ClamXav Follow-up: Test with Live Malware
I took a look at the freeware ClamXav anti-virus software for the Mac (based on the Open Source ClamAV project) last month.
ClamXav: Free Anti-Virus for Your Mac - Help Protect Your PC Friends
I commented then that: I didn't have any Windows XP malware samples to test against (I used to keep some on my Linux box to test ClamAV there but stopped doing that a few years ago).. Live malware is the sort of thing I leave lying around on a hard drive. But, after a bit of hunting I found my collection.
As you can see from the first couple of test results, I have a variety of old malware in Microsoft EXE (executable), SCR (screensaver executable), ZIP (compressed archive), and other file types that hid the malware. I also have some uninfected files and files that generate false positives in the collection.
I think ClamXav missed a couple of infected files. But, this, unfortunately, is not unusual even when working with an old batch of malware that should be identifiable at 100% by now.
As I said in my previous blog item about ClamXav, this exercise is more about protecting our Windows using friends and co-workers. All of the test malware I have targets that platform and not OS X.
Categories
Mac
Read More Entries by Todd Ogasawara.
Become an O'Reilly Member
Visit the Digital Media Forums
Subscribe to the Digital Media Blog Feed
Subscribe to the Digital Media Newsletter
FARfetched: In fact, I am *NOT* getting loads of malware each day. Server-side spam & malware filtering takes care of 99+% of the issue as far as I am aware. Do I still see spam? Sure. But, I rarely see spam with embedded or attached malware these days.
I get fresh loads of malware almost every morning in my email — are you saying you don't? Amazing.