Anti-virus question

Discussion in 'Mac Basics and Help' started by viktorlsn, Apr 10, 2012.

  1. viktorlsn macrumors member

    Joined:
    Sep 26, 2011
    Location:
    Brazil
    #1
    yeah so don't know where to post it, but this is the thing.
    i have Symantec endpoint protection installed and "aparently" up to date. but i've been reading along MR and found out that clamxav is the best, and endpoint consumes a LOT of RAM.
    which one should i trust ? clamxav or just keep endpoint ? does it values that much of RAM ? better choices ?

    any advices and comments are very welcome ! :D
    thanks in advance

    Viktor
     
  2. simsaladimbamba

    Joined:
    Nov 28, 2010
    Location:
    located
    #2
    Use ClamXAV, since it is non intrusive and only runs when you want and does not hog up CPU and RAM, unless you enable the sentry feature, which is not needed.
    I run Macs malware free since 2004 without the presence of any AV software.

    Currently there are zero viruses affecting Mac OS X in public circulation, but there are other kinds of malware existing, that can infect your Mac.
    But as long as you don't install software from unknown and untrusted sources, you are safe, as malware needs administrative permissions to run successfully, which means, you need to install the malware yourself, it can't install itself (one of the reasons, why a Mac OS X virus hasn't appeared yet).
    To learn more about malware in Mac OS X and what steps can be taken to protect yourself, read the following F.A.Q.:
    Mac Virus/Malware Info by GGJstudios
    The above F.A.Q. includes the following topics:
    • Malware terminology - What is the difference between viruses, worms, and Trojans?
    • Antivirus apps
    • What security steps should I take?
    • What about sending files to Windows users?
    • Why am I being redirected to other sites?
    • Recent threats in the news

     
  3. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #3
    Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 10 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). Also, Mac OS X Snow Leopard and Lion have anti-malware protection built in, further reducing the need for 3rd party antivirus apps.
    1. Make sure your built-in Mac firewall is enabled in System Preferences > Security > Firewall

    2. Uncheck "Open "safe" files after downloading" in Safari > Preferences > General

    3. Uncheck "Enable Java" in Safari > Preferences > Security. Leave this unchecked until you visit a trusted site that requires Java, then re-enable only for your visit to that site. (This is not to be confused with JavaScript, which you should leave enabled.)

    4. Change your DNS servers to OpenDNS servers by reading this.

    5. Be careful to only install software from trusted, reputable sites. Never install pirated software. If you're not sure about an app, ask in this forum before installing.

    6. Never let someone else have access to install anything on your Mac.

    7. Don't open files that you receive from unknown or untrusted sources.

    8. Make sure all network, email, financial and other important passwords are complex, including upper and lower case letters, numbers and special characters.

    9. Always keep your Mac and application software updated. Use Software Update for your Mac software. For other software, it's safer to get updates from the developer's site or from the menu item "Check for updates", rather than installing from any notification window that pops up while you're surfing the web.
    That's all you need to do to keep your Mac completely free of any virus, trojan, spyware, keylogger, or other malware. You don't need any 3rd party software to keep your Mac secure.

    If you want to run antivirus software, ClamXav is one of the best choices, since it isn't a resource hog, detects both Mac and Windows malware and doesn't run with elevated privileges. You can run scans when you choose, rather than leaving it running all the time, slowing your system. ClamXav has a Sentry feature which, if enabled, will use significant system resources to constantly scan. Disable the Sentry feature. You don't need it. Also, when you first install ClamXav, as with many antivirus apps, it may perform an initial full system scan, which will consume resources. Once the initial scan is complete, periodic on-demand scans will have much lower demands on resources.
     
  4. viktorlsn thread starter macrumors member

    Joined:
    Sep 26, 2011
    Location:
    Brazil
    #4
    yeah thanks for the reply you two, I've already read those topics and texts you sent before posting this thread, this was not the question. I asked who is better, clamxav or ( if you had heard of) symantec's endpoint protection. but thanks anyway ! cheers

    Viktor

    P.S. i will consider unnistalling my endpoint and trying clamxav. ;)
     
  5. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #5
    As I said, ClamXav is one of the best choices. Symantec, not so much. If you intend to uninstall EndPoint, the most effective method for complete app removal is manual deletion:
     
  6. simsaladimbamba

    Joined:
    Nov 28, 2010
    Location:
    located
    #6
    As explained, ClamXAV is the better choice, or do you need or want to run AV software all the time? For instance, the recent Flashback trojan deleted itself by just checking for installed AV software (which didn't need to run) and finding it.
     
  7. viktorlsn thread starter macrumors member

    Joined:
    Sep 26, 2011
    Location:
    Brazil
    #7
    thansk for the info and the link ! i'll try that.


    yeah i was so indecise because i wanted a software that scanned automatically my downloads, as symantec's did and does, that sometimes reminded me that that file was maybe not trustable, so thought "wow if i havent had that software, probably i would be screwd." . and also scanned any hard drive and .dmg file that i open. i was not sure about those features in clamxav, but i'll try that, i think i can manually scan those files, i'll not die. :D

    thanks again !
     
