There have been trojans, but no Viruses. Regardless of what that link you posted says.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
What is Best AntiVirus for Mountain Lion?
- Thread starter dfine1966
- Start date
- Sort by reaction score
There have been trojans, but no Viruses. Regardless of what that link you posted says.
That wasn't a virus; it was a trojan. There has never been a true virus in the wild that can infect Mac OS X. There have been viruses that affected Mac OS 9 and earlier versions.
No. It is a type of malware. Malware is an category of software that includes viruses and trojan horses.
Think "All elephants are grey, but not all grey things are elephants."
No, both are types of malware. Read my first post in this thread and the Mac Virus/Malware FAQ for an explanation.
GGJ, what is your opinion of Avast on OSX? When doing PC work, it's one of my three favorites. (MSE is easiest but anything that kills the windows update agent destroys MSE, panda cloud is lightweight and invisible but not quite as tough as avast, avast is tougher and slightly quicker than MSE but requires a subscription.)
On OSX, when working in a mixed platform environment, I use ClamXav, but when avast was released, I was really curious. It didn't uninstall like a regular app though, which made me nervous.
On OSX, when working in a mixed platform environment, I use ClamXav, but when avast was released, I was really curious. It didn't uninstall like a regular app though, which made me nervous.
I haven't heard anything about it that causes concern, but I haven't tested it.
In what way?
It kept trying to repair itself. I eventually figured out that it can be uninstalled easily from within the app, but it was creepy watching it try to heal itself when I was trying to purge it from the system.
I rarely use uninstallers, as they usually leave remnants behind. Even when I do, I follow up with a manual cleanup, to get what they left.
dragging to the trash didn't work, files that I cleaned up around the system would trigger the thing to place new ones back in their place, killed tasks respawned almost instantly, etc. It does not want to be touched.
GGJ, I see you post in every anti-malware discussion here so I figure your opinion on Avast would be worth reading.
For apps like that, I'd boot in safe mode, then use the following method to remove all traces. The most effective method for complete app removal is manual deletion:
I'll be the first to admit I don't know everything... no one does. But I do know a few things. When I have some time, I'll check out Avast.
Considering how much effort has gone into securing mountain lion, I am anxious to see what vector hackers will use to break into it. Last time was Java, and many people can do just fine without that.
Same question, same rhetoric;
There are several reasons to run antivirus/malware on OS X especially if you are dealing with a mixed environment passing on malicious code even inadvertently does you no favours in the profesional world, let alone family and friends. What does not hurt your Mac & OS X may bring a PC to it`s knees.
You do need to be careful on the choice of application; ClamXav is extremely light and only looks in realtime at what you specify and it`s free. The sentry is presently utilising 0.2% of CPU consuming just over an hours worth of CPU time over several weeks and this is on a machine over four years old. Does anyone seriously still believe that running ClamXav on todays modern hardware impacts performance! The paid for packages I agree are a waste of $ offering little more than a placebo with a heavyweight user interface. ClamAV the parent of ClamXav protects numerous servers globally, which is a pretty good tip...
ClamXav will have no impact on a modern Intel based Mac. To have a free, low headroom, accurate scanner that offers a lot of flexibility and not utilize it seems somewhat stubborn at best. The retorts of AV being a resource hog, boils down to one thing, research; ClamXav will not bog your system down, if it does you have some other inconsistencies that need addressing, or your hardware is so old it`s well and truly time to upgrade, on my Early 2008 MBP ClamXav is simply invisible, there is absolutely no degradation of performance, as for the i7 2.4 MBP & now the Retina MBP it`s completely transparant.
I have literally decades of work on my systems, I have no intention of losing any data, ClamXav is but one tool in a multilayered safety net. Lets face it, if and when OS X is compromised it will spread like wildfire as many fundamentally believe that OS X is invulnerable. I am not entirely sure posts that overly renforce this false sense of security are helpful to the average user, even Apple recognise the threat, however the updates are too slow to be considered a preventative measure...
I have never had a positive hit in all the years I have run ClamXav equally OS X is gaining traction and it`s simply a matter of time before someone figures it out, thinking otherwise is simply naive. ClamXav cost me nothing monetarily nor time in productivity, this is a safety net that costs little more than five minutes of your time, one of life's better investments.
Virus/malware gains traction by exploiting vulnerabilities on unprotected systems. I don't believe for one second that CalmXav is the single security solution for OS X, it is however the de-facto standard for many mail servers globally (ClamAV), and the app is rapidly updated.
