virus protection

I don't use any. Apple released a patch for Java recently so since then I haven't worried about it. But if you want to use protection software, you can try Sophos Anti-Virus for Mac (free/no trials, etc).

Klaus's Tip Page has some of the best information on Mac OS X protection. The Flashback problem is discussed at length on these communities if you care to use the Search communities function on the right.

Nothing that works. I have been hit a couple of times and am dealing with all sorts of issues at present. Maybe this time the community might take a closer look.

https://discussions.apple.com/thread/3861085

I have discovered XCODE applications running on my machine that are acting maliciously. XCODE can be downloaded from the Apple store and have all sorts of applications and wizards that can help you build custom applications to hack a MAC or install tracking software.

I am sure many of the stuff out there (see below) has been created using APPLE's own XCODE development tools. In my case, they were able to get background instruments running to track everything that was happening then use debugging logs to fine tune their attack.

http://ca.news.yahoo.com/blogs/right-click/mac-users-hit-global-trojan-malware-o utbreak-211940564.html

Not sure what the future is but I have been compromised more than once and haven't found a way to stop it yet or even engage in a serious discussion.

Best of luck.

Is anyone using virus protection for MAC Lion OS X now that a scare has been mentioned in the news media this week? If yes; any suggestions?

I will second the recommendation for Sophos, as well as mention ClamXav. Both are free and excellent.

As to whether you need anti-virus or not, that is still a very personal decision. To help you make the decision, see my Mac Malware Guide. You can also see About the Flashback malware for information specific to the Flashback outbreak.

(Note that my pages contain links to other pages that promote my services, and this should not be taken as an endorsement of my services by Apple.)

I would recommend Sophos as well. Although it had crashed and was disable at the time I ran across the SABPAB trojan it seems to be up to the task now.

http://nakedsecurity.sophos.com/2012/04/13/sabpab-new-mac-os-x-backdoor-trojan-h orse-discovered/

It is my opinion that the recent widespread infestation (including 276 machine in Cupertino, Apple's home town) demonstrates that Apple may have enjoyed secure surfing in the past due to a lack of effort on the part of hackers rather than superior defences.

In a world where Sony, Facebook, Sophos, Gemnet, Stratfor and others get hacked and reports of Jave, Linux, OSX, Microsoft, Adobe, Google Android vulnerabilities it makes sense to take some precautions.

You don't have to hide but I recommend taking some precautions and doing your homework.

If you update Java and keep a vigilant eye out against malware trying to trick you, you should be able to get by without AV software. All that is spelled out in the guide I referred you to earlier. But Sophos is pretty good, I've been testing it myself and have had absolutely zero problems with it.

Mac OS X versions 10.6.7 and later have built-in detection of known Mac malware in downloaded files. The recognition database is automatically updated once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders. In most cases, there’s no benefit from any other automated protection against malware.

The most effective defense against malware is your own intelligence. All known malware that affects an up-to-date Mac OS system takes the form of trojans that can only operate if the victim is duped into running them. If you're smarter than the malware attacker thinks you are, you won't be duped. That means, primarily, that you never install software from an untrustworthy source. How do you know a source is untrustworthy?

• Any website that prompts you to install a “codec,” “plug-in,” or “certificate” that comes from that same site, or an unknown site, merely in order to use the site, is untrustworthy.
• A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim.
• “Cracked” versions of commercial software downloaded from a bittorrent are likely to be infected.
• Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. No intermediary is acceptable.

Disable Java (not JavaScript) in your web browser(s). Few websites have Java content nowadays, so you won’t be missing much. This setting is mandatory in Mac OS X 10.5.8 or earlier, because Java in those versions has bugs that make it unsafe to use on the Internet. Those bugs will probably never be fixed.

Follow these guidelines, and you’ll be as safe from malware as you can reasonably be.

Never install any commercial "anti-virus" products for the Mac, as they all do more harm than good. If you need to be able to detect Windows malware in your files, use ClamXav — nothing else.

I second ClamXav. Used it for years. It`s free and has the ability to detect both Windows and Mac threats.

See this Apple support document:

About Flashback malware

Back up all data, if you haven't already done so.

Select  ▹ Software Update to install the latest Java update (if Java is already installed) or the Flashback malware removal tool (if Java is not installed under Lion), as well as any other available updates. Installing either of those items should clear the infection in most cases. You must update to the latest version of Mac OS X 10.6 or 10.7 before you can install the Java update.

The removal tool runs automatically in the background and is then deleted. Don’t look for something to click. If the malware is removed, you’ll be notified.