New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus Advice and insight from world-class Apple enthusiasts Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
Switcher Hangout The place for switchers to discuss their new machines, and how to work with OS X. General support can be had here for newbie stuff, like "How do I restart my new iMac?" :)

Official antivirus, malware, and firewall FAQ


Thread Closed

 
Thread Tools
schweb

 
schweb's Avatar
 
Member Since: Oct 27, 2002
Location: Cleveland, Ohio
Posts: 13,198
schweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond repute
Mac Specs: MacBook Pro | LED Cinema Display | iPhone 4 | iPad 2

schweb is offline
THIS THREAD IS OLD. NEW THREAD HERE:
Official antivirus, malware, and firewall FAQ



--------------------------------------------




Antivirus and malware for Mac OS X

One of the first questions that many new switchers ask is, “do I need an antivirus program on my Mac?” The answer is usually no, but the truth is more nuanced than that.

Types of malware
First, let’s be clear that there are many types of malware on the Internet including the big three: viruses, trojans, and spyware. Each behaves, infects, and spreads differently.

As of now there are no viruses that affect Mac OS X. Viruses rely on their ability to self-replicate and Mac OS X makes that almost impossible.

There are a few cases of trojans and spyware that can infect the Mac, however following common sense browsing will prevent them. For example, don’t download software or other files unless you’re sure the source is reliable.

Also, never enter your admin password if prompted unless you’re absolutely sure why you’re being asked to do so!

Apple also has a great site on the safety features built into Mac OS X:
Mac OS X - Security - Keeps safe from viruses and malware

So when might you want to install an antivirus program?
There are reasons to use an antivirus program in a few circumstances.

1. If you’re paranoid about downloading and spreading malware and it will make you rest more easily, install an antivirus program to set your mind at ease.

2. If you are in a mixed network environment with Windows machines or share files back and forth with Windows users on a regular basis, you might want to consider antivirus software.

While as noted above, it’s almost impossible for the Mac to become infected by malware, you can do your part of being a good network citizen by catching malware before you can pass it on to a Windows user on your network.

3. Many schools or companies require antivirus software to join their network.

Running Windows on your Mac?
We always recommend running antivirus software on Windows, even on your Mac. Microsoft Security Essentials is free and does a great job. It’s important to realize though that getting malware on your Windows partition cannot infect your Mac.

Antivirus software options for Mac
Free options
ClamXav is lightweight and highly recommended by many users here.

Paid options
Paid solutions are available from several vendors including Symantec, Intego, McAfee (enterprise only), Panda, and Avast.

Firewalls and Network Security

You should always enable the built-in firewall in Mac OS X when you're using a public network. You can find instructions for setting up and configuring the firewall for OS X 10.4, 10.5, and 10.6.

In addition, common sense prevails when it comes to network security. Don't connect to un-trusted networks and never accept data or file sharing requests from people you don't know.

Never underestimate having a strong password that you change often. The Mac's keychain can help with this or a great program like 1Password.

--
Last Updated: 07.28.2011
Original thread: The Official Mac AntiVirus and Firewall FAQ

schweb | community leader
flickr facebook twitter tumblr google+ about.me

Mac-Forums: On Twitter | On Facebook | On Flickr

schweb

 
schweb's Avatar
 
Member Since: Oct 27, 2002
Location: Cleveland, Ohio
Posts: 13,198
schweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond repute
Mac Specs: MacBook Pro | LED Cinema Display | iPhone 4 | iPad 2

schweb is offline
And an important note for those who consider themselves anti-antivirus or computer language purists....

There will obviously be differing opinions on whether you need an antivirus program, however you need to respect those who think differently.

Also, many laymen and new computer users use "virus" to refer to all malware. It is not your place to belittle them because they don't use the exact right terminology.

So rather than getting on a soapbox and proving your superior computing knowledge, take a moment and actually try to help them. Explain the difference if you must, but do it in a respectful way.

Especially keep in mind our very first Community Guideline:

Quote:
Our community is made up of all kinds of different people, and all of them have the right to feel comfortable. Others may not think the way that you think, believe what you believe, know what you know, or see what you see. Always be polite and respectful in your interactions with others.

schweb | community leader
flickr facebook twitter tumblr google+ about.me

Mac-Forums: On Twitter | On Facebook | On Flickr

m4cs

 
Member Since: Feb 01, 2010
Posts: 10
m4cs is on a distinguished road

m4cs is offline
Many thanks for this great help.

A drowning man will clutch at a straw.....in my opinion if he clutched the mac he would be alive....
chas_m

 
chas_m's Avatar
 
Member Since: Jan 22, 2010
Location: Victoria, BC
Posts: 16,672
chas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond repute
Mac Specs: 2012 MBP, Black speakers, Black Benq second monitor, black(ish) iPhone 5s, Black 2012 iPad, etc.

chas_m is offline
schweb, your post above is EXCELLENT apart from the bit about the software firewall. You know my position on it so I won't repeat it here, but Apple explicitly told me that the software firewall is aimed SOLELY at users without a hardware firewall (dialup, rare situations with certain modems/routers).

