Clamav Mac Osx
Memorandum : Building ClamAV® on Mac OS X 10.4 through macOS 11.0 Big Sur
ClamAV ® is the open source standard for mail gateway scanning software. Another option is to download it from the ClamAV Web site, which provides additional links to ClamAV scanners built for Windows and Mac OS X. ClamAV works as a client/server system, but you can.
Building ClamAV® on Mac OS X 10.4 through macOS 11.0 Big Sur
I'm running ClamXav Sentry as 'launch agent' with ClamAV antivirus scanning engine of my own custom build.
I've tested for building ClamAV (from version 0.90.x to version 0.103.x) on Mac OS X 10.4 through macOS 11.0 Big Sur.
I'm running the latest stable release ClamAV 0.103.0 on macOS 11.0 Big Sur now.
ClamAV 0.103.0 is available on the Download page of ClamavNet, and the release note is here!
When you want to build ClamAV-devel from the Git sources, autotools are now requied.
For further information, see the following section:
'How to install ClamAV®-devel from the Git sources on macOS'.
This memorandum contains as below:
・ Memorandum 1: Building ClamAV 0.103.x on OS X 10.10 Yosemite through macOS 11.0 Big Sur
・ Memorandum 2: Building ClamAV 0.99.x on OS X 10.10, 10.11, 10.12 and macOS 10.13 High Sierra
Clamav Mac Os X
・ Memorandum 3: Building ClamAV 0.98.7 on OS X 10.10 Yosemite and 10.11 El Capitan・ Memorandum 4: Building ClamAV on Mac OS X 10.4 (Intel)
・ Memorandum 5: Building ClamAV on Mac OS X 10.4 (PPC)
・ Memorandum 6: Building ClamAV on Mac OS X 10.6 through OS X 10.9 Mavericks
・ Memorandum 7: Running clamd and freshclam as daemon
・ Memorandum 8: Running ClamXav Sentry as 'launch agent' on Mac OS X 10.6 and later…
・ Memorandum 9: Update ClamXav's own Virus Database and running RunFreshclam as daemon
・ Memorandum 10: Running ClamXAV version 2.18.x with B.Y.O. ClamAV antivirus scanning engine
・ Links…
Memorandum 1: Building ClamAV 0.103.x on OS X 10.10 Yosemite through macOS 11.0 Big Sur
Building ClamAV 0.103.x on OS X 10.10 Yosemite through macOS 11.0 Big Sur
1. Requirements to build ClamAV 0.103.x is very much the same as building ClamAV 0.102.x.
2. Requirements to build ClamAV 0.102.x are almost the same as building ClamAV 0.101.x. and ClamAV 0.100.x.
The differences are as follows:
LLVM current version is 10.0.x, though ClamAV 1.02.x supports only LLVM =< 3.6.x.
The ClamAV team is not maintaining repackaged LLVM now, and they may drop the repackaged LLVM entirely
and deprecate support for system-installed LLVM in favor of the bytecode interpreter.
So LLVM Libraries are not necessarily required to build ClamAV 0.102.x, I think.
I am now configuring ClamAV 0.102.x to disable LLVM as follows:
Of course you can configure ClamAV 0.102.x to enable LLVM as before:
3. Requirements to build ClamAV 0.102.x and ClamAV 0.101.x are almost same as before.
The following are required as discussed in detail below.
・ PCRE Libraries
・ OpenSSL Libraries
・ LLVM Libraries (Only when enabling LLVM)
・ PCRE Libraries
・ OpenSSL Libraries
・ LLVM Libraries (Only when enabling LLVM)
4. Differences
The default behavior for clam to link LLVM has been changed dynamically instead of statically.
Thus making ClamAV 0.100.x fails with an error:
To build ClamAV 0.100.x enabling the LLVM Just-In-Time compiler for executing bytecode signatures,
use this configuration:
or simply use this configuration to disable LLVM Just-In-Time compiler:
Thus making ClamAV 0.100.x fails with an error:
To build ClamAV 0.100.x enabling the LLVM Just-In-Time compiler for executing bytecode signatures,
use this configuration:
or simply use this configuration to disable LLVM Just-In-Time compiler:
Memorandum 2: Building ClamAV 0.99.x on OS X 10.10, 10.11, 10.12 and 10.13 High Sierra
Building ClamAV 0.99.x on OS X 10.10, 10.11, 10.12 and 10.13 High Sierra
ClamAV 0.99.x contains major new features such as YARA rules, PCRE - Perl Compatible Regular Expressions and so on.
