It's probably just the way you structure the first comment above, but there is no free version of ClamXAV, only a free 30-day trial.I am intrigued by the free version of Avast and ClamXAV. ... I have not heard anyone mention Norton Security Online, which I can get for free from my cable provider...
Yes, but the ClamAV scanner uses the community database of signatures that include mostly Windows malware definitions, so scans can take a long time. ClamXAV makes the use of that extended database optional and uses over a million macOS unique definitions, along with quickscan and real-time scanning features.Just wanted to add a note that Catalina Cache Cleaner, from northernsoftworks.com, includes ClamAV amongst its many other features (and there are a lot!).
TKS Ose, thanks for the clarification that Norton Security does not support older versions of the Mac OS. I had been looking at outdated system requirements several days ago. I went and followed the links supplied by my cable provider, confirming what you said, current macOS and two prior versions. I don’t want unsupported virus software on our computers.Katharine, you had mentioned previously about the desire to find an anti-virus program that also supported some of the older versions of macOS. Norton Security tends to follow along with Apple in supporting only the current and the two prior versions of macOS. The software may still work, but it is not supported.
Thanks, Al Varnell – as you suspected, my post was not clear. I will try to write better written posts in the future. Thanks for picking that up and the clarification about the ClamXAV free 30-day trial.It's probably just the way you structure the first comment above, but there is no free version of ClamXAV, only a free 30-day trial.
I’ve not tried the current Norton product, despite great experiences with it decades ago before Symantic took over, but I’ve never heard anything but negative comments about it.
My reference to VirusBarrier was for the paid version downloaded from Intego.com. I have no experience with the free version. The paid version has never caused an issue with any of my Macs, and works quite well. It does take a considerable time to scan the ±500GB on my internal drive, which makes sense.I happened to see this discussion on security software and wanted to contribute my experience, perhaps saving others the headache that I’m dealing with right now. Intego’s free VirusBarrier Scanner anti-virus software, available from the Mac App Store, absolutely ruined my Applications folder on a brand-new, clean Mojave 10.14.6 installation running on a 3.2GHz i5 Late 2015 Retina 5K 27” iMac with 32 GB of RAM. I retired about 6 years ago as an Apple Certified Macintosh Technician (ACMT). For 25 years, I worked exclusively with Macs as a hardware/software technician and consultant.
I noticed that at least one review of VirusBarrier Scanner on the Mac App Store had already pointed this out, but when selecting a file to scan (or dragging and dropping a file into the main window), the software stalls and stalls forever before it does an actual scan. It’s not updating its malware definitions, I have no idea of what it’s doing. It just sits there for anywhere from a half a minute to 2 minutes and does absolutely nothing. Then all of a sudden, boom — it starts to scan.
The progress bar in VirusBarrier Scanner is useless. There were approximately 800,000 items to scan in my (large) Applications folder, which took at least 40 minutes to scan. After ten minutes, the progress bar was at 90%, but then it suddenly kept repeatedly jumping backward to 70% every few minutes. This went on and on and on for the rest of the scan, forward and backward, forward and backward, progress bar jumping around all over the place. Impossible to tell where you’re at in a scan with “progress” like this.
After the scan was complete, the software had modified numerous folders on my iMac (even folders that were completely empty to begin with). I hope Intego realizes that backup software often reads modification dates as criteria for backing up.
The worst part: the software sent a bunch of my apps into translocation for some reason. How this could possibly happen is beyond me. Most of the non-Apple apps I double-clicked on after the scan all presented a Gatekeeper-like message saying “this app was created by Intego VirusBarrier Scanner, are you sure you want to open it?”.
Even after numerous restarts, this still happened. I had to completely reinstall my Applications folder from a Time Machine backup to fix the problem. A number of my Mac App Store apps had to be deleted and re-downloaded as well.
All this for simply running a malware scan, and remember that this was a clean installation. I thought I was “safe” downloading from a Mac-only company and using an on-demand scanner such as this one that didn’t install system files, daemons and kexts all over the place. Never again. This software is outright dangerous.
I urge others to be careful downloading Intego VirusBarrier Scanner. This is software that I would consider to be a worse and more damaging piece of malware than the malware it is supposed to look for.
On a happier note, I used the free version of BitDefender (on demand) Virus Scanner from the Mac App Store for years without incident.
Yes, I realized that. I have no experience with recent, paid versions of Intego products. A few of my former clients used them many years ago – there were always the usual slowdowns and "A/V software blues" but nothing like my experience. I will never use the free VirusBarrier version again, though. Like I said last week, I found it to be outright dangerous.My reference to VirusBarrier was for the paid version downloaded from Intego.com. I have no experience with the free version. The paid version has never caused an issue with any of my Macs, and works quite well. It does take a considerable time to scan the ±500GB on my internal drive, which makes sense.