That is why it is off by default.
schweb

 
schweb's Avatar
 
Member Since: Oct 27, 2002
Location: Cleveland, Ohio
Posts: 13,198
schweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond repute
Mac Specs: MacBook Pro | LED Cinema Display | iPhone 4 | iPad 2

schweb is offline
Quote:
Originally Posted by chas_m View Post
schweb, your post above is EXCELLENT apart from the bit about the software firewall. You know my position on it so I won't repeat it here, but Apple explicitly told me that the software firewall is aimed SOLELY at users without a hardware firewall (dialup, rare situations with certain modems/routers).

That is why it is off by default.
Thanks for the compliment, I appreciate it.

Hardware firewalls won't help you if you're not on a trusted secure network.

Hence why I stated you should use it when you're using a public network, like a free WiFi hotspot at a local coffee shop.

Unless you can verify the security of the hotspot and trust everyone one it, it's always better to be safe than sorry.

schweb | community leader
flickr facebook twitter tumblr google+ about.me

Mac-Forums: On Twitter | On Facebook | On Flickr

nicole.marie

 
Member Since: Jul 24, 2010
Posts: 1
nicole.marie is on a distinguished road

nicole.marie is offline
Hello all,
I have been an avid Mac user for 5 years now (much to my boyfriend's chagrin). However, today I encountered my first security issue. I've been browsing the years of pages from the other antivirus thread but I haven't seen anything similar to my problem. There is just discussion over a/v software not for spyware etc. I'm not well versed in this stuff, is it the same?

Somehow my Gmail and WoW account both got hacked. Yesterday my friend used my computer do download and print some paperwork off of his USB drive after it wouldn't work on my boyfriend's PC. It was trying to run a .exe file on the PC. I am wondering if I could have gotten a keylogger from the USB? I haven't been to any suspicious sites, that I know of. I have been running iAntivirus and MacScan but they haven't detected anything.

Any suggestions?

Thank you,
Nicole
schweb

 
schweb's Avatar
 
Member Since: Oct 27, 2002
Location: Cleveland, Ohio
Posts: 13,198
schweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond repute
Mac Specs: MacBook Pro | LED Cinema Display | iPhone 4 | iPad 2

schweb is offline
99% sure you don't have Spyware. If you absolutely want to check, just download http://clamxav.com and run a scan of your system.

Files like .exe cannot run or function on the Mac, so that file didn't come from your system. Also, were you prompted to enter your admin password at all for a reason you weren't sure, that's the only way spyware or a trojan could have been installed.

But like I said, it's highly unlikely you have anything on your Mac.

schweb | community leader
flickr facebook twitter tumblr google+ about.me

Mac-Forums: On Twitter | On Facebook | On Flickr

fiery

 
fiery's Avatar
 
Member Since: May 01, 2005
Location: NY
Posts: 77
fiery is on a distinguished road
Mac Specs: IMAC 3ghz Intel Core i3 OSX 10.9

fiery is offline
Thank you for creating the greatest thread of all threads!
cwa107

 
cwa107's Avatar
 
Member Since: Dec 20, 2006
Location: Middletown, Pennsylvania
Posts: 26,500
cwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond repute
Mac Specs: 15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD

cwa107 is offline
Quote:
Originally Posted by nicole.marie View Post
Hello all,
I have been an avid Mac user for 5 years now (much to my boyfriend's chagrin). However, today I encountered my first security issue. I've been browsing the years of pages from the other antivirus thread but I haven't seen anything similar to my problem. There is just discussion over a/v software not for spyware etc. I'm not well versed in this stuff, is it the same?

Somehow my Gmail and WoW account both got hacked. Yesterday my friend used my computer do download and print some paperwork off of his USB drive after it wouldn't work on my boyfriend's PC. It was trying to run a .exe file on the PC. I am wondering if I could have gotten a keylogger from the USB? I haven't been to any suspicious sites, that I know of. I have been running iAntivirus and MacScan but they haven't detected anything.

Any suggestions?

Thank you,
Nicole
Were both accounts using the same password?

Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!
Rings890

 
Rings890's Avatar
 
Member Since: Jul 28, 2010
Posts: 4
Rings890 is on a distinguished road

Rings890 is offline
thanks for the post, it was a great help.
rumi's field

 
Member Since: Aug 11, 2010
Posts: 3
rumi's field is on a distinguished road
Mac Specs: MacBook os x 10.4 Intel Core 2 Duo 2.16 GHz L2 Cache (per processor): 4 MB Memory: 1 GB Bus Sp

rumi's field is offline
MacBook
os x 10.4
120GB
Intel Core 2 Duo
2.16 GHz
1 GB

my mac was getting really slow so i wiped and reloaded the hd. it was zippy for a couple hours, then started bogging down again. i saw huge amounts of data being written to the hd when i wasn't using my computer, 10+ GB over a couple days i was only checking email. how can i find out what program is writing to my hd?