To support YARA and ClamAV logical signatures, the Perl Compatible Regular Expressions (PCRE) library is required.
If PCRE isn't installed on your system, you will get a warning message like this while running freshclam.
1. To ensure the PCRE library:
1) Install PCRE - Perl Compatible Regular Expressions.,
2) When compiling ClamAV 0.99.x, it fails with an error:
3) To avoid this failure, simply set CPPFLAGS:
4) And add this configuration option when configuring ClamAV: --with-pcre=/usr/local/pcre2.
2. To compile ClamAV 0.99.x on OS X 10.10 Yosemite or on OS X 10.11 El Capitan and macOS 10.12 Sierra,
in addition to the PCRE library;
1) LLVM Library is required on OS X 10.10 Yosemite.
2) LLVM Library and LibreSSL are required on OS X 10.11 El Capitan and macOS 10.12 Sierra.
Please readMemorandum 3 to learn more, and…
3) Install LLVM Library Binaries.
4) Install LibreSSL.
1) LLVM Library is required on OS X 10.10 Yosemite.
2) LLVM Library and LibreSSL are required on OS X 10.11 El Capitan and macOS 10.12 Sierra.
Please readMemorandum 3 to learn more, and…
3) Install LLVM Library Binaries.
4) Install LibreSSL.
3. Configure ClamAV 0.99.x on OS X 10.10 Yosemite as follws:
4. Configure ClamAV 0.99.x on OS X 10.11 El Capitan and macOS 10.12 Sierra as follws:
Memorandum 3: Building ClamAV 0.98.7 on OS X 10.10 Yosemite and 10.11 El Capitan
Built-in LLVM of ClamAV 0.98.7 and 0.99.x are not compatible with GNU C++ on OS X 10.10 Yosemite and 10.11 El Capitan.
So ClamAV 0.98.7 and 0.99.x built on OS X 10.10 Yosemite or on OS X 10.11 El Capitan have major issues:
- Clamd crashes repeatedly throwing 'Segmentation Fault: 11'
- Clamscan also crashes and fails to scan…
- Freshclam fails to load new database logging:
These problems can be avoided by installing official LLVM.
Versions of LLVM beyond 3.6 seem not to be currently supported in ClamAV, so you should install LLVM 3.6.2.
1. Installing LLVM 3.6.2 Pre-built Binaries
2. To use LLVM installed into /usr/local as a system library instead of the ClamAV's built-in LLVM JIT,
add configuration option as following:
3. Configure ClamAV 0.98.7 on OS X 10.10.x Yosemite as follws:
Building ClamAV 0.98.7 on OS X 10.11 El Capitan
Apple introduded a new security feature SIP: System Integrity Protection (rootless) to OS X 10.11 El Capitan, so in /usr directory
OS X 10.11 El Capitan has the different file composition from OS X 10.10 Yosemite.
While configuring ClamAV 0.98.7 on OS X 10.11 El Capitan, configuration fails with an error:
1. To solve this configuration issue, install LibreSSL.
Setting search path:
You can confirm the installation:
2. But it's not still sufficient to succeed building.
Building fails with an error:
3. To succeed building ClamAV 0.98.7 on OS X 10.11 El Capitan, set CPPFLAGS:
4. Configure ClamAV 0.98.7 on OS X 10.11 El Capitan as follws:
5. Notes
Apple has opted to use LibreSSL while providing OpenSSL in OS X 10.11 El Capitan and macOS 10.12 Sierra.
In macOS 10.13 High Sierra, Apple seems to switch SSL libraries from OpenSSL 0.9.8zh to LibreSSL 2.2.7.
LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014.
And it is know to build and work on Mac OS X (tested with 10.8 and later).
So I have changed OpenSSL for LibreSSL to build ClamAV.
Now you can use LibreSSL 2.7.x (the latest stable release).
If you want to use OpenSSL as before, ClamAV 0.100.x is compatible with OpenSSL 1.1.1x,
so you can use OpenSSL 1.1.1x.
In macOS 10.13 High Sierra, Apple seems to switch SSL libraries from OpenSSL 0.9.8zh to LibreSSL 2.2.7.
LibreSSL is a version of the TLS/crypto stack forked from OpenSSL in 2014.
And it is know to build and work on Mac OS X (tested with 10.8 and later).
So I have changed OpenSSL for LibreSSL to build ClamAV.
Now you can use LibreSSL 2.7.x (the latest stable release).
