[RESOLVED] facebook became transparent

[barbaz]

Thank you for reporting your findings and glad you got it resolved!

(even if Ffox seems not happy to let me install this addons. I have had to say "go ahead. I trust them").

Oops, sorry I forgot about that
Install from this link if you want Fx to be OK with it.

p.s.
I cannot use malwarebyte because my mac (both of them actually) are too old (2006 ... but still doing their job perfectly) and I am still running 10.6.8

OK then do a search for ClamXav 2.7.5 (that is the last free version of ClamXav - the more recent versions are commercial), and see if you can find a .dmg download with this sha256 checksum:

Code: Select all

33c6c76cb3e6f8ec9c23b521135b320ea5300910d9e929eaa0556e2bed15cbfe

If the checksum does not match that then DO NOT USE THAT DOWNLOAD because it's probably compromised.

[mrspooky]

Yep
I am still using the old clamxav version ( 2.7.5 (522)), the free version. Once I realized that after the standard update it wasn't free anymore, I just downloaded an older version and blocked both the automatic update and internet tracking (little snitch).
Strange enough I am still allowed to update the so-called "definitions", therefore it should be still working. I say "should" because I have never detected a single malware over the last 2 decades since I started using the mac.

BTW, do you know if I can check for "sha256" in my already-installed clamxav? I am used to download this kind of apps from the developer site, but ... I can't be totally sure of what I did more than 6 months ago
thanks

[barbaz]

Strange enough I am still allowed to update the so-called "definitions",

Because the underlying software/backend (ClamAV) is freeware and (I think) always will be - it's licensed under the GNU GPL. And most of the definitions files are just the ClamAV definitions (although there are some ClamXav own definitions.. I actually don't have any idea if those continued to update after ClamXav went commercial).

ClamXav is just a GUI and a "Sentry", it comes with a custom Mac OS X build of ClamAV but IIRC it is theoretically possible to run it with *any* build of ClamAV (though I've never done that). So if your installed ClamXav works fine for you, then (if you don't want to buy the commercial version) I suggest, keep that as-is and if you want upgrade, get a newer ClamAV and point ClamXav to that instead of its own ClamAV.

BTW, do you know if I can check for "sha256" in my already-installed clamxav?

You can check sha256 of a file with openssl, like so:
open Terminal.app, enter

Code: Select all

openssl dgst -sha256 <file>

where <file> is the actual file (you can drag it into Terminal.app to paste its full path).

The checksum I gave is only for the .dmg, so no it does not apply to your installed ClamXav, sorry.
(I don't know how to get checksum of an entire installation! Note that a .app is actually an entire folder, not a single file; and that the ClamAV is installed in the system as a package - which in this context basically means scattered about .)

[mrspooky]

ok

Code: Select all

openssl dgst -sha256 /Applications/Clamxav.app
Read Error in /Applications/Clamxav.app
1777:error:0200B015:system library:fread:Is a directory:/SourceCache/OpenSSL098/OpenSSL098-35.3/src/crypto/bio/bss_file.c:202:
1777:error:20082002:BIO routines:FILE_READ:system lib:/SourceCache/OpenSSL098/OpenSSL098-35.3/src/crypto/bio/bss_file.c:203:

as you said, it would have worked on the dmg only.

I'd not care to pay few euro for the app but ... actually ... I've never detected anything. So I don't even know if the app really works. Well, on the other side I hope I'll NEVER find anything in the files (mostly pdf) I handle