Apple has included ClamAV with OS X server since 10.4 and continues to do so today (http://www.apple.com/macosx/server/specs.html) with OS X 10.7.3 Lion Server. ClamXav is transparent on a Intel based Mac, adds another level of protection at zero cost.
Apple also clearly list Calmav-137-1 on their 10.7.3 Open Source page (http://www.opensource.apple.com/release/mac-os-x-1073/) admittedly it is not implemented in the Lion client release, equally I would not be surprised if it was quietly implemented in a forthcoming release of OS X as was XProtect implemented in Snow Leopard. Apple may simply choose to integrate ClamAV into Xprotect and the vast majority will never know the difference. As of OS X 10.6 your Mac is running anti malware like it or not
There are many compelling reasons to run ClamXav and few if any not too, personal choices aside I fundamentally believe that suggesting that OS X is safe to all and does not need such tools is very much a step in the wrong direction; not all are technically minded, neither do all users who may have access to machines follow the same rules and guidelines. The vast majority simply point and click to get to where or what they want ClamXav simply serves as a barrier to protect those that are unaware and some cases unconcerned, ultimately such safeguards protect the community as a whole.
Be mindful that some of those advising that there is no need for Mac`s to run any form of AV, have already have a high level of computing proficiency and a deep understanding of the system, your kid`s, your grandparent`s, the guy from next door etc likely wont have this knowledge. The premis is to keep the the community as a whole safe, or of course we can all simply ignore the threat and hope that by doing little to nothing, disabling functionality will do the trick.
Install, dont install it`s down to you now...............
There are several reasons to run antivirus/malware on OS X especially if you are dealing with a mixed environment passing on malicious code even inadvertently does you no favours in the profesional world, let alone family and friends. What does not hurt your Mac & OS X may bring a PC to it`s knees.
You do need to be careful on the choice of application; ClamXav is extremely light and only looks in realtime at what you specify and it`s free. The sentry is presently utilising 0.2% of CPU consuming just over an hours worth of CPU time over several weeks and this is on a machine over four years old. Does anyone seriously still believe that running ClamXav on todays modern hardware impacts performance! The paid for packages I agree are a waste of $ offering little more than a placebo with a heavyweight user interface. ClamAV the parent of ClamXav protects numerous servers globally, which is a pretty good tip...
ClamXav will have no impact on a modern Intel based Mac. To have a free, low headroom, accurate scanner that offers a lot of flexibility and not utilize it seems somewhat stubborn at best. The retorts of AV being a resource hog, boils down to one thing, research; ClamXav will not bog your system down, if it does you have some other inconsistencies that need addressing, or your hardware is so old it`s well and truly time to upgrade, on my Early 2008 MBP ClamXav is simply invisible, there is absolutely no degradation of performance, as for the i7 2.4 MBP & now the Retina MBP it`s completely transparant.
I have literally decades of work on my systems, I have no intention of losing any data, ClamXav is but one tool in a multilayered safety net. Lets face it, if and when OS X is compromised it will spread like wildfire as many fundamentally believe that OS X is invulnerable. I am not entirely sure posts that overly renforce this false sense of security are helpful to the average user, even Apple recognise the threat, however the updates are too slow to be considered a preventative measure...
I have never had a positive hit in all the years I have run ClamXav equally OS X is gaining traction and it`s simply a matter of time before someone figures it out, thinking otherwise is simply naive. ClamXav cost me nothing monetarily nor time in productivity, this is a safety net that costs little more than five minutes of your time, one of life's better investments.
Virus/malware gains traction by exploiting vulnerabilities on unprotected systems. I don't believe for one second that CalmXav is the single security solution for OS X, it is however the de-facto standard for many mail servers globally (ClamAV), and the app is rapidly updated.
Apple has included ClamAV with OS X server since 10.4 and continues to do so today (http://www.apple.com/macosx/server/specs.html) with OS X 10.7.3 Lion Server. ClamXav is transparent on a Intel based Mac, adds another level of protection at zero cost.
Apple also clearly list Calmav-137-1 on their 10.7.3 Open Source page (http://www.opensource.apple.com/release/mac-os-x-1073/) admittedly it is not implemented in the Lion client release, equally I would not be surprised if it was quietly implemented in a forthcoming release of OS X as was XProtect implemented in Snow Leopard. Apple may simply choose to integrate ClamAV into Xprotect and the vast majority will never know the difference. As of OS X 10.6 your Mac is running anti malware like it or not
There are many compelling reasons to run ClamXav and few if any not too, personal choices aside I fundamentally believe that suggesting that OS X is safe to all and does not need such tools is very much a step in the wrong direction; not all are technically minded, neither do all users who may have access to machines follow the same rules and guidelines. The vast majority simply point and click to get to where or what they want ClamXav simply serves as a barrier to protect those that are unaware and some cases unconcerned, ultimately such safeguards protect the community as a whole.