This is an issue for me, too. I believe ClamXAV offered the capability, via right-click to the Services menu in the Finder, but I'm not currently running it. I'd be interested in hearing about any solutions for this need.I'm finding that many of the new A/V software products do not have a quick and simple way to scan a single file (i.e.: simply dragging and dropping a zip file into the main window for those one-off downloads without needing to have daemons, launch agents and kexts all taxing the processor in the background). I'm going to give Avira a try today and will let you know how it goes. It seems to have an easier way to scan single files.
It also still has the right click "Scan with ClamXAV" feature, if you prefer that, as does VirusBarrier Express and probably a few others I don't currently have.ClamXav does have a way to scan individual files in the main window when you open ClamXav. It has a Quick Scan and a "Drop Items here" button.
Ian Paul said:F-Secure Safe for Mac review: No-frills quality protection
F-Secure Safe is a top-tier suite that offers high quality protection, but doesn't have much in the way of extras compared to similarly priced antivirus offerings. Still, if all you want is very good protection, and the option to purchase a suite for a varied number of devices, then F-Secure Safe is a good choice.
I can’t adequately address the use of any of the paid versions of BitDefender, as I’ve only tested the free version from the App Store, which is hampered by Apple rules. I know it has performed well in AV testing against the others that allowed their product to be tested. The low-cost version is the same price as ClamXAV in the first year but escalates after that.So I'm looking for an A/V product for my novice mother. (We live under the same roof, and I'm the tech support.) I already have a subscription for ClamXAV. I'm wondering if I should just use that, or buy her a license for Bitdefender, about which I have also heard great things.
PCMac UK said:Avast Security Premium (for Mac)
Certified by one independent testing lab. Speedy full scan. Useful bonus features. Ransomware protection. Wi-Fi intruder detection.
Doesn't add much to free edition's features. Expensive. Poor scores in phishing protection test. Password manager includes only basic features.
Avast Security Pro (for Mac) adds ransomware protection and Wi-Fi intruder detection to the features found in Avast's free antivirus, but these additions don't merit its high price.
I have always been of the opinion that a single anti-virus product by itself is insufficient for protecting one's devices. Instead, it is necessary to overlap protections, looking at the vectors these threats arrive on. This means:So I'm looking for an A/V product for my novice mother.
I don't think it qualifies as avoiding background processes, but F-Secure Safe does at least let you choose a file, or folder, or set of files/folders to quickly scan. (And there's an Uninstall app.)I'm finding that many of the new A/V software products do not have a quick and simple way to scan a single file (i.e.: simply dragging and dropping a zip file into the main window for those one-off downloads without needing to have daemons, launch agents and kexts all taxing the processor in the background).
Since there are no known viruses for Macs [see below —MacInTouch], the only app you need to get for your other is Malwarebytes. The paid version can be set up to run in the background. It will protect from all adware and malware. Or you can use the free version and run it occasionally, like once a week.So I'm looking for an A/V product for my novice mother. (We live under the same roof, and I'm the tech support.) I already have a subscription for ClamXAV. I'm wondering if I should just use that, or buy her a license for Bitdefender, about which I have also heard great things. Can anyone (AlVarnell?) offer any observations and/or opinions?
I want whatever would be easiest for her. I have no idea how ClamXAV reacts in the event that real-time scanning actually finds something. I'm around to help her clean up any missteps, but it would be nice to help her avoid the need for cleanup in the first place.
That seems more than a little misleading. Whether or not "virus" as an extremely specific manifestation of malware has been prevalent in recent years or not, there have been plenty of Mac malware infections, documented here on MacInTouch and all over the web.Since there are no known viruses for Macs...
In fact, here's a particularly timely update...That seems more than a little misleading. Whether or not "virus" as an extremely specific manifestation of malware has been prevalent in recent years or not, there have been plenty of Mac malware infections, documented here on MacInTouch and all over the web.Since there are no known viruses for Macs...
Malwarebytes Labs said:Mac threat detections on the rise in 2019 - Malwarebytes Labs
Conventional wisdom has been that, although not invulnerable to cyberthreats (as some old Apple ads would have you believe), Macs are afflicted with considerably fewer infections than Windows PCs. However, when reviewing our 2019 Mac detection telemetry, we noticed a startling upward trend. Indeed, the times, they are a-changin’.
To get a sense of how Mac malware performed against all other threats in 2019, we looked at the top detections across all platforms: Windows PCs, Macs, and Android. Of the top 25 detections, six of them were Mac threats. Overall, Mac threats accounted for more than 16 percent of total detections.
Perhaps 16 percent doesn’t sound impressive, but when you consider the number of devices on which these threats were detected, the results become extremely interesting. Although the total number of Mac threats is smaller than the total number of PC threats, so is the total number of Macs. Considering that our Mac user base is about 1/12 the size of our Windows user base, that 16 percent figure becomes more significant.
Tied for #1:AV-Test said:Test antivirus software for MacOS Mojave - December 2019
During October and November 2019 we evaluated 11 home user security products for MacOS Mojave. We always used the most current version of all products for the testing. They were allowed to update themselves and query their in-the-cloud services. We focused on malware detection, false positives and performance.
