Reproduced here is a posting from Tom Smith to the Wizards-L listserv, Feb 17, 2006
In spite of the apparent low risk of the new Mac OS X worm, I took it as an invitation to explore the world of OpenSource antivirus for Mac OS X. I thought perhaps others might like to read about what I learned.
One highly acclaimed opensource antivirus program for OS X is clamAV. But I was disappointed to read what is (to a non-programmer) a difficult installation procedure. And then, the AV application must be run from the command line (from a terminal window). Not very Mac-like.
Fortunately, I learned from "What is ClamXav?" that Mark Allen has developed a very nice Mac GUI for clamAV, including an installer. It is called ClamXav. It is free, with donations accepted (which I recommend, if you find ClamXav useful).
I have installed ClamXav and it seems to work very well, though the proof will be when one of my Microsoft friends e-mails an infected Word document to me. And, by the way, I see that the free ClamAV virus database now protects against the new OS X worm reported yesterday.
I would guess that virus updates from the opensource community are probably somewhat slower than from the commercial AV vendors, but is probably acceptable given the low incidence of malicious MacWare. ClamXav seems to have all of the important features for a stand-alone AV program, including "Sentry" (or autoscanning of specified watch folders), automatic updates, scheduled scans, etc.
It is not really an enterprise AV solution, however, unless you are willing to install it on your base image and update it via ARD, radmind, netRestore or whatever (though the AV engine and virus definitions can automatically update on their own). Perhaps there are others on the Wizards list who can recommend a true enterprise AV solution that would include both PC and Mac OS X. I have heard that Sophos has one such solution, but have no direct experience with it. At Park School we use Symantec Enterprise Edition on the PC side, and if ClamXav works well for a few of us who are testing it out, we may choose to include it on our Mac base images. At least the price is right. :)
One final note, at the time of this writing, ClamXav is not certified to work on Mac OS 10.4 Tiger Server. But I notice that clamAV (the non GUI version) is already built in to Tiger Server. I never noticed that until doing this little project. <embarrassment> So my obvious next project is to turn that on to scan my users' network folders after hours.
-Tom Smith, Park School, Brookline, MA