Keep Your Mac Safe from Infections with ClamXav

I remember from when I used a Windows machine how annoying the anti-virus apps used to be. It was kind of a “can’t live with them, or without them” relationship. If you ran a Windows machine, you had to have an anti-virus app if you wanted it to remain functional. But it was kind of like trading one thing for another, as most of the anti-virus apps were always annoying and slowed down my computer a lot (it almost felt like installing a virus that would keep away even worse viruses away from my computer).

When I made the switch to Mac, one of the big factors that influenced my decision were all the people telling me that Mac OS is safe out of the box, and that I didn’t need an anti-virus. This is kind of a difficult topic, though, and still many people don’t feel safe running their Mac without an anti-virus installed. Today we are reviewing a free alternative to the popular paid anti-virus Mac apps. It’s called ClamXav, let’s take a look!

Getting Started

Alert!

Alert!

The installation of ClamXav is actually quite scary and a little bit annoying if you download it off the website. First off, you will get a warning that tells you that bad stuff might happen to your computer if you use the app, and in that case that the bad things actually happen, ClamXav can not be held responsible.

Then, you will be asked to install the engine that the anti-virus runs on. ClamXav runs on the popular and prestigious ClamAV antivirus engine. The installation will close ClamXav and open a step-by-step installation of the engine that does all the updating and scanning within the app. After this, you’ll be able to finally use the app. Well, sort of. You also need to update the latest virus definitions before you can start scanning your computer.

I assume if you get the app from the Mac App Store, you might be able to skip the engine installation, and instead you just have to update the virus definitions.

Using ClamXav

Selecting Folders

Selecting Folders

The interface for ClamXav is as simple and functional as they come, which is a very nice change of pace from the usual anti-virus apps. You have a few buttons that can help you start or stop a scan, update the virus definitions, show the scan and update log, and access the preferences. The scanning lets you select which folders you want the app to search for viruses in, and you can even keep these folders as “favorites” in the left sidebar.

Scheduling

Scheduling

Under the preferences you’ll find options to set a default folder for the quarantined files, exclude certain extensions of files from the search, and even set periodical automatic updates for scanning or/and updating the virus definitions. Overall, it’s a pretty complete app, especially for being completely free.

Detecting and Dealing with Threats

Results

Results

After a scan is finished, a recount of all the stats related to the scan will appear below the main frame. In there, you’ll see the total number of infections known by the app, the number of files and directories scanned, and most importantly: the number of infections found. The infected files will be displayed with more details in the main frame, where you see the name of the file, name of the infection, and the status of the virus.

When I first ran the app, I told it to scan my home folder. It took a couple hours to finish scanning, but it didn’t find anything. Which brings up the next question…

Do You Really Need An Antivirus?

A while back AppStorm editor Joshua Johnson wrote a roundup on anti-virus apps for Mac, and in it he made it pretty clear that while an anti-virus might not be as necessary as it is on Windows machines, it might help you feel and stay more secure. If you take the necessary precautions, such as installing all of the software updates on time, and you don’t go around navigating shady sites or opening mysterious emails, then you should be fine without one. But then again, you can never be too cautious.

Even if you still don’t feel safe using your Mac without an antivirus, I would advise against buying any of the paid apps like Norton or McAfee and instead suggest one of the free open-source alternatives like ClamXav. Let’s face it, you won’t really be using it much anyway. But if you don’t trust using an open-source app with the safety of your machine, by all means buy whichever one makes you feel safe.

Conclusion

We can’t really advise you against using anti-virus apps, and even if we could, we wouldn’t. The truth is, you can’t ever be 100% secure. Personally, I prefer to stay away from these type of apps, but I make sure to take other precautions with what I download and where I browse. I also try to backup my computer periodically in case something bad happens (not having something like Time Machine makes it hard, but it’s still manageable).

Like I said, if you are going to use one of these apps, I don’t think you can go wrong with a free one, especially ClamXav. It’s simple, clean, and most importantly, it feels trustworthy. It also helps that it is powered by one of the most popular anti-virus engines like ClamAV is.

What is your take on Mac anti-virus apps? Do you use any, and have you payed for it? Which one? Let us know in the comments!