Unfortunately, unless you do an actual code audit, it's often extremely difficult to figure out where most major software products actually are developed, especially if you include third party libraries and other code that ends up getting included in final products.Kaspersky? I wouldn't use any product developed in Russia or any other shady location.
I wonder that Intego's VirusBarrier is not included in the testing results.[FYI:]
Tied for #1:
- Airo 1.0 (new this year)
- avast Security 14.2
- AVG AntiVirus 19.4
- BitDefender Antivirus for Mac 8.1
- ClamXAV 3.0
- Kaspersky Internet Security 20.0
- Norton Security 8.5
- Trend Micro Antivirus 10.0
The product was tested in June of 2019. It did not have great performance. When I go to the Intego web site, I notice there has not been a press release since 2016. Between the two, perhaps it was time to give them a break and test other products.I wonder that Intego's VirusBarrier is not included in the testing results.
I can only assume that Malwarebytes did not agree to be tested. I don't have sufficient details about the testing methodology to speculate why, but typically these tests are stacked against anti-malware software that lacks the ability to scan every file in any location.What about Malwarebytes?
We use ClamXAV in our household, and – wonder of wonders! – my partner (who is somewhat non-technical, perhaps like your Mom) actually had ClamXAV find a virus on her Mac Mini.I want whatever would be easiest for her. I have no idea how ClamXAV reacts in the event that real-time scanning actually finds something. I'm around to help her clean up any missteps, but it would be nice to help her avoid the need for cleanup in the first place.
It's certainly feasible that the malware was discovered after download and before it could be installed, by ClamXAV's Sentry real-time scanning function. But if it was discovered during a manual or scheduled scan as already installed, ClamXAV will attempt to remove all active components of the infection, even if it only reported finding one.After she got this message from ClamXAV, my partner called me in, and we gave the OK for the virus removal. I remember Googling the virus type afterwards; it was a Mac virus. I searched around the Mac Mini for any of the reported directories the virus created if activated; I didn't find any of them. I've assume that meant that ClamXAV detected it before we did something to cause it to deploy.
Most important, the information you found is like most similar instructions, an ad for some PUA application. Do not download Combo Cleaner under any circumstances. The description of the infection is probably accurate.Today an alert noted a new version of ClamXAV was available. After I allowed the update, ClamXAV scanned and detected malware. I only partially remember the name, which was something like "calculator nnnnn" where nnnnn is a series of characters (numerals?).
Before allowing ClamXAV to do anything else, I scanned with Malwarebytes 4.0. Malwarebytes did not detect anything. ClamXAV offered to move the malware to the trash. I clicked OK. It seems the malware was immediately deleted, since nothing appeared in the trash and a subsequent scan with ClamXAV found nothing.
I found this information which I assume describes the malware...
As I suspected, there was a new signature added to the ClamXAV database yesterday, but it was for "PUA.OSX.Mac-Auto-Fixer" without any numbers, so may have been different from what you found.I only partially remember the name, which was something like "calculator nnnnn" where nnnnn is a series of characters (numerals?).
Intego continues putting out updates to their software. I just checked and they had some. When I looked at their most recent rating, the total for the three criteria was 17 rather than the highest possible of 18. When I went back and looked, I see the lowest rating on any of their three criteria since June 2018 is a 4 out of 6, so either they may need to revise their scale or there is not a lot of difference among products.
So, I just installed ClamXAV from a fresh download of the installer from the site and a Quick Scan revealed the PUA.OSX.Mac-Auto-Fixer file. I deleted. I do not now have the folder or plist file you note.As I suspected, there was a new signature added to the ClamXAV database yesterday, but it was for "PUA.OSX.Mac-Auto-Fixer" without any numbers, so may have been different from what you found.
But just in case, it appears that the signature mistakenly removed the folder /Users/<UserName>/Library/Applications Support/Calculator which has a single file named FinancialRates.plist which might cause issues with the real Calculator's ability to convert foreign currency, although mine is from 2004 and clearly does not show current rates. I suspect it is probably left over from a legacy OS X.
The signature has been updated to not delete that folder, so hopefully nobody else will see that issue now.
I should have noted I installed ClamXAV and deleted the folder/file before I had seen Al's post.So, I just installed ClamXAV from a fresh download of the installer from the site and a Quick Scan revealed the PUA.OSX.Mac-Auto-Fixer file. I deleted. I do not now have the folder or plist file you note.
Is that to be taken as potentially removing more than the user would want or expect to be removed, such as removing an entire mailbox full of messages when only one individual message is infected?ClamXAV will attempt to remove all active components of the infection, even if it only reported finding one.
But if their last press release was in 2016, that would seem to indicate they are in maintenance mode, as opposed to adding new innovations to keep pace with the many ways the Mac has changed since then. I wanted to consider them, based on their reputation for UI polish, but unless things change, I just can't.Intego continues putting out updates to their software.
As an Amazon Associate I earn from qualifying purchases.