Antivirus utilities and recommendations for OS X

Readers periodically ask about antivirus recommendations for OS X, especially given some of the past rhetoric about Macs not having any viruses. Though it is true that OS X has been relatively free of viruses and other malware, in large part this has been because the small Mac market share has made the platform an insignificant target for malware developers; however, the landscape is steadily changing. Recent reports have shown Apple's market share in the U.S. to be one of the fastest growing, leaving the company just shy of 10 percent market share by some estimates. As the Mac OS becomes more popular, hackers and malware developers will undoubtedly begin to target the platform more and more.

Main types of malware
There are three main types of malware: viruses, worms, and Trojan horses. A true computer virus is defined by having the ability to self-replicate and infect specific programs or files with little or no direct input from the user. When the files are read, the virus continues to spread throughout the system and over networks or physical media to other systems. Similar to viruses, computer "worms" have the same replicating behavior as viruses with the exception that they exist as standalone applications instead of tagging along embedded in files.

These types of attacks are serious threats that can lead to data loss, crashing, and theft of confidential information, but luckily most operating systems have safeguards that make it difficult (though not impossible) for viruses and worms to propagate.

As a result of this difficulty, malware developers tend to take the easier route and try to trick users using Trojan horse malware or phishing schemes. Trojan horses have the potential to be just as malicious as viruses by deleting files, breaking down security measures, and stealing personal information, but unlike viruses and worms they require the user to first install or otherwise enable them so they can run.

Be it characterized as a virus, worm, or Trojan horse, all malware has the potential to break down system security measures, steal personal information, corrupt or delete files, or turn your computer into a communications node for hackers (aka, "botnets"). While most attempts at this appear to be unsuccessful, hackers are continually trying. In recent years, malware targeted for OS X has included OSX.RSPlug.A (aka, "DNSChanger"), which caused system's DNS servers to switch to malicious ones that could make legitimate URLs point to servers run by hackers, and Leap-A (aka, "Oompa Loompa"), which was distributed in pirated versions of iWork and spread itself to users' contacts via iChat without them knowing.

Antivirus and security recommendations
Though having computer "street smarts" and knowing how to avoid threats is the best defense against attacks, the use of antivirus software is a good second measure to take, especially given the increasing target that OS X is becoming for malware developers, and the increase in communication between computers with file-sharing services and social networking.

As with any setup, your needs for antivirus software will depend on your computer uses. The more you accept and open files from people online (especially from anonymous users), the more you will need to be prepared against potential threats. The risk is higher if you connect to file-sharing networks, visit software pirating and other underground Web sites, or connect to numerous social networks, than if you keep communications limited to groups you know and trust; however, malware can make its way to your system even if you never contact anyone. Just having an e-mail address set up in a mail client may eventually have that address spammed with solicitations and malware, and if your e-mail client is set up to automatically download attachments then malware can be easily put on your system.

My current recommendation for people concerned about malware threats is to have a reputable scanner that you keep regularly updated with the latest malware definitions. Forget the notion that Macs can't get viruses and attacks; they absolutely can, even though the numbers of threats are low, and it's better to be safe than sorry. However, there currently is a limit as to what is practical for Mac users. Some utilities support and promote advanced features like on-access scanning and full system security to filter and detect all incoming data, but in my experiences this has been a rather impractical feature that can sometimes lead to performance problems.

Instead of loading your system with security software and enabling all available features, I've found the best approach is to set up your browsers, chat programs, and e-mail clients to download files to a select folder and then have the scanner either perform regular scans of that directory or scan only when new files are added.

This is not to say a full system scan isn't needed, but to have it done all the time or whenever you access a file may be a bit much. Schedule the scanner to run once a week or once a month, and provided you do not visit software pirating Web sites, pornographic sites, or other underground sites where malware is most common, then you should be OK.

Again, the best defense is using good judgement when surfing the Web and using your system in public environments. If a deal looks too good to be true, then it probably is. If you choose to pursue underground Web sites and illegitimate software then you do so at your own risk.

Antivirus options
As a response to the increased potential for attacks given the rising market share of the Mac OS, the number of antivirus options for Mac users is steadily climbing and becoming readily available. Many reputable antivirus programs have been made available for the Mac in recent years, with a few being released as free "Home" versions. These, along with the ones that have been around for a while, give Mac users a healthy number of options to choose from:

• Intego Virusbarrier X6: A robust solution that has been available on the Mac for a while.

• Norton Antivirus: A long-standing and robust Mac AV utility. Though in the past it has been criticized as being bloatware, current versions seem to be fine.

• Kapersky Antivirus: Another solid solution, which is packaged with some virtualization software suites.

• Sophos Antivirus: An enterprise-level virus scanner that was just released as a free home version.

• ClamXav: A free open-source antivirus scanner. It is a front end for the ClamAV scanner.

• iAntivirus: This is a Mac OS specific antivirus scanner, which does not scan for Windows-based viruses.

• Avast: Another very popular scanner for Windows, that has a Mac version available.

• McAfee VirusScan: The longtime Windows-only scanner is also available for OS X.

• BitDefender: Not as popular as other antivirus solutions.

• MacScan: A Mac-specific tool for rooting out trojans and other malware, which has been known to uncover threats that others have overlooked.

• ProtectMac: This is also not a very popular antivirus suite, but it is a solution that should work.

• Panda Antivirus: I had not heard of this one until recently, but it supports the latest quarantine and malware management features similar to other options.

• Zebra Scanner: As with Panda, this one is also a little obscure. It is more specific to finding hidden Trojan horses than being an all-around scanner for malware.

In addition to dedicated utilities, the OS X maintenance programs MacKeeper and Snow Leopard Cache Cleaner also include antivirus capability. For a full listing of these programs, including reviews, see the Mac Antivirus Software at CNET's Download.com.

What about Windows?
Though non-Mac viruses are not direct threats to the Mac OS, a number of Mac users regularly boot Windows and other operating systems using Boot Camp or virtualization software. While booting multiple operating systems may be fun and convenient, it also increases the potential targets for viruses on your system, especially if you have data shared between the various operating systems that you run.

If you have any installation of Windows on your Mac, be sure you have a Windows-based virus scanner installed. It's preferable to have one in the Windows installation that will protect the Windows files, but at the very least have one on your Mac that will detect both Mac and Windows viruses.

Questions? Comments? Have a fix? Post them below or e-mail us!
Be sure to check us out on Twitter and the CNET Mac forums.