There are two basic camps regarding answering your question. One camp says there are no mac virus's today so you don't need an antivirus. They are correct there are none today, and the mac architecture makes it difficult to propagate any.
There's another camp, which I am in, that says that, like the stock market, past performance is not a guarantee for the future. Most agree if you want to run an antivirus, that ClamXav, available from http://www.clamxav.com , is the only one to run. Others have generally been glitchy in the mac environment. I've run ClamXav for years without issues. It has alerted me to phishing emails before I've gotten to my mail. It can pick up the presence of Windows virus, which while they won't hurt your mac, could be forwarded to your Windows friends. Mine is set up to scan incoming email and downloads.
If your're really worried, you can use Sophos Anti-Virus for the Mac which is free for individuals. I've been using it for a couple of years with no problems. I might add that I've been using a Mac since 1984 and never had a virus or any other malware.
I'm in the camp that says "not needed" but you can follow some simple rules for you Mac and protect yourself.
1) with safari open, click on safari (top menu), then preferences, and on the general tab unselect "open safe files after downloading". If a website starts an auto download using one of the safe file extensions...gif, tiff, pdf...it won't auto open. If you download something like this, then just open it yourself from the downloads folder. It is really not a big inconvience.
2) never type in your password if prompted while surfing. Max OS is unix. No outsider can alter your system without the root password. If you are surfing and a crazy window pops up, asking you to click something then a seperate system window opens asking for your password. Don't give it, not to safari or a window safari has spawned. Just kill the crazy window and leave the website. Even if the site looks like it comes straight from apple, if it spawns a system window prompting for a password, don't give it...it's probably a hoax.
3) Software update from Apple, installing programs you bought from the app store, or from reputable sources like downloaded software, may prompt for your password. This is normal and fine. Programs on your mac that make system level changes like adding users will ask for a password, again normal. Know the source before you trust your machine to it. Trusting the source means you are willing to give it your password.
These are the rules I follow and taught my kids. My youngest boy (16) would bring a windows machine to it's knees with viruses no matter what protection I put on it. God only knows where that boy surfs, but I put him on a mac a year ago and no problems since.
No viruses that can attack OS X have so far been detected 'in the wild', i.e. in anything other than laboratory conditions.
It is possible, however, to pass on a Windows virus to another Windows user, for example through an email attachment. To prevent this all you need is the free anti-virus utility ClamXav, which you can download for Tiger from:
and for Leopard, Snow Leopard and Lion from here:
Note: If you wish to uninstall ClamXav: keep a copy of the disk image from when you downloaded it, or download it again - the uninstaller is included with the application. To uninstall, quit ClamXav Sentry (if you use it) and make sure it's not set to launch at log in. The uninstaller will remove the engine and any schedules you've got set up, then just drag ClamXav.app to the trash.
If you are already using ClamXav: please ensure that you have installed all recent Apple Security Updates and that your version of ClamXav is the latest available.
Do not install Norton Anti-Virus on a Mac as it can seriously damage your operating system. Norton Anti-Virus is not compatible with Apple OS X.
FAKE ANTI-VIRUS SOFTWARE and associated MALWARE
Do not be tricked by 'scareware' that tempts computer users to download fake anti-virus software that may itself be malware.
Fake anti-virus software that infect PCs with malicious code are a growing threat, according to a study by Google. Its analysis of 240m web pages over 13 months showed that fake anti-virus programs accounted for 15% of all malicious software. Examples include MacKeeper, MacDefender and iAntivirus, but there are others.
Scammers trick people into downloading programs by convincing them that their PC is infected with a virus.
Once installed, the software may steal data or force people to make a payment to register the fake product.
Beware of PDF files from unknown sources. A security firm announced that by its counting, malicious Reader documents made up 80% of all exploits at the end of 2009.:
http://www.computerworld.com/s/article/9157438/in which Rogue_PDFs_account_for_80_of_all_exploits_says_researcher
TROJANS and RE-DIRECTION TO FAKE WEBSITES
The appearance of Trojans and other malware that can possibly infect a Mac seems to be growing, but is a completely different issue to viruses.
If you allow a Trojan to be installed, the user's DNS records can be modified, redirecting incoming internet traffic through the attacker's servers, where it can be hijacked and injected with malicious websites and pornographic advertisements. The trojan also installs a watchdog process that ensures the victim's (that's you!) DNS records stay modified on a minute-by-minute basis.
You can read more about how, for example, the OSX/DNSChanger Trojan works (by falsely suggesting extra codecs are required for Quicktime) here:
SecureMac has introduced a free Trojan Detection Tool for Mac OS X. It's available here:
First update the MacScan malware definitions before scanning. You can also contact their support team for any additional support - email@example.com
The DNSChanger Removal Tool detects and removes spyware targeting Mac OS X and allows users to check to see if the trojan has been installed on their computer; if it has, the software helps to identify and remove the offending file. After a system reboot, the users' DNS records will be repaired.
