You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Best Anti-Malware OS X 10.8.2

I have read blogs/reports/articles regarding protecting the macpro, but I just want to ask it here personally.


I have considered purchasing an AV but with the readings I have made, many account it as not necessary.


Hopefully you could help me find an anti-malware or file scanner that best suits my need in protecting my macbook.


Thanks and appreciate it!

MacBook Pro (Retina, Mid 2012), OS X Mountain Lion (10.8.2)

Posted on Nov 25, 2012 5:55 PM

Reply
Question marked as Top-ranking reply

Posted on Nov 25, 2012 5:58 PM

You don't need any AV software. Don't bother with it.


An excellent link to read is Tom Reed's Mac Malware Guide.

Also, visit The XLab FAQs and read the FAQ on malware.


For general anti-virus protection I only recommend using ClamXav.

11 replies

Nov 25, 2012 5:59 PM in response to jace9

Your brain is the best AV software.


Not clicking on sites you do not know. Not opening e-mails you have not expected or cannot confirm the source of -- Windows viruses may not affect OSX but can be passed to others who DO have Windows.


For system-level software to install you must enter your personal password. Do not allow software in unless you trust it.


ClamXav is free and the only one I have seen advised, if you want to run anything.

Nov 25, 2012 8:59 PM in response to jace9

This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an attacker who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.

All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files. The recognition database is automatically updated once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders. In most cases, there’s no benefit from any other automated protection against malware.


Starting with OS X 10.7.5, there is another layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications that are downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Applications certified in this way haven't actually been tested by Apple (unless they come from the Mac App Store), but you can be sure that they haven't been modified by anyone other than the developer. His identity is known, so he could be held legally responsible if he distributed malware. For most practical purposes, applications recognized by Gatekeeper as signed can be considered safe.
Note, however, that there are some caveats concerning Gatekeeper:
  • It can be disabled or overridden by the user.
  • It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets (see below.)
  • It only applies to applications downloaded from the network. Software installed from a CD or other media is not checked.
For more information about Gatekeeper, see this Apple Support article.


That being said, the best defense against malware is your own intelligence. All known malware on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. If you're smarter than the malware attacker thinks you are, you won't be duped. That means, primarily, that you never install software from an untrustworthy source. How do you know a source is untrustworthy?
  • Any website that prompts you to install a “codec,” “plug-in,” or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
  • A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. [Some reputable websites did legitimately warn users who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.]
  • “Cracked” copies of commercial software downloaded from a bittorrent are likely to be infected.
  • Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. No intermediary is acceptable.
Java on the network (not to be confused with JavaScript, to which it's not related) is always a potential weak spot in the security of any operating system. If a Java web plugin is not installed, don't install it unless you really need it. If it is installed, you should disable it (not JavaScript) in your web browsers. Few websites have Java content nowadays, so you won’t be missing much. This setting is mandatory in OS X 10.5.8 or earlier, because Java in those obsolete versions has known security flaws that make it unsafe to use on the Internet. The flaws will never be fixed. Regardless of version, experience has shown that Java can never be fully trusted, even if no vulnerabilities are publicly known at the moment.

Follow these guidelines, and you’ll be as safe from malware as you can reasonably be.

Never install any commercial "anti-virus" products for the Mac, as they all do more harm than good. If you need to be able to detect Windows malware in your files, use the free software ClamXav — nothing else.

Why shouldn't you use commercial "anti-virus" products?
  • Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the filesystem. Malware gets into the system by being downloaded, not by materializing from nowhere.
  • In order to meet that nonexistent threat, the software duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability and poor performance.
  • By modifying the system at a low level, the software itself may create vulnerabilities that could be exploited by malware attackers.

ClamXav doesn't have these drawbacks.

Dec 4, 2012 9:08 AM in response to Linc Davis

Some things to keep in mind about ClamXav - it may be free, but it has its issues on Mac OS X especially.


There are two issues you should be aware of with ClamXav.

First, ClamXav can be somewhat of a resource hog if you allow it to auto-scan external hard drives or networks. If you set ClamXav to scan volumes automatically when you insert a firmwire drive, you’ll notice a huge drain on your CPU upon insert - it happens every time. It isn’t horrible, but still not insignificant, and it is annoying. If you do use ClamXav, your best option is to leave this feature unchecked once you are sure your drives are clean.

The second thing to look out for is ClamXav’s quarantine feature. Generally, this can be a good idea to help sandbox malware, but it can cause more problems than it solves depending on the type of file the malware is embedded in. Botton line: Quarantine can be a little tricky with ClamXav. I recommend doing some research to determine if the hassles are worth it, especially considering these hassles will only happen when you really really need them not to happen. Like when you have malware on your Mac.


Beyond the two main issues most people have with it, ClamXav doesn’t provide many of the web and port attack monitoring features of paid antivirus apps. There are drastic limits on overall security with free software.


The Apple forums are notorious for pushing readers to use ClamXav, even though it is at best average Mac security software. If you want something that's free, by all means go for it. Just know that it is not the "do no harm" software that many people here will have you believe.

Apr 14, 2013 4:22 AM in response to Harry33Harry33

Harry33Harry33 wrote:


Bitdefender is the best Anti-Malware for Mac and PC in 2011,2012 and 2013. I use it everyday. I barely ever click on unknown links, and I am very cautious with the internet. There have been a few threats to my system. And yes, you should bother with Anti-Malwave programs.😉

BitDefender for Mac is Rubbish. Unnecessary and will cause nothing but trouble to your system. You need to use nothing but common sense and safe practices to keep your Mac clear of the tiny amount of Malware that can affect it. Turn off Jave and let Mac's built in defense take care of things. 😉


Pete

Best Anti-Malware OS X 10.8.2

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.