What's your recommended anti-virus software?

Discussion in 'Mac Apps and Mac App Store' started by JayS90, Apr 6, 2012.

  1. JayS90 macrumors member

    Joined:
    Jan 2, 2011
    Location:
    London, UK
    #1
    So with the recent reports of half a million Macs infected with the Flashback malware, I was wondering if anyone could provide some recommendations for their preferred anti-virus software for OS X?

    I'm sure there are users out there who, like me, never took the time to bother with anti-virus software as it's not unusual for Mac owners to be told and to assume they don't need anti-virus software.

    Thanks in advance! :)
     
  2. SandboxGeneral Moderator

    SandboxGeneral

    Staff Member

    Joined:
    Sep 8, 2010
    Location:
    Orbiting a G-type Main Sequence Star
    #3
    You really don't need an anti-virus for your Mac. You just need to be a wise user and not install (by authorizing it with your admin password) any software you don't know or trust.

    Also see, Mac Virus/Malware FAQ

    But if you really want one, ClamXav is one of the best choices, since it isn't a resource hog, detects both Mac and Windows malware and doesn't run with elevated privileges.

    Sources: GGJstudios
     
  3. mulo macrumors 68020

    mulo

    Joined:
    Aug 22, 2010
    Location:
    Behind you
  4. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #5
    Given the latest trojan, does this change the conventional wisdom of this?

    Since the flashback trojan does not prompt the user for a password, its quite easy to get infected.

    My Macs were not infected by this latest malware so I cannot state how easy/hard it is to fall for this, but times are changing and malware writers are getting better at their game. My point is we may be at the tipping point where antivirus software is a sound decision.
     
  5. soloer macrumors 6502a

    soloer

    Joined:
    Sep 27, 2004
    Location:
    Omaha
    #6
    If you happen to have Little Snitch installed, you can stop outbound traffic you aren't expecting. Not saying you need it, but I like knowing what my machine is talking to. Then if you got malware like this and saw something trying to connect somewhere strange, you could stop it and then worry about cleaning up.
     
  6. SandboxGeneral Moderator

    SandboxGeneral

    Staff Member

    Joined:
    Sep 8, 2010
    Location:
    Orbiting a G-type Main Sequence Star
    #7
    Perhaps I missed it, but I thought I read that the Flashback Trojan masqueraded as Software Update and required the user to input their password.

    If that is wrong, then perhaps we are on the cusp of a major change on OS X.

    I was confident that my Mac wasn't infected and checked it according to the F-Secure instructions and confirmed that I was not infected.

    For the tech-savvy user who is cautious with their web browsing and installation of applications, they shouldn't need an A/V. I ran Windows XP for years without any A/V and just a hardware firewall and keeping up with Microsoft Updates. When I switched to Mac, and before I gave my IBM-PC away, I put an A/V on it and scanned it for fun. It didn't find anything worse than cookies.
     
  7. JayS90 thread starter macrumors member

    Joined:
    Jan 2, 2011
    Location:
    London, UK
    #8
    Glad to see a healthy discussion! :)

    I too checked the F-Secure instructions and found that my machine is also not infected, but I thought perhaps it's time to install a safety net in the form of AV software just in case the malware writers really are getting better. Nothing wrong with a bit of safety!

    But I agree, common sense is the most effective anti-virus. I'm always careful with what I download and browse, and I also have Little Snitch installed.
     
  8. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #9
    I'll be the first to admit that I have not followed this particular issue that closely and I generally don't update my mac until I absolutely have too, so I'm not a good potential victim I guess ;)

    I agree with you on this but even tech savvy users can have a brain cramp.

    I used to respond to these types of threads with the typical you don't need it type of response but as more malware makes it way onto the platform, can we in good conscience keep stating that when we have no idea of the technical expertise of the poster. If the estimates of the flashback trojan are any where near accurate then I'd say perhaps added protection is needed because too many Mac users are blinded to the needs of practicing safe computing.
     
  9. s15119 macrumors 65816

    s15119

    Joined:
    Nov 20, 2010
    #10
    I use this awesome free program. It's called Common Sense. It rawks!
     
  10. soloer macrumors 6502a

    soloer

    Joined:
    Sep 27, 2004
    Location:
    Omaha
    #11
    The only problem with that program is that some people do not have it installed.
     
  11. s15119 macrumors 65816

    s15119

    Joined:
    Nov 20, 2010
    #12
     
  12. SandboxGeneral Moderator

    SandboxGeneral

    Staff Member

    Joined:
    Sep 8, 2010
    Location:
    Orbiting a G-type Main Sequence Star
    #13
    I admit the same! haha Been too busy this week to pay close attention to the forums.

    I think we can continue state that, but add the caveat that each person should take care to know what they're doing, or if they aren't savvy enough, should perhaps use an A/V. At least until such a time that may come where infections are spread widely in the wild where the user doesn't need to do anything other than turn their Mac on and go online.
     
  13. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #14
    No, you still don't need antivirus to keep your Mac malware-free.

    Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 10 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). Also, Mac OS X Snow Leopard and Lion have anti-malware protection built in, further reducing the need for 3rd party antivirus apps.
    1. Make sure your built-in Mac firewall is enabled in System Preferences > Security > Firewall

    2. Uncheck "Open "safe" files after downloading" in Safari > Preferences > General

    3. Uncheck "Enable Java" in Safari > Preferences > Security. Leave this unchecked until you visit a trusted site that requires Java, then re-enable only for your visit to that site. (This is not to be confused with JavaScript, which you should leave enabled.)