(Note that a 30 day trial version of MacScan can be downloaded free of charge from:
and this can perform a complete scan of your entire hard disk. After 30 days free trial the cost is $29.99. The full version permits you to scan selected files and folders only, as well as the entire hard disk. It will detect (and delete if you ask it to) all 'tracker cookies' that switch you to web sites you did not want to go to.)
A white paper was published on the subject of Trojans by SubRosaSoft, available here:
Also, beware of MacSweeper and MacDefender (also goes under the name of MacProtector, MacGaurd, MacSecurity or MacShield) :
These are malware that misleads users by exaggerating reports about spyware, adware or viruses on their computer in an attempt to obtain payment.
Mackeeper is equally worthless and should also be avoided. Again, the developer seeks to obtain payment for an application that does nothing that free utilities do not also offer, and in many cases it will also mess up your system.
You can keep up to date, particularly about malware present in some downloadable pirated software, at the Securemac site:
HOW TO AVOID RE-DIRECTION
Adding Open DNS codes to your Network Preferences, should give good results in terms of added security as well as speed-up:
Open System Preferences/Network. Double click on your connection type, or select it in the drop-down menu, and in the box marked 'DNS Servers' add the following two numbers:
(You can also enter them if you click on Advanced and then DNS)
Sometimes reversing the order of the DNS numbers can be beneficial in cases where there is a long delay before web pages start to load, and then suddenly load at normal speed:
There may be other ways of guarding against Trojans, viruses and general malware affecting the Mac, and alternatives will probably appear in the future. In the meantime the advice is: be careful where you go on the web and what you download!
WHAT TO DO IF YOU THINK YOUR MAC HAS BECOME 'INFECTED'
If you think you may have acquired a Trojan, and you know its name, you can also locate it via the Terminal:
Although any content that you download has the possibility of containing malicious software, practising a bit of care will generally keep you free from the consequences of anything like the DNSChanger trojan.
1. Avoid going to suspect and untrusted Web sites, especially p'orn'ography sites.
2. Check out what you are downloading. Mac OS X asks you for you administrator password to install applications for a reason! Only download media and applications from well-known and trusted Web sites. If you think you may have downloaded suspicious files, read the installer packages and make sure they are legit. If you cannot determine if the program you downloaded is infected, do a quick Internet search and see if any other users reported issues after installing a particular program.
3. Use an antivirus program like ClamXav. If you are in the habit of downloading a lot of media and other files, it may be well worth your while to run those files through this AV application.
4. Use Mac OS X's built-in Firewalls and other security features.
5. Peer-to-peer sharing applications and download torrents (such as the now defunct LimeWire) supplying pirated software, movies etc are hotbeds of potential software issues waiting to happen to your Mac. Everything from changing permissions to downloading trojans and other malicious software can be acquired from using these applications. Similar risks apply to using Facebook, Twitter, MySpace, YouTube and similar sites which are prone to malicious hacking: http://news.bbc.co.uk/1/hi/technology/8420233.stm
6. Resist the temptation to download pirated software. They can contain Botnet Trojans. SecureMac offer a simple and free tool for the removal of the iBotNet Trojan available here:
YOUR PRIVACY ON THE INTERNET and the latest risks to look out for:
There is the potential for having your entire email contact list stolen for use for spamming:
And if you are using iPhone Apps you are also at risk of losing all privacy:
The advent of HTML5 may also be a future threat to internet privacy:
Security of OS X generally:
Security Configuration for Version 10.5 Leopard:
NOTE: Apple's Snow Leopard and Lion operating systems silently update the malware protection built into Mac OS X to protect against a backdoor Trojan horse that can allow hackers to gain remote control over your treasured iMac or MacBook: Macs running Snow Leopard or Lion now check for new malware definitions daily, allowing Apple to quickly deploy protection from threats before they have a chance to spread.
Few malicious titles actually exist for Mac OS X, and those that do rely almost entirely upon duping users to install software that pretends to be legitimate.
However, if you are running Lion Server:
Apple's new server operating system -- OS X Lion -- is so inherently insecure that Stamos recommends keeping it off the network altogether and using Macs only as standalone machines connected to IP or Windows networks, not those designed for Macs.
The Mac Server's networking protocols -- especially DHX User Authentication -- are designed for ease of use, not security. It is trivial, Stamos said, for hackers to set up a Mac user to download a file that will overflow the buffer protecting the heap segment of the server's memory, allowing the file's malicious payload to run uncontrolled in the server's memory and give itself whatever access rights it wants.
It seems there are a lot of Mac users asking if they really need anti-virus or if their Mac has a virus.
If you think you have malware on your Mac, then run a scan. Otherwise you might find it helpful to use an internet security program or other anti-malware software designed for Macs. Whether you need it or not is probably up to you. For example, you never need to backup your data. But can it be helpful? Certainly, especially if you unexpectedly lose files. The same can be true with antivirus.. you won't need until you do.
Do i need to purchase antivirus for my imac
You don't need to buy one, the Mac version of Sophos is free for personal use. I have it installed on all of my Macs and it has been useful in catching malicious email attachments on occasion. Contrary to popular belief, Macs are not invulnerable.