Set up ClamAV for OSX #1 : The open source virus scanner

Jonas Felix
2 min readJan 5, 2017

--

This is a first draft — please give me input what I should improve in the tutorial.

Very simple setup for ClamAV as macOS (OSX) virus scanner. ClamAV can look for files that match it’s database of malicious patterns. Don’t think of it like a complete protection, more of a scanner that looks for bad things you already got on your disk.

=> Please follow on Twitter & Medium for more!

#1 Install Homebrew OSX Package manager:

With brew you can install thousands of software packages.

#2 Install ClamAV using brew:

We use the terminal command brew. So open the macOS Terminal and run the following command.

brew install clamav

TIP: To open the “Terminal” press “CMD+Space” on your keyboard, and then type “terminal” into the search bar. As it shows the Terminal app hit enter — e voila you opened the Terminal.

#3 Configure ClamAV

Copy the existing ClamAV file:

cd /usr/local/etc/clamav/
cp freshclam.conf.sample freshclam.conf

Comment out line containing “Example”:

cd /usr/local/etc/clamav/
sed -ie 's/^Example/#Example/g' freshclam.conf

This will put a # in front of the line stating “Example” so ClamAV knows that you actually changed it. It want’s to make sure that you thought about the settings.

#4 Update ClamAV database

freshclam -v

This will download all kind of information and database files ClamAV uses to run it’s scans. It may take a while depending on your internet speed.

#5 Scan everything (can take several hours)

Now we can start a single scan that checks all our files:

clamscan -r — bell -i /

Instead of / you can also add a path like “~/” if you only want to scan your home directory, or “/Applications/”. But you should in the end scan everything.

Hint by John Smith:

sudo mkdir /INFECTED
sudo clamscan -r — scan-pdf=yes -l /INFECTED/infected.txt — move=/INFECTED/ /

This is now a one-time scan you should do from time to time. As a next step we can set up a continuous scan.

Next Step: Setup “clamd” and let it run in the background. Disclaimer: clamd doesn’t do much on it’s own.

=> Please follow on Twitter & Medium for more!

--

--

Jonas Felix

Full Stack Entrepreneur - on a creative journey after first successful exit. New tech, science, OpenSource, Software Development, Space Enthusiast, Skydiver...