Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
What is the best antivirus for Mac El Capitan?
- Thread starter RLM365
- Start date
- Sort by reaction score
Correct, AV wouldn't install when El Cap was first released. It's all OK now though.
Both Sophos and Avast work without a problem -- not sure about the other ones.
There'll be a lot of Apple fanboys telling you that you don't need Antivirus on a Mac.
While Macs haven't really seen an actual 'virus' since OS X came out, there's still enough malware to justify a little extra protection for some people.
More of these programs really should be called antimalware applications, because they clean up more than just viruses.
For most users Malwarebytes Anti-Malware (formerly AdwareMedic) will be sufficient, it clears away the Mac malware you'd really need to worry about.
I recommend Sophos Antivirus or Intego VirusBarrier if you want a little more protection.
I'd stay away from Avast! as the Mac version has an unacceptably high false positive rate, with files randomly flagged as compression bombs, and random Windows malware or viruses.
While Macs haven't really seen an actual 'virus' since OS X came out, there's still enough malware to justify a little extra protection for some people.
More of these programs really should be called antimalware applications, because they clean up more than just viruses.
For most users Malwarebytes Anti-Malware (formerly AdwareMedic) will be sufficient, it clears away the Mac malware you'd really need to worry about.
I recommend Sophos Antivirus or Intego VirusBarrier if you want a little more protection.
I'd stay away from Avast! as the Mac version has an unacceptably high false positive rate, with files randomly flagged as compression bombs, and random Windows malware or viruses.
Two questions:
a) Who would qualify as 'some people'?
b) For which actual malware that is actively used to attack Macs would you use the programs you recommend?
These are not fanboy-questions, but I'm genuinely curious why and what you recommend!
thanks for clearing this up
simon
I use Intego VirusBarrier. Aside from the obvious occasional performance hit (installing Xcode), it works fine. As a consultant I can't afford a client perception that I'm sloppy about protecting their data and networks. You never want to be the consultant who isn't running AV software when a client's tech is compromised by malware or viruses.
Sophos for the win, Just make sure you use the old version.
https://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition-legacy.aspx
Yes, I have to agree that Sophos works well. The only issue is "rootless" and El Cap. You will notice that you can't "open" it. There is a workaround and it took me forever to figure it out. You need to disable SIP.
Reboot into Recovery (Cmd+R at the chime). In Utilities>Terminal enter "csrutil disable" and reboot. That will disable SIP and On-Access Scanning should work. Note that this is not a "solution" since Apple added SIP to El Capitan for security purposes and really should be enabled. Moreover, it's likely that any future beta will turn it back on by default. Also, csrutil has three arguments: disable, enable, and status. The first two will only work in Recovery. Status will also work in Terminal after booting normally.
The new "home version" allows monitoring and blocking certain terms or websites, too. Works pretty well.
Anyone who feels they need the extra protection.
I make a few recommendations in the post you quoted a portion of to ask these questions, but I'll repeat them anyway.
MalwareBytes Anti-Malware is sufficient for some, it'll deal with a lot of Mac malware you'd actually need to worry about.
Sophos Anti-Virus and Intego VirusBarrier are my recommendations for a little more protection.
I also make a warning:
- Stay FAR AWAY from Avast! on a Mac, as its false positive rate is too high on the Mac for it to be of any use.
Jumpie ...I appreciate you taking the time to respond though I am not quite sure what it means. Are you saying Sophos works fine but first you have to disable SIP before it will work?
In my experience Avast has not been any issue. I also use Bitdefender from the Apple store, Malwarebytes for Mac, and several independent application to audit the systems security. Dependent on the role of the system the level of protection varies, nor is it confined to malware detection.
Q-6
Last edited:
I like Eset Cyber Security Pro. Use it on my home machines, and we also deploy it on our Mac's at work. Runs clean and smooth, and no performance impact that I've ever noticed.
SIP is System Integrity Protection. It's enabled by default at least on the latest beta. Sophos has to update their software to bypass this. Without disabling it, Sophos didn't run the way it used to. It's because Apple instituted a "rootless" system. It took me hours of searching to figure it out. I thought something was wrong with it so I uninstalled it and reinstalled and the same thing. Even with the latest version, which I think is better, needs to have SIP disabled to work correctly.
Sophos occasionally caused kernel panics for me in the past and I vaguely remember that Sophos was always a bit behind the curve as far as safe computing practices on the Mac were concerned. Particularly, there was the risk of a remote root exploit, but I am not sure whether this has been mitigated by now. Nevertheless, the fact that it still seem to require SIP to be turned off could mean that they have not embraced Apple’s security policies. Use this program with caution.
Thomas Reed’s malware guide is a recommended read. I only have his MalwareBytes program installed, but I practically never use it. I keep it around just in case I ever need it. I used ClamXav before it turned into commercial software, but I have not looked at it since. Generally speaking, I would prefer an application that does not require SIP to be turned off, is properly signed for Gatekeeper and does not add a lot of bloat. There are no conclusive tests on the efficacy of these products, however.
Thomas Reed’s malware guide is a recommended read. I only have his MalwareBytes program installed, but I practically never use it. I keep it around just in case I ever need it. I used ClamXav before it turned into commercial software, but I have not looked at it since. Generally speaking, I would prefer an application that does not require SIP to be turned off, is properly signed for Gatekeeper and does not add a lot of bloat. There are no conclusive tests on the efficacy of these products, however.
Last edited:
Likewise I only have MalwareBytes installed on my machines but haven't really used it (MB was used frequently back when I was on Windows). To me the best AV out there is the one between your ears 
Has anyone here ever had Mac Malware install on their Macs? And if they did what was it and how did they install it?
http://www.thesafemac.com/mmg/
Pretty good article here that covers the topic well. In short, I think most current malware and adware is getting installed embedded in otherwise legitimate apps users are intentionally installing. For example, you find a copy of say UTorrent at some website and download then install that app, while unbeknownst to you, there is adware or malware included in the installer. Many formerly reputable sites like CNet and MacUpdate are now embedding these adware apps in their installers.
