Frequently Asked Questions
Frequently Asked Questions relating to Sales are available on the Sales FAQ page.

What is the difference between malware, viruses, and trojans?

A virus is a self-replicating, self-propagating, malicious piece of software designed to destroy files and folders on a computer system. A trojan is a piece of software which pretends to be legitimate and useful but does in fact install other software (unbeknownst to you) which opens up a "back door" to your computer. This back door allows a hacker to have access to your files and theoretically your entire computer system. A computer infected by a trojan typically becomes part of a botnet. Malware is just a generic term to cover both types of threat.

What is phishing?

Phishing is the term given primarily to email which is designed to fool you into believing it's legitimate so that you will follow links to their websites and enter private information. The websites are typically made to look like those of banks and prompt you to provide personal information such as usernames, passwords, credit card numbers etc. Legitimate emails from a bank or financial institution will almost never ask you to click links to their website; they will usually use words like "go to our website and log in". They can be very convincing at times, especially if you actually do have an account with the company being spoofed. Don't be fooled. If in doubt, call them using a phone number you already hold on file and know is correct.

What is the best way to update ClamXav when a new version is available?

The best way is simply to launch ClamXav, go to the ClamXav menu and select "Check for ClamXav updates...". That's it. Everything else is taken care of automatically.

What if that doesn't work?

Download the new version from the Downloads page. Then, if you use ClamXav Sentry, you must quit it before attempting to replace the ClamXav app. Do this by going to the Sentry menu in your menu bar () and selecting "Quit". If you don't quit it, the update process will fail and you may or may not get an unhelpful error message.

I've seen this in the update log. What does it mean and should I worry about it?

WARNING: Your ClamAV installation is OUTDATED - please update immediately!
WARNING: Current functionality level = xxx, required = yyy

This happens when the folks who develop the ClamAV scanning engine release a more up-to-date version. If you start seeing this, it's a safe bet that there'll be a new version of ClamXav on its way soon. I suggest you use the built-in update check feature of ClamXav to keep on top of new versions of both ClamXav and the scanning engine backend.

How can I scan my entire hard drive?

Click the + button in ClamXav's main window and add it to your source list. Then just scan it as if it were any other file or folder.

I already bought ClamXav through the Mac App Store, do I need to buy it again?

The version of ClamXav which used to be available in the Mac App Store was free, so although you may have downloaded it from the App Store, there would have been no charge for this.

Will ClamXav cause conflicts with other antivirus scanners?

No conflicts have been reported, however, having two different scanners checking the same files/folders is a recipe for disaster if one or other of them is set to move infected files into quarantine. If neither is set to move files about, then you might be OK, but we would advice against running more than one AV product at one time.

Are there any known conflicts with ClamXav or ClamXav Sentry?

ClamXav Sentry will not work if you have Unsanity's WindowShadeX installed. You will need to add ClamXav Sentry to the list of excluded applications in the Application Enhancer's excluded apps list.

Can Mac viruses which pre-date OS X infect Mac OS X in any way?

Not directly, no. OS X is unlike any Mac operating system which went before it, and as such, all programs (and that includes viruses) need to be rewritten to a certain extent before they will function. As yet, this hasn't happened for any old world Mac viruses. On the other hand, if you are still using an old machine running OS X 10.4 and run OS 9 software inside the classic environment, then you do need to consider older viruses as they can still infect OS 9 applications/documents.

I think this file is malicious but ClamXav didn't find any malware. How can I be sure?

Please send the file to us and we'll investigate it for you.

Where can I submit files which are definitely malware but are undetected by ClamXav?

If you think a file should be detected but isn't, please send the file to us and we'll sort it out as soon as possible.

When ClamXav Sentry is watching a folder, it doesn't scan changes to the contents of folders therein a.k.a nested folders or recursively. Why?

In ClamXav's preferences, switch to the Sentry panel and make sure there is a tick in the checkbox for "Subfolders".

The file downloaded from here is corrupt or invalid and will not mount. What do I do?

For whatever reason, your computer has failed to download the entire file. Try it again from the downloads page. For good measure, you may also want to try using a different browser.

ClamXav has identified a virus in my Word documents. What can I do about it?

One way to remove the infection is to delete the infected file but this may be unacceptable and may in fact not solve the problem.
What you want to do is quit ALL office programs (Word, Excel, PowerPoint, Entourage etc) and delete Word's "Normal" file which you'll find inside your Home Folder/Documents/Microsoft User Data/Normal. Empty the trash. Open Word and go to the Word menu -> Preferences -> Security and put a tick in the box under "Macro Security". Open each of your Word/infected documents and click Disable Macros when the warning comes up. Then copy and paste the contents into a new document and delete the original.

Whilst browsing the web, ClamXav Sentry alerted me to a virus in my browser's cache. Why?

You've probably set ClamXav Sentry to watch your browser's cache and it must have found a scam site there. This means you may have visited a scam/phishing website recently! These sites usually look exactly like banks or PayPal, but end up stealing your personal information. If you get this warning, make absolutely sure the website address is the one you expect eg. if you're wanting PayPal but the address bar says (with two Ls or something equally subtle), close the window asap. If you've already given your name/password then I suggest you change it immediately. Please note: ClamXav is not currently designed to watch which websites you connect to; the absence of a warning does not necessarily indicate a safe website.

Sentry will not launch at startup/login. Why?

Quit ClamXav. Go to System Preferences -> Accounts -> Login Items and remove ClamXav Sentry from the list. Go back into ClamXav's preferences and set the "Launch at Login" preference again.

I have scanned my Mac and it found 1743 errors. What are these errors and how can I fix them?

These "errors" are not actually errors but are usually files you don't have read access to. They may belong to another user or to the System. Either way they probably aren't anything to be concerned about.

ClamXav has identified a virus in my email. How can I find and remove it?

Please see this thread on the support forums.

How do I uninstall ClamXav completely?

First thing to do is quit ClamXav Sentry (if you use it) and make sure it's not set to launch at log in. Then simply drag to the trash; after a few seconds you'll see a message asking if you would also like to uninstall the scanning engine. The uninstaller will remove the scanning engine and any schedules you've got set up.