Be mindful that some of those advising that there is no need for Mac`s to run any form of AV, have already have a high level of computing proficiency and a deep understanding of the system, your kid`s, your grandparent`s, the guy from next door etc likely wont have this knowledge. The premis is to keep the the community as a whole safe, or of course we can all simply ignore the threat and hope that by doing little to nothing, disabling functionality will do the trick.
Install, dont install it`s down to you now...............
That's admirable, but everyone has to take responsibility for their own system when it comes down to it. They should be running AV anyway, and if they are not, it's not your fault if something bad happens. There are very effective free AV products for Windows.
Ironically that`s exactly what he is requesting help with. I find it hilarious how people are so adamant that other operating systems must have AV or any issue occurs it will be completely their own fault, yet they flatly refuse to accept the need or run AV on a Mac, on the premise that nothing has happened so far...
I would start by absolutely ignoring people that say just to be careful what you install; while this is obviously excellent practise it is not a sure way to protect your system, it is almost always better to have something else as backup. Quite simply; when it comes to computer security there's no point just assuming nothing can get onto your system, no matter what you do to secure it, instead you should always assume that something can still get onto your machine. This is why it's always better to have something as backup, just to be sure.
I used to use ClamXav because it's free, but the lack a real-time scanner even as an option made it less useful to me, as its folder sentry can be really inconsistent in performance when it kicks in (for example if you use it on your downloads folder, and e-mail is pretty much out of the question). On-demand scanning is fine, but if you open something after forgetting to scan it first then on-demand scanning is suddenly no longer any kind of protection at all.
I currently use Intego VirusBarrier X6 and have found it to be okay; I'd recommend against enabling all of its features, in particular I wouldn't bother with any of the web features as they're mostly tacked on as an afterthought and cause more problems than they're worth. Likewise with the anti-spyware, as Little Snitch is much better. Likewise, while its firewall offers some extra options there isn't really much of an advantage over just using the OS X firewall or, if you're happy with your network security, relying on your modem/router's firewall if it has one.
Still, it's nice and easy to setup for real-time scanning, and for good measure you can throw in a quick-scan on definition update, and it should protect you very well. I've never found the real-time scanner to intrude on performance, though it will be RAM heavy if you have less than 4gb installed.
I used to use Avast on Windows machines before Microsoft security essentials came out and found it to be pretty good, though I've no experience with the Mac version.
I used to use ClamXav because it's free, but the lack a real-time scanner even as an option made it less useful to me, as its folder sentry can be really inconsistent in performance when it kicks in (for example if you use it on your downloads folder, and e-mail is pretty much out of the question). On-demand scanning is fine, but if you open something after forgetting to scan it first then on-demand scanning is suddenly no longer any kind of protection at all.
I currently use Intego VirusBarrier X6 and have found it to be okay; I'd recommend against enabling all of its features, in particular I wouldn't bother with any of the web features as they're mostly tacked on as an afterthought and cause more problems than they're worth. Likewise with the anti-spyware, as Little Snitch is much better. Likewise, while its firewall offers some extra options there isn't really much of an advantage over just using the OS X firewall or, if you're happy with your network security, relying on your modem/router's firewall if it has one.
Still, it's nice and easy to setup for real-time scanning, and for good measure you can throw in a quick-scan on definition update, and it should protect you very well. I've never found the real-time scanner to intrude on performance, though it will be RAM heavy if you have less than 4gb installed.
I used to use Avast on Windows machines before Microsoft security essentials came out and found it to be pretty good, though I've no experience with the Mac version.
There is no protection that any antivirus app can provide that can't already be provided by practicing safe computing. However, the reverse isn't always true. There have been instances where a threat was thwarted by practicing safe computing when no antivirus would have helped. If you want multiple approaches to security, that's fine. But practicing safe computing is the safety net and backup to catch those things missed by antivirus apps, not the other way around.
Microsoft Security Essentials is extremely good, lightweight and free. I use it on all my Windows development virtual machines running in Parallels on OS X and VirtualBox on Linux. It's more effective than the enterprise McAfee crap we use for Windows desktops and servers at work, which hammers performance. Anyone using Windows virtual machines on OS X should be running something, and MSE works well.
While I didn't suggest that anti-virus should take precedence over good practises, I would disagree with this statement. You could be the most careful person in the world but there is always the possibility of making a mistake and opening a file that you didn't verify somehow first.