  • Uncle Josh

    I won’t bother with antivirus software on my Macs, ever. If it ever comes to a point like Windows XP was, I’ll just stop using Macs.

    Honestly, peeps that have switched to Macs to run away from viruses and *still* use antivirus software probably enjoy mucking with that stuff and worrying themselves silly.

    Although there will be risks involved in my abstination, it’s worth it me thinks.

    • Brah

      I’m with Uncle J

    • http://cansurmeli.com C@N

      Absolutely. Second on that.

      Security firms are just trying to scare us so we would spend unnecessary money on useless software for our Macs. What a crap!!!

    • Sigilist

      There is not such thing as an invulnerable operating system. And the fact that you “See” nothing wrong with your system doesn’t mean it’s clean. This is the most outdated and ignorant view point of all in the mac world. And fortunately their are more intelligent people joining the community.

      Just because you “see” nothing wrong with your system doesn’t mean its clean.

  • 6point9

    STOP ACCEPTING DOWNLOADS AND RUNNING PROGRAMS WHILE WATCHING PORN! Simple.

    • Scott

      Stop yelling! Also, learn grammar!

      “Navigating shady sites” is not a euphemism for “WATCHING PORN!”; although shady is undefined here. In fact, these days we can’t judge a site’s shadiness based on its apparent content—for the same reason phishing works. Criminals aren’t all stupid.

      Ones who spend their time coding clever malware and breaking encryption can likely figure out how to make any website appear harmless and trustworthy (and learn English grammar in their spare time). Avoiding “shady sites” is like a guy wearing a condom only if his date looks like a whore. If you’re afraid of viruses, abstain from the Internet.

  • Rob

    I use ClamXav and I have the Sentry option activated which permits to monitor changes/new files on the folders you choose. I use it to monitor my download folder and it has detected and quarantined some file I downloaded in the past. I was not able thougth to tell if those were mac virus or just false positives.

  • Scott

    In the first paragraph we read about how the old Windows antivirus software were annoying and made our computers sluggish, but the review of this Mac app never addresses that issue.

    I’ve tried a few Mac anti-malware apps and never kept any of them because they were annoying and made my Macs sluggish. Also, never did they find anything. Waste of money. I did not feel safer; I felt ripped off.

    It sounds like set-and-forget, including automatic updates, but after reading this article, I still don’t know whether ClamXav is annoying or slugifying.

  • Alexei

    The first AV for Windows that was worth using was Panda. First it checks all files THEN searches for changes ONLY. It was a good way for preventing the sluggishness of AV like Norton.

    I have an IT guy who told me Macs are less secure than Windows these days (due to improvements in Windows). Anyway, I prefer to drive a sedan in US than a tank in Iraq. The same analogy applies to AV. Malware creators will always prefer to code for Windows. Until today I never heard of any serious threat to OS X that’s worth mention.

  • Chris

    I got a 1-year-license of Intego’s VirusBarrier X6 when I bought my Mac and tried it for that period of time. While I really loved the interface and the simplicity, it offered many features you would only need if you’re predicting serious „attacks“ on your machine. I used the firewall and the virus scanner, but it never found anything. Now, after almost a year, I never had any issues with viruses or malware on my unprotected machine. My conclusion is that while it may be necessary on some computers, I definitely don’t need a virus scanner on my Mac at home.

  • Sigilist

    Clam is adequate; Sophos is better. But neither is enough. There are legal security threats out there to you privacy. You need to get control of you ‘outgoing’ firewall as well, and so you need Little Snitch (or similar) as well.

    There is no such thing as a virus immune environment. That is one the oldest urban legends of the mac world that even Apple does use openly anymore; because they know its a lie, and the rest of the world knows why most hackers don’t bother with them… and it has nothing to do with the underlying UNIX. Hackers (the real ones) love that!

    Sophos is free for mac users, and it does a little more than just tell you that your machine has a bug. It’ll try to tell you what it is as well. Clam is paltry in this area.

    Sophos for Mac is support by an international network of mostly corporate clients whose network level AV provide the company with feedback on incoming threat for all forms of servers and workstations … all forms of OSes. And when Sophos does an update for them… you get the same one.

