Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

What's your recommended anti-virus software?

J

JayS90

macrumors member
Original poster
Jan 2, 2011
40
0
London, UK
So with the recent reports of half a million Macs infected with the Flashback malware, I was wondering if anyone could provide some recommendations for their preferred anti-virus software for OS X?

I'm sure there are users out there who, like me, never took the time to bother with anti-virus software as it's not unusual for Mac owners to be told and to assume they don't need anti-virus software.

Thanks in advance! :)
 
You really don't need an anti-virus for your Mac. You just need to be a wise user and not install (by authorizing it with your admin password) any software you don't know or trust.

Also see, Mac Virus/Malware FAQ

But if you really want one, ClamXav is one of the best choices, since it isn't a resource hog, detects both Mac and Windows malware and doesn't run with elevated privileges.

Sources: GGJstudios
 
SandboxGeneral said:
You really don't need an anti-virus for your Mac. You just need to be a wise user and not install (by authorizing it with your admin password) any software you don't know or trust.
Click to expand...

Given the latest trojan, does this change the conventional wisdom of this?

Since the flashback trojan does not prompt the user for a password, its quite easy to get infected.

My Macs were not infected by this latest malware so I cannot state how easy/hard it is to fall for this, but times are changing and malware writers are getting better at their game. My point is we may be at the tipping point where antivirus software is a sound decision.
 
If you happen to have Little Snitch installed, you can stop outbound traffic you aren't expecting. Not saying you need it, but I like knowing what my machine is talking to. Then if you got malware like this and saw something trying to connect somewhere strange, you could stop it and then worry about cleaning up.
 
maflynn said:
Given the latest trojan, does this change the conventional wisdom of this?

Since the flashback trojan does not prompt the user for a password, its quite easy to get infected.

My Macs were not infected by this latest malware so I cannot state how easy/hard it is to fall for this, but times are changing and malware writers are getting better at their game. My point is we may be at the tipping point where antivirus software is a sound decision.
Click to expand...

Perhaps I missed it, but I thought I read that the Flashback Trojan masqueraded as Software Update and required the user to input their password.

If that is wrong, then perhaps we are on the cusp of a major change on OS X.

I was confident that my Mac wasn't infected and checked it according to the F-Secure instructions and confirmed that I was not infected.

For the tech-savvy user who is cautious with their web browsing and installation of applications, they shouldn't need an A/V. I ran Windows XP for years without any A/V and just a hardware firewall and keeping up with Microsoft Updates. When I switched to Mac, and before I gave my IBM-PC away, I put an A/V on it and scanned it for fun. It didn't find anything worse than cookies.
 
Glad to see a healthy discussion! :)

I too checked the F-Secure instructions and found that my machine is also not infected, but I thought perhaps it's time to install a safety net in the form of AV software just in case the malware writers really are getting better. Nothing wrong with a bit of safety!

But I agree, common sense is the most effective anti-virus. I'm always careful with what I download and browse, and I also have Little Snitch installed.
 
SandboxGeneral said:
Perhaps I missed it, but I thought I read that the Flashback Trojan masqueraded as Software Update and required the user to input their password.
Click to expand...
I'll be the first to admit that I have not followed this particular issue that closely and I generally don't update my mac until I absolutely have too, so I'm not a good potential victim I guess ;)

For the tech-savvy user who is cautious with their web browsing and installation of applications, they shouldn't need an A/V. I ran Windows XP for years without any A/V and just a hardware firewall and keeping up with Microsoft Updates. When I switched to Mac, and before I gave my IBM-PC away, I put an A/V on it and scanned it for fun. It didn't find anything worse than cookies.
Click to expand...
I agree with you on this but even tech savvy users can have a brain cramp.

I used to respond to these types of threads with the typical you don't need it type of response but as more malware makes it way onto the platform, can we in good conscience keep stating that when we have no idea of the technical expertise of the poster. If the estimates of the flashback trojan are any where near accurate then I'd say perhaps added protection is needed because too many Mac users are blinded to the needs of practicing safe computing.
 
I use this awesome free program. It's called Common Sense. It rawks!
 
maflynn said:
Given the latest trojan, does this change the conventional wisdom of this?

Since the flashback trojan does not prompt the user for a password, its quite easy to get infected.
Except it does masquarade as an update and you need to put in your password to get infected.
Click to expand...
Click to expand...
 
maflynn said:
I'll be the first to admit that I have not followed this particular issue that closely...
Click to expand...

I admit the same! haha Been too busy this week to pay close attention to the forums.

I agree with you on this but even tech savvy users can have a brain cramp.

I used to respond to these types of threads with the typical you don't need it type of response but as more malware makes it way onto the platform, can we in good conscience keep stating that when we have no idea of the technical expertise of the poster. If the estimates of the flashback trojan are any where near accurate then I'd say perhaps added protection is needed because too many Mac users are blinded to the needs of practicing safe computing.
Click to expand...

I think we can continue state that, but add the caveat that each person should take care to know what they're doing, or if they aren't savvy enough, should perhaps use an A/V. At least until such a time that may come where infections are spread widely in the wild where the user doesn't need to do anything other than turn their Mac on and go online.
 
maflynn said:
Given the latest trojan, does this change the conventional wisdom of this?
Click to expand...
No, you still don't need antivirus to keep your Mac malware-free.

Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 10 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). Also, Mac OS X Snow Leopard and Lion have anti-malware protection built in, further reducing the need for 3rd party antivirus apps.
  1. Make sure your built-in Mac firewall is enabled in System Preferences > Security > Firewall

  2. Uncheck "Open "safe" files after downloading" in Safari > Preferences > General

  3. Uncheck "Enable Java" in Safari > Preferences > Security. Leave this unchecked until you visit a trusted site that requires Java, then re-enable only for your visit to that site. (This is not to be confused with JavaScript, which you should leave enabled.)

  4. Check your DNS settings by reading this.

  5. Be careful to only install software from trusted, reputable sites. Never install pirated software. If you're not sure about an app, ask in this forum before installing.

  6. Never let someone else have access to install anything on your Mac.

  7. Don't open files that you receive from unknown or untrusted sources.

  8. Make sure all network, email, financial and other important passwords are complex, including upper and lower case letters, numbers and special characters.

  9. Always keep your Mac and application software updated. Use Software Update for your Mac software. For other software, it's safer to get updates from the developer's site or from the menu item "Check for updates", rather than installing from any notification window that pops up while you're surfing the web.
That's all you need to do to keep your Mac completely free of any virus, trojan, spyware, keylogger, or other malware. You don't need any 3rd party software to keep your Mac secure.
 
GGJ Studios advice is great. If you still insist on an anti-virus (or if work or school requires it), then ClamxAV is the only one I would recommend.

jW
 
JayS90 said:
So with the recent reports of half a million Macs infected with the Flashback malware, I was wondering if anyone could provide some recommendations for their preferred anti-virus software for OS X?

I'm sure there are users out there who, like me, never took the time to bother with anti-virus software as it's not unusual for Mac owners to be told and to assume they don't need anti-virus software.

Thanks in advance! :)
Click to expand...

I think we also need to keep in mind that the news about this Java malware is actually old news. I remember reading about how to detect this threat here on MR some time ago... What is new "news" is that someone has just figured out how many Macs are potentially infected (remember it is all educated speculation at this point), and it is being reported that it has morphed into a slightly more dangerous infection (not more infectious, just that it does more if it gets into your system).

I've had Java turned off on my system for quite awhile now based on what I read here on MR when this was 1st reported.

I think reading MR daily is your best defense against malware - at least at this time. If something does crop up, like this, it will hit MR very quickly and there will be enough information given for you to take the appropriate action. Keep in mind that if/when a new malware threat appears any AV protection is only going to have - at most - a few hours lead time before it hits MR. If the AV protection is updating daily, you could find out about the threat on MR (and take remedial action) before your AV protection is updated and starts protecting against the threat.

So... I recommend Common Sense and daily reading of MR. :)
 
Old Smuggler said:
That's the best answer

But if you need an AV program I would use Kaspersky
Click to expand...

Kaspersky does kick ass. I use it on my Windows 7 partition and it's great - doesn't make Windows run slow and constantly gets reviewed in the tech mags and websites as offering protection on a level with the best of them.
 
maflynn said:
Given the latest trojan, does this change the conventional wisdom of this?

Except it does masquarade as an update and you need to put in your password to get infected.
Click to expand...

The newest version which exploits the issues in the Java runtime will ask for an admin password but it will infect the host whether you input one or not unless you have the patched Java runtime. If someone inputs the password it just uses a different mechanism than if you do not.

ClamXav is what I would recommend.
 
philxor said:
The newest version which exploits the issues in the Java runtime will ask for an admin password but it will infect the host whether you input one or not unless you have the patched Java runtime. If someone inputs the password it just uses a different mechanism than if you do not.
Click to expand...
If you follow the recommendations in post #14, it's a non-issue.
 
JayS90 said:
But I agree, common sense is the most effective anti-virus. I'm always careful with what I download and browse, and I also have Little Snitch installed.
Click to expand...

Little Snitch is supposedly one of the applications this malware looks for and silently aborts if found, so you should be safe from Flashback. At home I use fairly complex ipfw firewall rules (shamelessly copied from work) for inbound filtering and Little Snitch for outbound filtering paired with the hardware firewall in my access point. I've also uninstalled Flash (use Chrome if I find a site that needs flash) and disabled Java in my main browser.

At work we are required to use McAfee for Windows, OSX and Linux. On Linux I also install ClamAV since McAfee is so bad, but I just use the installed McAfee for OSX and Windows. I've also uninstalled Flash, but our software update software keeps reinstalling it whenever there is a new OSX version released by Adobe. Since McAfee isn't free, I wouldn't recommend that over ClamXav.
 
I have to say that all this advice is great :) I was curious to find out what methods people use to protect their Macs against threats, and this thread has really opened my eyes. Thanks for all the posts, guys! :D keep 'em coming if you feel the need to chime in! :p
 
It's just fear mongering by companies like f-secure because they want to prey on the ignorance of Mac users. Keep your Mac up to date, and don't be an idiot. 3rd party anti-virus is succumbing to unjustified fear. 1 Trojan makes the news. Give me a break. Windows is crawling with Trojans, worms, viruses, botnets, you name it, in the hundreds of thousands. And one Trojan makes the news. Why are people so damn stupid? OS X is a beautiful thing. Enjoy it. Live prophylactic free and wild. Set aside the nay sayers who are just talking nonsense anyway.
 
GGJstudios said:
If you follow the recommendations in post #14, it's a non-issue.
Click to expand...

Of course, but most of the folks infected probably have no idea what MacRumors is. If folks followed every security best practice there was, we'd have a lot less infected computers out there period, whether it be windows or osx.

I just don't want misinformation being spread that you have to enter in an admin password to be susceptible to it, it's just not true. If you have an out of the box install of osx with nothing done to it, you are susceptible, period.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back