    4. Check your DNS settings by reading this.

    5. Be careful to only install software from trusted, reputable sites. Never install pirated software. If you're not sure about an app, ask in this forum before installing.

    6. Never let someone else have access to install anything on your Mac.

    7. Don't open files that you receive from unknown or untrusted sources.

    8. Make sure all network, email, financial and other important passwords are complex, including upper and lower case letters, numbers and special characters.

    9. Always keep your Mac and application software updated. Use Software Update for your Mac software. For other software, it's safer to get updates from the developer's site or from the menu item "Check for updates", rather than installing from any notification window that pops up while you're surfing the web.
    That's all you need to do to keep your Mac completely free of any virus, trojan, spyware, keylogger, or other malware. You don't need any 3rd party software to keep your Mac secure.
     
  14. Mal macrumors 603

    Mal

    Joined:
    Jan 6, 2002
    Location:
    Orlando
    #15
    GGJ Studios advice is great. If you still insist on an anti-virus (or if work or school requires it), then ClamxAV is the only one I would recommend.

    jW
     
  15. Old Smuggler macrumors 6502a

    Old Smuggler

    Joined:
    Sep 8, 2006
    #16
    That's the best answer

    But if you need an AV program I would use Kaspersky
     
  16. old-wiz macrumors G3

    Joined:
    Mar 26, 2008
    Location:
    West Suburban Boston Ma
    #17
    Or they failed to update from the version they were using 20 years ago.
     
  17. snberk103 macrumors 603

    Joined:
    Oct 22, 2007
    Location:
    An Island in the Salish Sea
    #18
    I think we also need to keep in mind that the news about this Java malware is actually old news. I remember reading about how to detect this threat here on MR some time ago... What is new "news" is that someone has just figured out how many Macs are potentially infected (remember it is all educated speculation at this point), and it is being reported that it has morphed into a slightly more dangerous infection (not more infectious, just that it does more if it gets into your system).

    I've had Java turned off on my system for quite awhile now based on what I read here on MR when this was 1st reported.

    I think reading MR daily is your best defense against malware - at least at this time. If something does crop up, like this, it will hit MR very quickly and there will be enough information given for you to take the appropriate action. Keep in mind that if/when a new malware threat appears any AV protection is only going to have - at most - a few hours lead time before it hits MR. If the AV protection is updating daily, you could find out about the threat on MR (and take remedial action) before your AV protection is updated and starts protecting against the threat.

    So... I recommend Common Sense and daily reading of MR. :)
     
  18. OS X Dude macrumors 6502a

    OS X Dude

    Joined:
    Jun 30, 2007
    Location:
    UK
    #19
    Kaspersky does kick ass. I use it on my Windows 7 partition and it's great - doesn't make Windows run slow and constantly gets reviewed in the tech mags and websites as offering protection on a level with the best of them.
     
  19. philxor macrumors regular

    Joined:
    Dec 21, 2010
    #20
    The newest version which exploits the issues in the Java runtime will ask for an admin password but it will infect the host whether you input one or not unless you have the patched Java runtime. If someone inputs the password it just uses a different mechanism than if you do not.

    ClamXav is what I would recommend.
     
  20. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #21
    If you follow the recommendations in post #14, it's a non-issue.
     
  21. jzuena macrumors 6502a

    jzuena

    Joined:
    Feb 21, 2007
    Location:
    Lexington, MA, USA
    #22
    Little Snitch is supposedly one of the applications this malware looks for and silently aborts if found, so you should be safe from Flashback. At home I use fairly complex ipfw firewall rules (shamelessly copied from work) for inbound filtering and Little Snitch for outbound filtering paired with the hardware firewall in my access point. I've also uninstalled Flash (use Chrome if I find a site that needs flash) and disabled Java in my main browser.

    At work we are required to use McAfee for Windows, OSX and Linux. On Linux I also install ClamAV since McAfee is so bad, but I just use the installed McAfee for OSX and Windows. I've also uninstalled Flash, but our software update software keeps reinstalling it whenever there is a new OSX version released by Adobe. Since McAfee isn't free, I wouldn't recommend that over ClamXav.
     
  22. JayS90 thread starter macrumors member

    Joined:
    Jan 2, 2011
    Location:
    London, UK
    #23
    I have to say that all this advice is great :) I was curious to find out what methods people use to protect their Macs against threats, and this thread has really opened my eyes. Thanks for all the posts, guys! :D keep 'em coming if you feel the need to chime in! :p
     
  23. philosopherdog macrumors 6502a

    philosopherdog

    Joined:
    Dec 29, 2008
    #24
    It's just fear mongering by companies like f-secure because they want to prey on the ignorance of Mac users. Keep your Mac up to date, and don't be an idiot. 3rd party anti-virus is succumbing to unjustified fear. 1 Trojan makes the news. Give me a break. Windows is crawling with Trojans, worms, viruses, botnets, you name it, in the hundreds of thousands. And one Trojan makes the news. Why are people so damn stupid? OS X is a beautiful thing. Enjoy it. Live prophylactic free and wild. Set aside the nay sayers who are just talking nonsense anyway.
     
  24. philxor macrumors regular

    Joined:
    Dec 21, 2010
    #25
    Of course, but most of the folks infected probably have no idea what MacRumors is. If folks followed every security best practice there was, we'd have a lot less infected computers out there period, whether it be windows or osx.

    I just don't want misinformation being spread that you have to enter in an admin password to be susceptible to it, it's just not true. If you have an out of the box install of osx with nothing done to it, you are susceptible, period.
     

Share This Page