Most Unobtrusive Virus Protection

[s15119]

I've been a Mac user for a long time. I've read a lot of threads about virus software and I spent a little bit of time searching before I read this.

I've never used virus or anti-malware software on any of my Macs and I don't find it to be a necessity. Yeah, I know there is malware, but sensible computing habits do a better job of defeating those than running software that sometimes resemble a virus more than most viruses.

I've found myself in a situation where the only way I can access an employers network with my trusty Macbook Air is if I run some kind of virus software. They don't seem to care what I run, I just need to run something.

I'd like advice on what is going to be the most unobtrusive option. Something that stays out of my way, doesn't use up my processor cycles and "just works". It would also be nice if it was free or cheap.

Please don't use this thread to debate whether Apple users need to worry about that. There are tons of threads where it's been debated to death. Let's try to keep it to "If you MUST run virus software, whats the best option".

Thanks in advance.

 

[SurferPup]

Intego

Intego I have found to be not annoying and easily allows the user to open ports.

 

[Andropov]

I'd go for a virus scanner, because it doesn't work on the background, so you can use it to "scan" for virus when you really need it (never).

 

[GGJstudios]

Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 12 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). 3rd party antivirus apps are not necessary to keep a Mac malware-free, as long as a user practices safe computing, as described in the following link.

​

Read the What security steps should I take? section of the Mac Virus/Malware Info for tips on practicing safe computing.

If someone insists on running antivirus for some reason, ClamXav is a good choice, as it doesn't run with elevated privileges, isn't a resource hog, detects both OS X and Windows malware, and can run when you want it to, rather than having it running all the time.

 

[aaronvan]

Security Best Practices

1) Always operate behind a router.
2) Never click on a link in an email.

Those two steps are pretty much all the average user needs to protect themselves (even a Windows user). I usually don't even have the OS X firewall enabled.

 

[robgendreau]

+1 on ClamXav. And you can try it out.

 

[Mr. McMac]

ClamXav's been my choice for the past 4 or 5 years. No noticeable impact on performance from my experience

 

[Shrink]

Another vote for ClamXav...only works when you activate it ,so it's not a resource hog, and does the job well. I've been using it roughly monthly (probably not necessary to use it that often, but I'm a bit of a security freak) for several years, and while an av may not be absolutely necessary with OS X...if one is going to use an av...I think this is a very good choice.

 

[BenTrovato]

Eset Cyber Security

 

[DanCorleone]

If someone insists on running antivirus for some reason, ClamXav is a good choice, as it doesn't run with elevated privileges, isn't a resource hog, detects both OS X and Windows malware, and can run when you want it to, rather than having it running all the time.

I have a file on my computer that has a windows virus, but i had no idea of it until a Windows user informed me I had sent them a file with a virus. Obviously such a virus is totally harmless to a Mac user, and we have no idea.
For that reason, I have decided to go with a program that can also detect Windows Viruses.... so I'll give ClamXav a try.

 

[beachmusic]

Eset Cyber Security

That one and also Webroot SecureAnywhere AV are really quiet.

 

[majordude]

Eset Cyber Security

+1

Kaspersky will slow your system down BIG time. It performs scans in the background that really suck up system resources.

 

[magicMac]

Sophos for mac is pretty good; very light weight. But I did recently uninstalled it because it really honestly never finds anything.

 

[nebo1ss]

Your employer is right to require Anti-Virus software to protect their network. You may introduce a file to the network that while it may not affect you could affect others. However, they are are not nearly serious enough if they allow you to decide what Anti-virus software to use. They would hopefully also require a VPN client with RSA SecurID Authentication.

 

[cerote]

Sophos for mac is pretty good; very light weight. But I did recently uninstalled it because it really honestly never finds anything.

I would avoid Sophos because it used to run the update service as elevated user which made your system even more open to intrusion if someone takes advantage of update server or spoof it. Not sure if they fixed it yet or not.

Clamxav is best suggestion if you have too. It is lightweight and if you need to actually have it watch folder it doesn't take much resources to watch one or two folders. It will if you having it watch a ton of places though. (At least from my personal experience with using it for several years). For those that need it for work the main parts is to have it watch the mail folder and downloads and you are mostly good to protect from spreading windows stuff onto windows users.

 

[PicnicTutorials]

+1 on ClamXav. And you can try it out.

ClamX is the lightest. That's a good option for on demand. ClamX, Sophos, and Avast are top three. Sophos ws my first choice untill I deleted them. If you want to spend money webroot is your best option in my opinion. It was the only one that did not drain my ram to zero while it scanned.

 

[QuantumLo0p]

I would avoid Sophos because it used to run the update service as elevated user which made your system even more open to intrusion if someone takes advantage of update server or spoof it. Not sure if they fixed it yet or not...

Do you mean similar to Apple apps that can run with elevated privileges? lol

 

[cerote]

Do you mean similar to Apple apps that can run with elevated privileges? lol

Yes but we are not really talking about safety of other apps here right now. I just shared opinion on that AV software on what others have found. As GGJ has posted above gives examples in the link of what one to use if you needed to use one. Here is a quote mainly on the Sophos and an example of how that type of exploit had been used before.

I would not use Sophos because the component (and almost all of its components) of the software that receives updates is running with root privileges such that an exploit would be remote root if an exploit was found for that component.

Given that Sophos is 32 bit, the security mitigations can be defeated by bruteforce techniques if an exploitable vulnerability is found in the software.

For example, McAfee LinuxShield <= 1.5.1 Local/Remote Root Code Execution. Different OS but same principle could be used if exploit found in Mac AV software running as root.

With ClamXav, all of the components do not run as root. The exception is a daemon that scans for changes in folders to initiate launching clamscan if you use the Sentry feature but it does not receive inputs from a remote source.