If you want to use OpenSSL as before, ClamAV 0.100.x is compatible with OpenSSL 1.1.1x,
so you can use OpenSSL 1.1.1x.
Setting search path:
If you use OpenSSL 1.1.1x to compile ClamAV 0.99.x, add more this configuration.
Memorandum 4 : Building ClamAV on Mac OS X 10.4 (Intel)
In last update, Clam AntiVirus developer team introduced JIT compiler to ClamAV® 0.96.
Apple gcc (version: 4.0.1 build: 5370) in Mac OS X 10.4 (aka Tiger) failed to build ClamAV 0.96.x and 0.98.x with JITcompiled in.
With a brief struggle I found a good solution that I will tell you here.
1) First, install LLVM (Low Level Virtual Machine) and LLVM-GCC 4.2 Front End.
2) Second, add this configuration option: --enable-llvm.
Then you can build ClamAV 0.96.x and 0.98.x with JIT compiled in and use new features included in anti-virus toolkit.
Install LLVM (Low Level Virtual Machine) and LLVM-GCC 4.2 Front End
1. Installing LLVM-GCC 4.2 Front End Binaries
2. Setting search path
3. Installing LLVM 2.3
Install MacPorts and the packages
1. Installing MacPorts
Go to their Installing MacPorts page, download the .dmg for your platform, and install it.
Ensure it's up to date by running:
Ensure it's up to date by running:
2. Installing the packages: bzip2
3. Maintaining MacPorts and installed packages
Compile ClamAV 0.98.x and Install
1. Modify /shared/output.c & output.h to avoid compiling error. (Only needed for compiling ClamAV 0.98.1)
2. ./configure (version 0.98 and 0.98.1)
3. ./configure (version 0.98.3 or later)
4. Make, make check and install ClamAV
To compile ClamAV 0.96.3 or later, bzip2 (Version 1.0.6) that fixes CVE-2010-0405 is required.
Mac OS X has bzip2 (Version 1.0.5) built-inand it is outdated, so you get WARNING as follows while running configuration command.
To solve this problem on Mac OS X 10.4, you can install bzip2 (Version 1.0.6) using MacPorts and add this configuration option:
export LDFLAGS='-L/opt/local/lib' as follows.
Apple has patched the CVE-2010-0405 bug on Mac OS X 10.6.7 but not on Mac OS X 10.4.11.
To compile ClamAV 0.98.3 or later, OpenSSL (Version 0.98y or above including the X509_VERIFY_PARAM function)
is required.Mac OS X 10.4 has OpenSSL 0.9.7l built-in and MacPorts fails to build OpenSSL, so you have to install OpenSSL 0.9.8zh.
1. Install OpenSSL 0.9.8zh
2. Setting search path
Compile ClamAV 0.99.x and Install
To compile ClamAV 0.99.x on Mac OS X 10.4, in addition to installing LLVM Front End, MacPorts, bzip2 and OpenSSL the PCRE library is required as pointed out above.
1. Install PCRE - Perl Compatible Regular Expressions.
2. ./configure
3. Make, make check and install ClamAV
Memorandum 5 : Building ClamAV on Mac OS X 10.4 (PPC)
PPC users have to install LLVM-GCC 4.2 Front End Binaries for PPC and configure ClamAV 0.96.x and 0.98.x with different configuration.
Install LLVM (Low Level Virtual Machine) and LLVM-GCC 4.2 Front End
1. Installing LLVM-GCC 4.2 Front End Binaries
2. Setting search path
3. Installing LLVM 2.3
Install MacPorts and the packages
1. Installing MacPorts
Go to their Installing MacPorts page, download the .dmg for your platform, and install it.
Ensure it's up to date by running:
Ensure it's up to date by running:
2. Installing the packages: bzip2
3. Maintaining MacPorts and installed packages
Compile ClamAV 0.98.x and Install
1. Modify /shared/output.c & output.h to avoid compiling error. (Only needed for compiling ClamAV 0.98.x)
2. ./configure
3. Make, make check and install ClamAV
Memorandum 6 : Building ClamAV on Mac OS X 10.6 through OS X 10.9 Mavericks
Building ClamAV on Mac OS X 10.6 through OS X 10.9
GNU C++ and bzip2 (Version 1.0.6) are installed on Mac OS X and later, so you can simply build ClamAV 0.96.x and 0.98.x with JIT compiled in and use new features included in anti-virus toolkit.