thanks in advance for your help.
cwa107

 
cwa107's Avatar
 
Member Since: Dec 20, 2006
Location: Middletown, Pennsylvania
Posts: 26,500
cwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond repute
Mac Specs: 15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD

cwa107 is offline
Quote:
Originally Posted by rumi's field View Post
MacBook
os x 10.4
120GB
Intel Core 2 Duo
2.16 GHz
1 GB

my mac was getting really slow so i wiped and reloaded the hd. it was zippy for a couple hours, then started bogging down again. i saw huge amounts of data being written to the hd when i wasn't using my computer, 10+ GB over a couple days i was only checking email. how can i find out what program is writing to my hd?

thanks in advance for your help.
While the activity is occuring, open up Activity Monitor (Applications => Utilities). Then, click the % CPU header to sort by CPU utilization. Check the processes that are running high utilization and report back.

It may very well be Spotlight Indexing. I've also seen Dashboard widgets act goofy and start to make the drive run constantly.

Chances are you're not encountering malware, unless you installed pirated software or downloaded any video players from seedy sites.

Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!
rumi's field

 
Member Since: Aug 11, 2010
Posts: 3
rumi's field is on a distinguished road
Mac Specs: MacBook os x 10.4 Intel Core 2 Duo 2.16 GHz L2 Cache (per processor): 4 MB Memory: 1 GB Bus Sp

rumi's field is offline
hey, thanks for the reply, cwa107.

the processes change back n forth but the biggest steady user is firefox, which sometimes shows 7-9 %, sometimes only 2-3%. i just changed the update frequency to 'very often' so now activity monitor is the biggest user with about 8.8% steady.

today, one GB of info has already been written since i first posted. is that just normal?

i also downloaded the clamxav for tiger, but am still trying to figure out how to use it. i made the 'contextual menu items' folder and logged out/in as the directions said, but now i am not sure where to find it.

i also read that it is nearly impossible to infect a mac. so maybe i am just used to all the trouble my pc used to give me.
cwa107

 
cwa107's Avatar
 
Member Since: Dec 20, 2006
Location: Middletown, Pennsylvania
Posts: 26,500
cwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond repute
Mac Specs: 15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD

cwa107 is offline
Quote:
Originally Posted by rumi's field View Post
hey, thanks for the reply, cwa107.

the processes change back n forth but the biggest steady user is firefox, which sometimes shows 7-9 %, sometimes only 2-3%. i just changed the update frequency to 'very often' so now activity monitor is the biggest user with about 8.8% steady.

today, one GB of info has already been written since i first posted. is that just normal?
It could just be disk I/O with the swap file (virtual memory). Are you having performance problems, or just worried about the amount of I/O? Also, how are you monitoring it?

Quote:
i also downloaded the clamxav for tiger, but am still trying to figure out how to use it. i made the 'contextual menu items' folder and logged out/in as the directions said, but now i am not sure where to find it.

i also read that it is nearly impossible to infect a mac. so maybe i am just used to all the trouble my pc used to give me.
It's not that it's impossible for a Mac to get viruses. In fact, it's very probable that one day there will be a true virus written for OS X. Now, it is impossible for a Windows virus to run on OS X because as you likely know, you can't run Windows software on OS X without using something like CrossOver or WINE (and even then, it's unlikely a virus would be able to properly execute, and it almost certainly wouldn't automatically execute).

With that said, there are two trojans out there for OS X - one accompanies a pirated copy of iWork and the other comes from a "video player" that is distributed via porn site. If you haven't frequented either source, you likely don't have an issue.

As we often say here on Mac-Forums, having a computer problem that you don't understand doesn't necessarily mean you have a virus.

Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!
rumi's field

 
Member Since: Aug 11, 2010
Posts: 3
rumi's field is on a distinguished road
Mac Specs: MacBook os x 10.4 Intel Core 2 Duo 2.16 GHz L2 Cache (per processor): 4 MB Memory: 1 GB Bus Sp

rumi's field is offline
i took your advice and installed the beta of clamXav. i also picked up snow leopard and wiped/installed a new os. i noticed that zeroe wiping and re-installing with tiger only cleared 111.08 GB on a 120B GB drive. it seemed weird to me, so i tried it a few more times, but only got 111.08 GB. but when i wiped and re-installed with the new os, all 120.03 GB were available. is that normal?

clamXav found 9 'infections' from emails. every day i deleted the quarantined files, every day new infections were found in the scan. so i just wiped and re-installed again. this time, 119.64 GB were available on the 120.03 GB drive.

today, in the 4 hours my computer has been 'on', (and after installing os x 10.6 with updates, downloading pandora desktop app, adobe air dmg, firefox app, and clamXav beta last night) there are 109.81 GB available, with 3.31 GB having been written in that time.

i using the 'activity monitor' with cpu activity as the highlighted column.

firefox uses the most cpu, at 9 - 13 %

Thread Closed


« Newbie here | Scanning/Editing »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

All times are GMT -4. The time now is 07:11 PM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?