On Feb 19, 2020, at 4:02 PM, Jim Saklad via Groups.Io wrote:
Randy ¨C
I¡¯ve found, over the years, that if you offer an opinion, it is generally researched, well-formed, and sound.
How nice of you to say! Thank you!
I've spent many years as the head of a user group for attorneys. You can't say anything to attorneys without making a strong case and usually offering citations for what you are saying. (Even when you are just trying to help someone!) So I've gotten into the habit of doing that. I *do* want to be helpful and not just be someone who offers wild opinions with nothing to back them up.
Do you have one of those opinions about Sqwark¡¯s DetectX, and what it is, or is not, good for?
The thing is, Apple and the traditional anti-virus software companies don't seem to consider adware and PUP's (potentially unwanted programs such as MacKeeper) to be Malware at all (unless they also do something malicious, beyond serving up ads), and they don't look for them and defend against them. (I'm not sure, but I suspect that Apple, and maybe the traditional anti-virus software developers too, are wary about the legal ramifications of setting their products to delete potentially unwanted programs where it might be possible for the developers of the PUP's to argue that they are legitimate and not truly malicious in a courtroom. It would be nasty to lose a lawsuit to a company that claims that you are going around deleting or blocking their legitimate commercial product.) So, Mawarebytes and DetectX are sort of invaluable products, since the Mac OS itself, and traditional anti-virus programs, don't protect you from adware.
Both Malwarebytes and DetectX claim to look for all Mac malware, not just adware. I find that impossible to believe, because either product does a scan of your entire drive that only lasts less than a minute. By contrast, a true anti-malware product can take an hour or more to scan your entire drive.
What seems more likely is that both products only look in a few pre-determined places on your drive quickly, and only look for a select number of pieces of malware, likely the ones that are easy to spot just by their file name. But they both do an excellent job of finding and removing adware. So that's what they are good for; when you find that you've been hit with adware, either product seems to be great at removing it. As of late, while malware is almost non-existant on the Macintosh, adware is fairly common, and it's easy to get infected with it if are uninformed. (Often it comes in the form of a pop-up offering you a download of something like a Flash upgrade.)
I've stopped recommending Malwarebytes; at least as a first choice for dealing with adware. MalwareBytes has become very intrusive recently. Even the free version of MalwareBytes now installs a lot of files all over your Mac, deep in the System. If you put "malwarebytes" into EasyFind, it's really varied for folks. Some find just a few files, some find as many as 23! I don't know what they are all doing, but as they are all very deep in the System, I don't trust the product, and, especially after the dishonest "report" that they just released that has some less knowledgeable Mac users all freaked out about malware now, I don't trust the company it comes from.
Instead I now recommend DetectX for dealing with adware, which isn't as intrusive, for dealing with adware:
DetectX/Swift
Since adware isn't truly malicious, and you almost always know when you have it, I don't recommend using the automated scanning features of either DetectX or Malwarebytes, which might slow down your Mac or create software conflicts. In fact, you probably don't even need to download either program until and unless you are hit by adware. If you are the paranoid type, you may even want to use EasyFind to delete either program after you've used it, just to be careful that the program isn't harvesting personal information of yours.
___________________________________________
Randy B. Singer
Co-author of The Macintosh Bible (4th, 5th, and 6th editions)
Macintosh OS X Routine Maintenance
___________________________________________