1. On Mac OS X 10.7, after installing Xcode 4.3 in /Applications, you should install the Command Line Tools:from 'Xcode -> Preferences -> Downloads -> Components pane', or install them via the separate installer from
developer.apple.com. and
developer.apple.com. and
2. Run these commands to make sure that everything is pointed in the right place.
Compile ClamAV 0.98.x and Install
1. ./configure
2. Make, make check and install ClamAV
Compile ClamAV 0.99.x and Install
1. To compile ClamAV 0.99.x, the PCRE library is required as pointed out above.
Install PCRE - Perl Compatible Regular Expressions.
2. ./configure
3. Make, make check and install ClamAV
Memorandum 7: Running clamd and freshclam as 'launch daemon'
1. I'm running clamd and freshclam as 'launch daemon' managed by:
/Library/LaunchDaemons/org.clamav.clamd.plist
/Library/LaunchDaemons/org.clamav.freshclam.plist
/Library/LaunchDaemons/org.clamav.freshclam.plist
2. Edit clamd.conf and freshclam.conf for using ' daemons'.
3. Set appropriate permissions for ClamXav and ClamXav Sentry.
4. Notes
When using 'daemon' to launch freshclam,
uncheck 'Update virus definitions on launch' of ClamXav's 'General Preferences' section.
Updates of virus definitions gets executed automatically by 'freshclam daemon'.
uncheck 'Update virus definitions on launch' of ClamXav's 'General Preferences' section.
Updates of virus definitions gets executed automatically by 'freshclam daemon'.
Memorandum 8: Running ClamXav Sentry as 'launch agent' on Mac OS X 10.6 and later…
Running ClamXav Sentry as 'launch agent' on Mac OS X 10.6 and later…
1. When running ClamXav Sentry as 'launch agent', ClamXav Sentry keeps alive.
So even if it crashes, it gets back and keeps watching files and folders without any incident.
I'm running ClamXav Sentry as 'launch agent' managed by ~/Library/LaunchAgents/org.clamXavSentry.plist
I'm running ClamXav Sentry as 'launch agent' managed by ~/Library/LaunchAgents/org.clamXavSentry.plist
2. On Yosemite and El Capitan, I'm using this org.clamXavSentry.plist file to avoid ClamXav Sentry's annoying error:
3. Notes
When using 'launch agent' to launch ClamXav Sentry,
uncheck 'Launch ClamXav Sentry when you log in to this computer' of 'ClamXav Sentry Preferences' section.
ClamXav Sentry automatically launches and keeps alive by 'launch agent' when logging in.
CFBundleExecutable name 'ClamXavSentry' was replaced by 'ClamXav Sentry' in ClamXav 2.7.x.
So you should replace 'ClamXavSentry' with 'ClamXav Sentry' in org.clamXavSentry.plist.
If you are running clamd as 'launch daemon' and running ClamXav Sentry 3.x as 'launch agent',
use this hidden preference setting:
And if you are running clamd as 'launch daemon' and running ClamXav Sentry 3.5.x as 'launch agent',
use this hidden preference setting:
uncheck 'Launch ClamXav Sentry when you log in to this computer' of 'ClamXav Sentry Preferences' section.
ClamXav Sentry automatically launches and keeps alive by 'launch agent' when logging in.
CFBundleExecutable name 'ClamXavSentry' was replaced by 'ClamXav Sentry' in ClamXav 2.7.x.
So you should replace 'ClamXavSentry' with 'ClamXav Sentry' in org.clamXavSentry.plist.
If you are running clamd as 'launch daemon' and running ClamXav Sentry 3.x as 'launch agent',
use this hidden preference setting:
And if you are running clamd as 'launch daemon' and running ClamXav Sentry 3.5.x as 'launch agent',
use this hidden preference setting:
Memorandum 9 : Update ClamXav's own Virus Database and running RunFreshclam as daemon
1. Now ClamXav and ClamXav Sentry use combined official and its own virus database as below:
2. To get and update ClamXav Virus Database,
extract RunFreshclam from the latest ClamXav.app/Contents/Resources/clamavEngineInstaller.pkg
and place it into
ClamXav 2.8.9.4 requires empty file called 0.99.1_update_4 inside /usr/local/clamXav.
and place it into
ClamXav 2.8.9.4 requires empty file called 0.99.1_update_4 inside /usr/local/clamXav.
3. When you launch ClamXav 2.8.9.1 and update virus definitions, ClamXav logs follwing error:
ClamXav 2.8.9.1 requires freshclam compiled with option '--show-progress'.
For details, see 'Bug 11455 – [Clamav-devel] Patch to force freshclam download progress meter'.
