This post was updated on April 9, 2007 to fix broken images.
I wrote this up for my fellow Mac users at work today, and thought it might help someone else.
While there aren’t many things to worry about in the Apple world, that may not always be the case, and it’s better to stay one step ahead of the script-kiddies and nefarious assholes.
First, go download ClamXav.
Note that some of these steps will require administrative privileges, so provide the proper info when prompted.
Double-click on the “ClamXav_1.0.1.dmg” file to mount the disk image.
Click-and-drag the ClamXav icon into your Applications folder.
Double-click that application to launch it. This first time, it will prompt you to install the anti-virus engine. Click the “Install” button and let it do its thing.
Then, you will be presented with the application’s main window. First, click the “Update virus definitions” button and let it run until it finishes. Next, click the “Preferences” button to configure the application.
Inside Preferences, you’ll see four top-level categories, starting with “General”. While you are free to configure settings to your liking, you should configure the highlighted options as I show here.
Check the box to Quarantine infected files. Click the “Set quarantine folder” to select the destination for virus-laden files. You can create a new folder in the subsequent dialog box.
Check the box to Alert on virus detection.
DO NOT check the box to Scan mail in .mbox files, because as of OS X 10.4.x (Tiger) the Mail application no longer stores email in that format. Note that the Quarantine and .mbox options are mutually exclusive. We will take care of scanning mail later in the “Folder Sentry” settings.
Next, in the “Internet” settings, check all the boxes at the bottom to ensure that your stuff stays up-to-date. Note that this is in addition to whatever scheduling you set up.
Next, in the “Schedule” settings, you can setup periodic scheduled system scans if you like; that’s up to you. You should however schedule at least one weekly update check, so you don’t have to manually launch ClamXav for it to go out and check for program and virus definition updates. Pick a day and time when you *know* your machine will be on; I chose lunchtime(s).
Finally, you need to set up the “Folder Sentry”, which is the “scan new stuff” runtime piece of the software. Open up a new Finder window and drag folders you want “watched” into the pane. You should drop in your Desktop folder (the most likely download destination when getting stuff from the web) and your Mail Downloads folder (found in the Library folder under your home folder).
You should also add the “Messages” folder for *each* POP mail account you check. These will be located under your home folder » Library » Mail » POP-email_address » INBOX.mbox » Messages. Drag all of them here so all your mail is scanned as it arrives.
Note: ClamXav will not scan nested folders, which is why you can’t simply add your Mail folder to the watched list. It will only monitor the contents of the folders you specify.
Check the box to Launch the Sentry when you log in, and then Save Settings & launch the sentry.
Finally, click “OK” to save all the preferences. You can then quit out of the ClamXav main program.
You will then be left with a little folder in your menu bar with little scan bars that will activate when it is scanning stuff.