What is the best antivirus for Mac El Capitan?

Discussion in 'Mac Apps and Mac App Store' started by RLM365, Feb 5, 2016.

  1. RLM365 macrumors newbie

    Feb 5, 2016
    I have read that initially El Capitan had compatability problems working with some antivirus software applications. Has this been fixed and if so is there an antivirus software that seems to works best with El Capitan?
  2. thejasonhowell macrumors regular


    Nov 14, 2013
    Peoria, Illinois
    Stay off the betas and you'll be fine.
  3. keysofanxiety macrumors G3


    Nov 23, 2011
    Correct, AV wouldn't install when El Cap was first released. It's all OK now though.

    Both Sophos and Avast work without a problem -- not sure about the other ones.
  4. beebarb macrumors 6502


    Sep 10, 2015
    There'll be a lot of Apple fanboys telling you that you don't need Antivirus on a Mac.

    While Macs haven't really seen an actual 'virus' since OS X came out, there's still enough malware to justify a little extra protection for some people.

    More of these programs really should be called antimalware applications, because they clean up more than just viruses.

    For most users Malwarebytes Anti-Malware (formerly AdwareMedic) will be sufficient, it clears away the Mac malware you'd really need to worry about.

    I recommend Sophos Antivirus or Intego VirusBarrier if you want a little more protection.

    I'd stay away from Avast! as the Mac version has an unacceptably high false positive rate, with files randomly flagged as compression bombs, and random Windows malware or viruses.
  5. zaxxon72 macrumors member

    Oct 5, 2007
    Two questions:
    a) Who would qualify as 'some people'?
    b) For which actual malware that is actively used to attack Macs would you use the programs you recommend?

    These are not fanboy-questions, but I'm genuinely curious why and what you recommend!

    thanks for clearing this up
  6. kastorff macrumors regular


    Oct 7, 2006
    I use Intego VirusBarrier. Aside from the obvious occasional performance hit (installing Xcode), it works fine. As a consultant I can't afford a client perception that I'm sloppy about protecting their data and networks. You never want to be the consultant who isn't running AV software when a client's tech is compromised by malware or viruses.
  7. BlandUsername macrumors regular


    Jan 18, 2016
    In yer server room, fixing the tubes
  8. Jumpie macrumors 6502a


    Jul 7, 2008
    Yes, I have to agree that Sophos works well. The only issue is "rootless" and El Cap. You will notice that you can't "open" it. There is a workaround and it took me forever to figure it out. You need to disable SIP.
    Reboot into Recovery (Cmd+R at the chime). In Utilities>Terminal enter "csrutil disable" and reboot. That will disable SIP and On-Access Scanning should work. Note that this is not a "solution" since Apple added SIP to El Capitan for security purposes and really should be enabled. Moreover, it's likely that any future beta will turn it back on by default. Also, csrutil has three arguments: disable, enable, and status. The first two will only work in Recovery. Status will also work in Terminal after booting normally.

    The new "home version" allows monitoring and blocking certain terms or websites, too. Works pretty well.
  9. beebarb macrumors 6502


    Sep 10, 2015
    Anyone who feels they need the extra protection.

    I make a few recommendations in the post you quoted a portion of to ask these questions, but I'll repeat them anyway.

    MalwareBytes Anti-Malware is sufficient for some, it'll deal with a lot of Mac malware you'd actually need to worry about.
    Sophos Anti-Virus and Intego VirusBarrier are my recommendations for a little more protection.

    I also make a warning:
    - Stay FAR AWAY from Avast! on a Mac, as its false positive rate is too high on the Mac for it to be of any use.
  10. RLM365 thread starter macrumors newbie

    Feb 5, 2016
    Jumpie ...I appreciate you taking the time to respond though I am not quite sure what it means. Are you saying Sophos works fine but first you have to disable SIP before it will work?
  11. Queen6, Feb 5, 2016
    Last edited: Feb 5, 2016

    Queen6 macrumors 604


    Dec 11, 2008
    Land of the Unexpected
    In my experience Avast has not been any issue. I also use Bitdefender from the Apple store, Malwarebytes for Mac, and several independent application to audit the systems security. Dependent on the role of the system the level of protection varies, nor is it confined to malware detection.

  12. stooovie macrumors 6502a

    Nov 21, 2010
    Disable robust security measure to install outdated security measure? Seems legit :)
  13. diggy33 macrumors 6502


    Aug 13, 2011
    I like Eset Cyber Security Pro. Use it on my home machines, and we also deploy it on our Mac's at work. Runs clean and smooth, and no performance impact that I've ever noticed.
  14. Jumpie macrumors 6502a


    Jul 7, 2008
    SIP is System Integrity Protection. It's enabled by default at least on the latest beta. Sophos has to update their software to bypass this. Without disabling it, Sophos didn't run the way it used to. It's because Apple instituted a "rootless" system. It took me hours of searching to figure it out. I thought something was wrong with it so I uninstalled it and reinstalled and the same thing. Even with the latest version, which I think is better, needs to have SIP disabled to work correctly.
  15. KALLT, Feb 6, 2016
    Last edited: Feb 6, 2016

    KALLT macrumors 601

    Sep 23, 2008
    Sophos occasionally caused kernel panics for me in the past and I vaguely remember that Sophos was always a bit behind the curve as far as safe computing practices on the Mac were concerned. Particularly, there was the risk of a remote root exploit, but I am not sure whether this has been mitigated by now. Nevertheless, the fact that it still seem to require SIP to be turned off could mean that they have not embraced Apple’s security policies. Use this program with caution.

    Thomas Reed’s malware guide is a recommended read. I only have his MalwareBytes program installed, but I practically never use it. I keep it around just in case I ever need it. I used ClamXav before it turned into commercial software, but I have not looked at it since. Generally speaking, I would prefer an application that does not require SIP to be turned off, is properly signed for Gatekeeper and does not add a lot of bloat. There are no conclusive tests on the efficacy of these products, however.
  16. iMidway macrumors newbie


    Mar 21, 2015
    Likewise I only have MalwareBytes installed on my machines but haven't really used it (MB was used frequently back when I was on Windows). To me the best AV out there is the one between your ears :D
  17. Marshall73 macrumors 65816


    Apr 20, 2015
    Has anyone here ever had Mac Malware install on their Macs? And if they did what was it and how did they install it?
  18. Weaselboy Moderator


    Staff Member

    Jan 23, 2005

    Pretty good article here that covers the topic well. In short, I think most current malware and adware is getting installed embedded in otherwise legitimate apps users are intentionally installing. For example, you find a copy of say UTorrent at some website and download then install that app, while unbeknownst to you, there is adware or malware included in the installer. Many formerly reputable sites like CNet and MacUpdate are now embedding these adware apps in their installers.
  19. shankar2 macrumors 6502a

    Jun 7, 2009
    Hi I want to know what is the best antivirus program for my elcapitan mac?
  20. MacDawg macrumors Core


    Mar 20, 2004
    "Between the Hedges"
    Common sense
    Its your best AV on the Mac
  21. maflynn Moderator


    Staff Member

    May 3, 2009
    I'd say none, and just practice good computing habits. If you have to have one, then consider malwarebytes.
  22. ButteryScrollin macrumors 6502a

    Jul 29, 2014
  23. rcorai macrumors regular


    Apr 18, 2011
  24. Mr_Brightside_@ macrumors 68030


    Sep 23, 2005
  25. shankar2 macrumors 6502a

    Jun 7, 2009

Share This Page