To solve this issue, get and apply 'freshclam_show-progress.patch' before you build ClamAV 0.99.0.
--------
The patch has been checked in ClamAV 0.99.1 repository, so no need for patching to build ClamAV 0.99.1.
For details, see 'Bug 11455 – [Clamav-devel] Patch to force freshclam download progress meter'.
To solve this issue, get and apply 'freshclam_show-progress.patch' before you build ClamAV 0.99.0.
--------
The patch has been checked in ClamAV 0.99.1 repository, so no need for patching to build ClamAV 0.99.1.
Running RunFreshclam as 'daemon' instead of freshclam daemon
1. I'm now running RunFreshclam as 'daemon' instead of freshclam daemon managed by:
/Library/LaunchDaemons/com.clamXav.runfreshclam.plist
2. Edit freshclam.conf for using RunFreshclam ' daemons'.
3. Set appropriate permissions for RunFreshclam (ClamXav version =< 2.8.x).
Notes:
As concerns appropriate permissions on ClamXav 2.9.x, see described below.
4. Checking and updating virus definitions:
When running 'RunFreshclam' as ' daemon',
'RunFreshclam' automatically (at regular time intervals, e.g. every 30minutes or every 1 hour as you set) executes checking and updating both ClamXav's own virus definitions and official ClamAV® virus definitions, so you need not run 'freshclam daemon'.
An example of freshclam.log:
'RunFreshclam' automatically (at regular time intervals, e.g. every 30minutes or every 1 hour as you set) executes checking and updating both ClamXav's own virus definitions and official ClamAV® virus definitions, so you need not run 'freshclam daemon'.
An example of freshclam.log:
Memorandum 10 : Running ClamXAV version 2.19.x with B.Y.O. ClamAV engine
To run ClamXAV 2.19.x and ClamXAV Sentry 3.19.x with B.Y.O.E.
1. ClamXav has a new engine install and uninstall mechanism since version 2.9.
Now ClamXav examines whether all the files necessary for ClamXav are installed exactly, and investigates whether the permissions on all files and folders at /usr/local/clamXav are right.
When you fail to satisfy the requirements, ClamXav tries to repair /usr/local/clamXav, and all files and folders are changed to its own official engine.
To satisfy the requirements, the following files are needed at the very least in addition to B.Y.O. ClamAV files:
When you fail to satisfy the requirements, ClamXav tries to repair /usr/local/clamXav, and all files and folders are changed to its own official engine.
To satisfy the requirements, the following files are needed at the very least in addition to B.Y.O. ClamAV files:
2. Steps to satisfy the requirements for ClamXAV Version 2.19.3 (3715):
1) make empty file called 0.100.1_update_08 inside /usr/local/clamXav/
2) extract gfslogger and RunFreshclam from ClamXAV.app/Contents/Resources/clamavEngineInstaller.pkg
3) place those files into appropriate directory:
4) ClamXav 2.11.x changed the name of two files located at /usr/local/clamXav/share/clamav/.
First run RunFreshclam completely, then you can place them at /usr/local/clamXav/share/clamav/ as follws:
First run RunFreshclam completely, then you can place them at /usr/local/clamXav/share/clamav/ as follws:
An example of files located at /usr/local/clamXav/share/clamav:
5) Set appropriate permissions at /usr/local/clamXav for ClamXAV 2.19.x.
3. Now you can run ClamXAV Sentry 3.19.x as 'launch agent' and run RunFreshclam as 'launch daemon' with no issues.
As a matter of course you can launch ClamXAV 2.19.x and it works all right.
An example of freshclam.log:
An example of freshclam.log:
4. Important Notes
Canimaan Software Ltd released ClamXav Version 2.9 (2378) and then has stopped official support for B.Y.O. Engine.
If you keep using B.Y.O. Engine, do that on your own risk.
Now ClamXAV 3 is available, thus ClamXAV 2 will not receive malware database updatesbeyond 31st October 2018.
If you keep using B.Y.O. Engine, do that on your own risk.
Now ClamXAV 3 is available, thus ClamXAV 2 will not receive malware database updatesbeyond 31st October 2018.
ClamAv is a command line virus scanner. It runs on all the major platforms, Windown,Linux, and OSX. You can download the source and install it from there, or you can follow these simple steps to install it using MacPorts.
