Is DetectX itself malware?
Solution 1:
I'm the developer of DetectX.
A few facts about my app pertinent to your question:
i. DetectX does not ask for admin rights either to install or run.
ii. DetectX does not install any 'helper' apps or contain any other binaries save for i. it's own macOS binary and ii. the Sparkle updater binary.
iii. DetectX cannot delete anything save for the things shown in the Search panel. The user has to authorise any deletion by first pressing the 'Trash All' button, and if the offending item requires admin privs, by further providing authorisation to either the Finder or osascript. This happens on a per-file basis - i.e., the user has to authorise each file individually. DetectX cannot do mass deletions of files outside of user space.
iv. DetectX itself never asks for or sees your admin password. Any requests made for permissions is done via osascript or the Finder, and they deal with the password request and carry out the requested task.
i., ii., iii. and iv. were all deliberate design choices to make DetectX as safe as possible. Unlike some other security tools, DetectX itself cannot be hijacked to take over the user's system as it does not have - nor can it acquire - any root privileges.
A word of warning about using Avast in particular with DetectX: last I checked, Avast flags DetectX as a threat. I believe this is due to the fact that Avast is not smart enough to recognise that DetectX contains search strings that look for adware, malware and other associated badware. Users can inspect these search strings themselves as most are in plain text in the Resources folder of the app's bundle. This is stated on the DetectX home page, and there is a link there to further info about problems with Avast. All other reputable AV software recognises DetectX as safe.
Please contact me through the website if you haver further questions about DetectX.
Solution 2:
Assuming you downloaded DetectX via the author's own website, there seems to be no cause for concern. Like you, I can find no reports of the application causing problems in the five years it has been available, and nothing about the developer's Twitter account looks suspicious. On his own website, the DetectX author also lists the manual steps needed to remove MacKeeper, so you can at least verify that it has correctly done that.