With all the myriad possible attacks on a system good practise can only take you so far as while you may trust a website to take good security precautions, you can't verify with certainty that they're secure at any given moment. Even the most trustworthy sources can make mistakes, meaning files you download could always potentially contain malware, even if you trust where it came from. Unless you operate good practise with a total level of paranoia it's always better to have some other mechanism protecting against your mistakes, or the mistakes of others.
If anything the two things complement one another, as you can have the strongest anti-virus in the world that'll let you down if you spend all day downloading pirated software from malware riddled websites. But on the other hand you can be the most careful person in the world but that doesn't mean you can't still make mistakes. At least with the combination of the two you can be a bit less fastidious without compromising security, which is why the combination is my ideal as I (like most people I think) am naturally lazy
It's also why I recommend anti-virus with real-time scanners; while they do necessarily use up some processing time, most are very efficient these days, and on-demand scanning only requires you to forget to check a file once to leave you vulnerable.
In the same way, antivirus apps don't have 100% detection rates, so if you use one, don't let it give you a false sense of security. The fact is that there are so few instances of Mac OS X malware in the wild, it's very likely that most users will never encounter any, unless they frequently engage in high-risk activities.
I'm not suggesting that you shouldn't run antivirus, only that it's not required to keep a Mac malware free. Practicing safe computing without a 3rd party AV app will keep your Mac safer than running an antivirus app without practicing safe computing.
That's becoming increasingly less true, you only have to look at some of the more recent malware to see that they're becoming more sophisticated more quickly, so there's definitely more attention on the Mac than there was, which is great, but not when it comes to the future of Mac malware
The number of major websites that were compromised in the last year doesn't exactly paint a pretty picture on trustworthiness either, since apparently most major corporations don't even use basic password security in their databases… which has made it pretty difficult to trust any of them since we don't get to see their security implementation details. Here's to hoping some kind of trustworthy auditing scheme takes off to let users see a service's real security credentials, as SSL doesn't count for much if the other end is using the database equivalent of a text-edit file!
Anyway, this is all off topic really; everyone should be using some basic care when using their computer, or more specifically using online services, but on the original topic of Mac antivirus options my own experience is to use VirusBarrier if you're willing to pay for it, or if going free be aware of the limitations of what ClamXav actually does, since it's really just an on-demand scanner only, with some auto-scan stuff tacked on.
Even with the "widespread" Flashback trojan, only about 1% of Mac users were affected. That leaves 99% that never encountered it or were never affected by it. There's certainly more attention on the Mac by the media, who likes to hype any trojan that comes along as the prophet of doom for Macs. I'm not suggesting sticking your head in the sand. Being aware of new developments is very helpful, but as of this date, the fact is that the vast majority of Mac users have never encountered Mac OS X malware, as it's still much more rare to find than Windows malware.That's becoming increasingly less true, you only have to look at some of the more recent malware to see that they're becoming more sophisticated more quickly, so there's definitely more attention on the Mac than there was, which is great, but not when it comes to the future of Mac malware
Have been using Intego's software for more than six years. But I'm dumping Intego's software by end of the year. Intego recently updated VirusBarrier X6 to VirusBarrier 2013 and Net Barrier 2013. X6 was okay in general but occasional updates did sometimes cause some internet connection problems. However with the 2013 version, Intego spilt X6 into two applications and they stupefied them! If you want to clear scan logs in VirusBarrier 2013, you have to dig deep into LIbrary folder to remove the log. As for Net Barrier 2013, I don't know where to begin. No log to view network traffic. Extremely limited configuration. Slow down local network connection. Seems like all the best features in X6 are removed. But Intego tells you that everything is working the background 'cleverly'. If you contact tech support, they will give an AppleScript to generate full information logs about your Mac and they will ask you to send the full info logs back to them to see what's the problem. So much for security for a security software.
Uninstall all Intego crap and bought Little Snitch. Although have to do more work with LS, at least I know what the software is doing. As for anti-virus, I have switched to ClamXav and Bitdefender Virus Scanner. Tried other popular free antivirus software and didn't like them.
Little Snitch, ClamXav and Bitdefender Virus Scanner should be enough for me. And just take note of virus threats news and monitor LaunchAgents folders.
Uninstall all Intego crap and bought Little Snitch. Although have to do more work with LS, at least I know what the software is doing. As for anti-virus, I have switched to ClamXav and Bitdefender Virus Scanner. Tried other popular free antivirus software and didn't like them.
Little Snitch, ClamXav and Bitdefender Virus Scanner should be enough for me. And just take note of virus threats news and monitor LaunchAgents folders.