To install ClamAv check the ports including clam by listing these:
port search clam
Then to install the files issue:
sudo port install clamav clam-server clamsmtp p5-mail-clamav
Once the ports are installed you'll need to configure ClamAv. The following is an extract from the port installation echo:
To configure clamd and freshclam look for the following files:
/opt/local/etc/clamd.conf
/opt/local/etc/freshclam.conf
If these files do not exist you can copy the sample conf files into place:
sudo cp /opt/local/etc/clamd.conf.sample /opt/local/etc/clamd.conf
sudo cp /opt/local/etc/freshclam.conf.sample /opt/local/etc/freshclam.conf
Edit /opt/local/etc/clamd.conf to your liking, example:
# Comment out 'Example' near the top if it exists
#Example
LogFile /opt/local/var/log/clamav/clamd.log
PidFile /opt/local/var/run/clamav/clamd.pid
LocalSocket /opt/local/var/run/clamav/clamd.socket
Clamav For Mac
TCPSocket 3310
TCPAddr 127.0.0.1
Foreground yes
Edit /opt/local/etc/freshclam.conf to your liking, example:
# Comment out 'Example' near the top if it exists
#Example
UpdateLogFile /opt/local/var/log/clamav/freshclam.log
PidFile /opt/local/var/run/clamav/freshclam.pid
Openssl Mac Os X
NotifyClamd /opt/local/etc/clamd.confThe important thing when editing these configuration files, is that the directories for clams and freshclam points to the same directories. I let mine point to:
/opt/local/var/log/clamav/
/opt/local/var/run/clamav/
And, make sure that the TCPSocket and TCPAddr are set, enabling you to use ClamAv from within other programs. After installation you'll need to create an entry in the ports share directory. The reason for this is that ClamAv runs in this directory and the directory is not created on installation. Create it like this:
sudo mkdir -p /opt/local/share/clamav
sudo chown clamav:clamav /opt/local/share/clamav
Now you're ready to create a fresh clam, issue:
sudo freshclam -v
Current working dir is /opt/local/share/clamav
Max retries 3
ClamAV update process started at Thu Mar 24 00:01:09 2016
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 632
Software version from DNS: 0.99.1
main.cvd version from DNS: 57
main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
daily.cvd version from DNS: 21470
daily.cld is up to date (version: 21470, sigs: 83891, f-level: 63, builder: neo)
bytecode.cvd version from DNS: 275
bytecode.cvd is up to date (version: 275, sigs: 45, f-level: 63, builder: amishhammer)
ClamAv will generate a new virus signature file. When it is done, you're ready to scan your box. This is done by:
clamscan -ro ~/
----------- SCAN SUMMARY -----------
Known viruses: 4297361
Engine version: 0.99.1
Scanned directories: 132235
Scanned files: 595659
Infected files: 0
Total errors: 4
Data scanned: 72096.62 MB
Data read: 136687.80 MB (ratio 0.53:1)
Time: 22133.709 sec (368 m 53 s)
It'll take loads of time to finish. As, almost, all other codlin tools --help or man clamscan displays all the options you can pass to the program. Next, you'll need to get ClamAv running automatically. Following the installation instructions, another extract:
Two launchd startup items have been installed.
To load clamd and freshclam do the following:
sudo launchctl load -w /Library/LaunchDaemons/org.macports.clamd.plist
sudo launchctl load -w /Library/LaunchDaemons/org.macports.freshclam.plist
To unload clamd and freshclam do the following:
sudo launchctl unload -w /Library/LaunchDaemons/org.macports.clamd.plist
sudo launchctl unload -w /Library/LaunchDaemons/org.macports.freshclam.plist
Issue both of the commands that loads the deamons, then check that the clamd is running.
ps -aef | grep clamd
The result should look somewhat like this:
0 25965 1 0 4:52PM ?? 0:07.78 /opt/local/sbin/clamd
If your are using Thunderbird and Firefox you can use ClamAv to scan your downloads and your mails. Install the firefox add-on Fireclam, and the Thunderbird add-on clamdrip LIN.
The clam drip LIN extension if meant for Linux only, but it's all runnable using the port version of ClamAv. simply press the: Download for Linux anyway link anyhu!
Clamscan Mac
And import the add on in Thunderbird. Ignore the *beware* message, if you do not trust me, check the contents of the plugin file, using unzip to extract it and inspect the code. It, doesn't look malicious to me.
Next, go to the Thunderbird add on, and select the clam drib preferences. Configure it to listen to the clamd available on localhost:3310.
Clamav Macos Gui
Now, all you have to do to verify that ClamAv is running, is to check your mail.
The ClamAv status is shown in the green blop above. The information is also shown in the preview pane in Thunderbird.