, click the heart button underneath the post that helped you, rather than replying, particularly multiple times. TidBITS Talk has about 11,000 users, many of whom receive everything in email, and it’s best not to clutter everyone’s mailboxes with short “thank you” messages. The heart count is a good way to get a sense of how positive the community is about a particular post.
Similarly, if you want to post short replies to multiple people in a topic, you can do so in a single message. Select some text in the first message you want to reply, click the Quote button, put your reply underneath the quoted text in the composer, and then instead of clicking the Reply button to post, select more text in a subsequent message, quote that, reply, and keep going. It’s a good way to bundle multiple replies together.
One should be enough, especially if you are constrained on drive space. They all rely mostly on the same sources of information about new malware/versions. The developer staffs also all participate in daily discussions in one or more private discussion forums. When I test them against a new sample, I do see differences in timing to get their databases updated, but most of the time they all get there in a day or two.
I echo David’s point about not allowing more than one anti-malware app to operate in Real-Time/On-Access mode, where available, as doing so will definitely slow your computer.
Different real-time-scan products work in different ways, but many of them exhibit behaviors that resemble a malware attack. For instance, crawling through your entire file system and possibly saving metadata to each file (e.g. a security hash in order to detect later tampering) can look very similar to a ransomware attack in progress.
Some of these apps install themselves in a way that will cause them to self-reinstall if deleted without the official uninstaller. This is designed to protect against malware that may try to delete the scanner. This is, however, something that many malware packages do in order to protect against removal.
If you have one security suite running, it’s not a problem. If you are running two, they may detect each other as malware, try to shut-down each other, and in general make a mess of things. The result will be no protection and a lot of false-positive alerts about active attacks in progress.
@alvarnell I realise that you were focusing on free options above, but would you consider CleanMyMac X’s anti-malware as good? I have a friend who has CleanMyMac X installed and running already, is there any reason they should be adding periodic manual scans with something like DetectX, or is the automatic CleanMyMac X scanner similar enough?
I don’t feel qualified to comment on CleanMyMac X’s recent anti-malware offering. I suspect they have adopted one from another vendor rather than invent a new one from scratch, which has been common practice by several other utilities, but haven’t been able to determine one way or another.
When CleanMyMac was first released, it quickly gained a reputation of causing more harm than good by deleting essential files while “cleaning”. They also suffered from MacKeeper setting up a fake CleanMyMac website that downloaded MacKeeper instead of CleanMyMac when you hit a big green “Download” button. But that’s all behind them now. MacKeeper has seemingly abandoned their aggressive advertising ways and CleanMyMac X now has a “Safety Database” list of files that should not be deleted. And for all the other functions that CleanMyMac X has, there are ways of doing them all for free. For those reasons, I’ve always recommended users avoid all “cleaning apps”. For many years it was classified as a PUP (Possibly Unneeded Program) but I think all the anti-malware utilities that did so have now dropped the designation.
You should probably take note of the fact that MacPaw is a Ukrainian base developer but has posted these assurances of continued support.
As mentioned, this discussion was focused on free options. ClamXAV has a free trial, but requires a subscription to continue using it in any manner.
I’ll just comment that it does have a primary mode of using rapid scans of exact location of known malware installation, coupled with a real-time watching of critical locations (downloads, newly mounted drives, launchagents/daemons, etc.) and a legacy scanner that can be scheduled or manually run against either a macOS only or all platform malware signature database.