Sophos Antivirus for Mac full review
If you’re a home or non-commercial user then Sophos Home has one huge appealing factor compared to others we've reviewed: It’s free of charge.
The guys at Sophos do this because it’s good PR for their real business, which is enterprise-grade computer security. OK, so you might not run an IT department, and the largesse might therefore be lost on you. But who’s about to complain?
A caveat to the free version is that some of its Premium features will expire after 30 days. For free you'll get the real-time antivirus, parental web filtering, web protection from known malicious sites and remote management.
But if you want advanced real-time protection, advanced ransomware protection, privacy protection, live email and chat support and up to 10 devices, you can upgrade to Premium for £32/US$40 per year.
Sophos Home is mercifully minimalist, consisting only of a menu bar icon and an accompanying pop-out notification through which you can commence virus scans, or monitor the scan progress. Just to make that absolutely clear, there isn’t actually any kind of application window with this app.
Rather crazily, if you click the Show All Activity link in the pop-up, or you click Preferences on the menu, you’re directed to the Sophos Cloud web page. Here you can view the results of scans and make changes to your account. It’s also the only place you can view the results of virus scans.
Installation involved creating the aforementioned cloud account, which is also free, and then installing the app. Some text at the end of the installation routine told us to authorise installation of the kernel module, which was easy to miss but a step in the right direction compared to some other antivirus applications we've reviewed that don’t even bother to mention it.
In macOS High Sierra the use of third-party kernel modules is blocked by default unless the user chooses to allow the kernel module. This can be alarming for beginners so we're glad Sophos chose to address that during the installation process.
To begin with, we had some technical difficulties with Sophos Home. We opted for a full scan, despite the app suggesting this wasn’t really necessary unless a quick scan had found something. While the full scan was taking place a quick scan then started automatically, so we had two scans taking place at the same time.
The quick scan reported nothing was found (which wasn’t good considering 10 viruses lurked in the Download folder). However, looking at the pop-up showed that apparently the quick scan had somehow been aborted.
And then a few minutes later the entire thing crashed and the menu bar icon disappeared. We opened the app again via the Applications list of Finder, and suddenly there were two Sophos Home menu bar icons.
While irritating and somewhat confusing, a reboot fixed everything and we encountered no more problems after this.
A full scan took around 20 minutes. Sophos Home found all ten of our viruses and deleted six of them (MineSteal, Inqtana, KoobFace, Filecoder, Macarena and WeaponX). It found but didn’t clean-up three others (BadBunny, Clapzok and Repepo), choosing instead to warn us about them. It also found XcodeGhost but couldn’t remove that because doing so was impossible thanks to it being within a read-only DMG file.
Quite why it didn’t remove those three viruses is a bit of a mystery. When we extracted our virus samples from their password protected archives, Sophos Home’s always-on scanner near-instantly deleted almost all except BadBunny, Clapzok, and Renepo – those also being the ones it didn’t automatically delete earlier.
However, it did notify us of their presence, repeating the message via a notification message that it was unable to delete them. However, this time it let us place Inqtana back onto our system, and there was no warning of any kind.
We couldn't find any options to enable scheduled scanning, but we think quick scans take place automatically from time-to-time. Outside of this, however, you get the always-on protection mentioned earlier. There also doesn’t appear to be any kind of quarantine feature in Sophos Home – viruses can only be removed.