    Clam can’t match that… ever. And it does lousy job of informing the user of what’s really going on.

    I’ve also run both Clam and Sophos head-to-head against Symantec Corp. Edition 11 against some dummy viruses… and a few real ones. After then years in IT consulting in the past, I know a little about this. Sophos and Sym were pretty much neck’n’neck each finding at least one fake virus the other didn’t catch. Of course the corp edition of Sym isn’t available to the general public and it isn’t free. Clam did okay, but it missed one fake and one real virus that both Sophos and Sym caught. That’s all I need to say.

    • Sigilist

      Oh, I suspose there are a couple other things….

      First, some of you need to stop treating you Mac like a titanium magic box. It just makes you look stupid to those of use who operate multi-OS, especially on multiple devices.

      Second, get Sophos. It can’t do schedule full or targeted deep scan unto itself, but it’s always live and watching everything. You can do manual full and deep scans by choice, or you can script them if you know how. In two years, manual deep scans turned up only a trojan (twice) in some shareware.

      http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx

      Third, learn to use the defense systems you already have. The biggest threat you face right now is not coming from hackers. Get contol of your outbound firewall and start learning how much your operating system and apps are reporting about you that they shouldn’t.

    • hotmac

      @Sigilist: Thanks for your comment above, but now I disagree. I lost a customer because I sent him a very malicious virus within a piece of php code I got from a programmer (who used WIN). In the end Sophos did not find this virus whereas ClamX did. My advice: Try both – Clam and Sophos, then make your choice.

  • Paul Dunahoo

    This app is completely unnecessary and just a waste of space, unless you are running Microsoft Windows.

    • Harry

      Are you an elf?

      • Paul Dunahoo

        No.

      • Richard

        Harry,

        It must be sad to be you .. being rude for no reason at all.

  • A.F

    remind me why i’m using Mac ?

    Hmm yeah i remembered “security” is the first reason

  • Jeremy

    Run an anti-virus on my Mac? Yeah, no thanks.

  • Pingback: Virus scanning for Macintosh

  • alfora

    Just for the record (and the fun in it), Sophos has put a list of all known malware for Macs on one page. Yes, ONE page.

    http://nakedsecurity.sophos.com/2011/10/03/mac-malware-history/

    Most of those viruses don’t run anymore because they were written for Mac OS 9 and lower. Most of the others use social engineering.

    I also want to point out that ClamAV’s virus database is mostly concerned with viruses for Windows! You’d use ClamAV on a server in order to check for malware in e-mails or on shared folders for Windows users. It also recognizes macro viruses in MS Office documents which might(!) also run on Mac OS X.

    But 99.999% of ClamAV’s 1097521 known viruses (see screenshot) do NOT run on Mac OS X.

    • Tim

      However, you Mac can still have files on it with Windows virii and can pass those on to Windows users.

  • http://lnkgt.com/8iU Europe2012

    Hey Guys here is a DOWNLOAD link to Norton
    AntiVirus 2012
    Powerful protection against viruses and spyware that won’t slow you down
    Stops viruses, spyware, and other threats before they can do damage
    Stops online dangers without sacrificing performance
    Provides updates that protect against the latest threats without slowing down your PC
    Email, chat, and surf the Web without worrying about cybercriminals ripping you off
    Scans email and Instant Messages for suspicious links, attachments, and other scams
    Prevents crimeware from being secretly loaded on to your PC and lots more …

    CLICK HERE >>> http://lnkgt.com/8iU to DOWNLOAD Complete NEW Antivirus for FREE or Copy the link and paste to your browser
    to VIEW Download page, Enjoy this Amazing Free Software.

    Good Luck !

    Robert…

    • Tim

      This sounds like an ad for malware. Anyone going to click that link? :)

  • illtemper

    In my humble opinion and as someone who studies forensic computing. I feel the biggest threat to Mac’s is not from virii or malware but in exploits/backdoors to the software/apps we run a long with how secure our networks and passwords are.

    This is why I don’t run AV software but I do take some precautions such as not to run as an admin account. Disabled guest account. I use the inbuilt firewall a long with LittleSnitch and I keep my software up to date.

    But to think Mac’s are invulnerable is beyond naive.