  8. Sylon macrumors 68020

    Sylon

    Joined:
    Feb 26, 2012
    Location:
    Michigan/Ohio, USA
    #8
    There is some really good info in this thread, so much so that I downloaded ClamXav and ran a scan. It found 5 trojans stored in my email program, likely emails that I identified myself as spam and marked them as such. They just never left my computer apparently. Thanks for the tips guys.



    Now, does anyone know how to get rid of that damn red badge on the application in Launcher? It says (5) and its annoying me.
     
  9. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #9
    That's likely the number of items it found. You should have an option of deleting those items, which should reset the counter. Also, it's likely those trojans were Windows trojans, which would have no effect on your Mac.
     
  10. Sylon macrumors 68020

    Sylon

    Joined:
    Feb 26, 2012
    Location:
    Michigan/Ohio, USA
    #10
    I did delete them, but the badge is still there. I even did another scan and its still showing up in the Launchpad. The badge doesn't appear on the app icon when its in the dock, just in the Launchpad.
     
  11. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #11
    Strange! You could try checking their support site to see if there's a resolution.
     
  12. throAU macrumors 601

    throAU

    Joined:
    Feb 13, 2012
    Location:
    Perth, Western Australia
    #12
    I'm running sophos and am pretty happy with it.

    Keeps out of the way, updates, etc.
     
  13. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #13
    Sophos should be avoided, as it could actually increase your Mac's vulnerability, as described here and here. Read the 3rd post in this thread for information about ClamXav.
     
  14. throAU macrumors 601

    throAU

    Joined:
    Feb 13, 2012
    Location:
    Perth, Western Australia
    #14

    Hmm cheers, will look into it.

    edit:
    root process, got it. still suspect exploiting this is theoretical only (dns poisoning, update server hijack, etc). at the end of the day its my data i care about, and that is all stored under my user account, which i am guessing clamXav would have access to anyway, to run...
     
  15. viktorlsn thread starter macrumors member

    Joined:
    Sep 26, 2011
    Location:
    Brazil
    #15
    WAHTCH OUT GUYS !
    made a test myself, got a random windows virus from the web, scan it with clamxav and it DID NOT FOUND ! tried with SYMANTEC ENDPOINT PROTECTION 11.0 and it DID FOUND !!!! clamxav is not that good after all. :/

    cheers everyone and good luck to ya all !

    Viktor
     

    Attached Files:

  16. chrono1081 macrumors 604

    chrono1081

    Joined:
    Jan 26, 2008
    Location:
    Isla Nublar
    #16
    Symantec is one of the worst viruses out there. Ever. Not only does it flag a million false positives but it also rarely actually removes anything.

    That aside you are scanning a rar file, its not something that will affect your Mac, its a Windows virus. I use Macs and Linux machines all the time at work to scan drives on Windows machines.
     
  17. xTRIGGER092x macrumors regular

    Joined:
    Jul 21, 2011
    #17
    ClamXAV isn't a great virus scanner in the scheme of things, but it's perfectly adequate for running a Mac. It's been decent so far in detecting the stuff that really matters (the few Mac trojans out in the wild) along with a decent portion of Windows infections to prevent you from spreading things to Windows-using friends. However, your friends should already have AVs and common sense to protect them from malware, and if you use Gmail, emails with attachments are scanned for viruses before they are sent.

    Do what you want, but Symantic (along with any other AV for Mac) will slow down your machine noticably by constantly checking your system for infections, and I can pretty much assure you, unless some huge outbreak of malware for Mac begins to occur, that you will never encounter an infection for Mac OS X. It's just really unnecessary to pay money for antivirus, especially on a Mac.
     
  18. Tumbleweed666 macrumors 68000

    Joined:
    Mar 20, 2009
    Location:
    Near London, UK.
    #18
    All virus scans will miss some viruses, even the best ones, no one can get 100%. You just happened to find one that Clam didnt see but SE did, but that could easily have been a reversed position. You'd have to conduct a test scan against thousands of viruses and malware to determine which is best overall.

    I dont see the point spending money, time and effort scanning a Mac for Windows viruses, if your friends are vulnerable because of one you pass on, then they dont have AV and so will almost certainly be infected already, multiple times.
     
  19. simsaladimbamba

    Joined:
    Nov 28, 2010
    Location:
    located
    #19
    What do you mean by that? Most AV software running on Mac OS X scans primarily for Windows malware anyway, otherwise they had to few to report.
     
  20. old-wiz macrumors G3

    Joined:
    Mar 26, 2008
    Location:
    West Suburban Boston Ma
    #20
    How would you even get a windows antivirus program to run on a Mac without bootcamp or vmware???
     

Share This Page