  • Tim

    Is there a program to protect me from Facebook and Google?

  • GoDaddy

    This nor any other AV I tried out for the mac, which include virus barrier.
    can detect or find the most nasty malware spyware of all for the mac that i know of. which is commercial spyware for parents and employers made by spectorsoft. called eblaster.

    microsoft security essentials can find it for the windows side but nothing finds the mac version, even when i installed it on my own spare test macs just for testing

    which scares the shit out of me.

  • oh well..

    yeah I get it, macs are super secure and don’t need AV.
    But think a bit further. In a corporate environment viruses spread like crazy via emails, so even if it does no harm to your mac, you can still spread them via email to windows machines/exchange networks. Continue sending that junk via email and your IP will get blacklisted. Good luck getting your IT back on track then. That’s the reason companies use AV on macs as well.
    think about it.

  • Pingback: It’s Probably Not a Virus | GrandMasterJ

  • http://www.loungeavenue.com Victor

    Here is my opinion, i will always run an AV software and a firewall.
    Not because the mac is not secure, it is vey secure but no software is secure enough at least in our time.
    Mac is on the rise and it will get the attention of virus devs and the AV companies whom themselves write viruses to keep their business alive.
    Mac is very capable but a hardheaded and dedicated virus dev that is lured by money and scams is a threat that we cannot ignore.

  • aliciarr

    I was worried that my new Mac had a virus, though I had done some Google-research and was temporarily reassured that MacBooks usually took care of viruses.
    Now my parents have used my Mac a few times and might have clicked something they shouldn’t have – because today I found that someone was spamming many different emails in my hotmail sent box, unusually from a different email address. I started googling for free antivirus software and came across ClamXav. Ever suspicious, I did some googling again and hesitantly downloaded it. Rest assured, it does work. I scanned my user, and it came up with an email virus within about 5 minutes, which I promptly deleted. Don’t be afraid! Use it! ;) (Though it is a good idea to generally be cautious about what you download, people!)

  • IanSecurity

    I have worked in the PC computer sector for about 5 years now, and I specialize in OSX. I should point out before the flames come a-rolling that I do not work with commercial anti-virus makers, nor do I write Chicken Little articles about how vital it is to run out and spend $50 on software to protect you from the inevitable explosion of your computer. I investigate, and I troubleshoot. Nothing more.

    While it is true that it is rare to find a virus/malware program attacking macs, it is documented and it is an ever-greater possibility. There are several reasons why OSX viruses have been slow in the making: 1) traditionally, access to a Mac has been relatively expensive. The majority of individuals involved in creating malicious code started out in their teens, thus lacking the funds for a mac computer. By the time they had gotten a place in life where they could afford one, they were either too comfortable creating PC viruses, OR they desired the widest range of targets, which brings me to my next point. Virus creation for OSX was/is a slow business because of the small market share Apple traditionally held. Part of the criminal mindset (especially in this area) is pride and reputation. The more people affected, the more rep you get. More people have PC, ipso facto more viruses/malware are created for PCs. These are all documented phenomena in the security industry, I’m not pulling stuff out of my…USB port.

    That said, macs are getting cheaper and more common. Now, OSX is designed in a very clever way, and with features like FileVault Apple is taking preemptive measures to counter future attacks. That said, as another commenter mentioned, no operating system is bulletproof, and for every Apple security expert there are ten hackers/coders out there, some of whom (unfortunately) are rather clever.

    While the likelihood of your Mac system being compromised remains minute, the possibility remains real (research Flashback attack to see what I mean). I would highly suggest (a) using FileVault for now, and Gate Keeper for Mountain Lion, and (b) finding a free, well-reviewed anti-virus (ClamXav is a great place to start) and using it regularly. In the security of your data, the saying “It’s better to be safe than sorry” is more than applicable – it should be your mantra.

    Hope this helps clarify for some!

    Ian
    OSX Security Specialist

  • Frank

    Hi, I had Intego VirusBarrier X6 installed on my MacBook Pro (Mountain Lion) and I had about two crashes a day… Got rid of it and voila no problem anymore !!! Kind regards,

theatre-aglow
theatre-aglow
theatre-aglow
theatre-aglow