InformAction Forums

Thank you for reporting your findings and glad you got it resolved!

mrspooky wrote:(even if Ffox seems not happy to let me install this addons. I have had to say "go ahead. I trust them").

Oops, sorry I forgot about that
Install from this link if you want Fx to be OK with it.

mrspooky wrote:p.s.
I cannot use malwarebyte because my mac (both of them actually) are too old (2006 ... but still doing their job perfectly) and I am still running 10.6.8

OK then do a search for ClamXav 2.7.5 (that is the last free version of ClamXav - the more recent versions are commercial), and see if you can find a .dmg download with this sha256 checksum: If the checksum does not match that then DO NOT USE THAT DOWNLOAD because it's probably compromised.

Yep
I am still using the old clamxav version ( 2.7.5 (522)), the free version. Once I realized that after the standard update it wasn't free anymore, I just downloaded an older version and blocked both the automatic update and internet tracking (little snitch).
Strange enough I am still allowed to update the so-called "definitions", therefore it should be still working. I say "should" because I have never detected a single malware over the last 2 decades since I started using the mac.

BTW, do you know if I can check for "sha256" in my already-installed clamxav? I am used to download this kind of apps from the developer site, but ... I can't be totally sure of what I did more than 6 months ago
thanks

mrspooky wrote:Strange enough I am still allowed to update the so-called "definitions",

Because the underlying software/backend (ClamAV) is freeware and (I think) always will be - it's licensed under the GNU GPL. And most of the definitions files are just the ClamAV definitions (although there are some ClamXav own definitions.. I actually don't have any idea if those continued to update after ClamXav went commercial).

ClamXav is just a GUI and a "Sentry", it comes with a custom Mac OS X build of ClamAV but IIRC it is theoretically possible to run it with *any* build of ClamAV (though I've never done that). So if your installed ClamXav works fine for you, then (if you don't want to buy the commercial version) I suggest, keep that as-is and if you want upgrade, get a newer ClamAV and point ClamXav to that instead of its own ClamAV.

mrspooky wrote:BTW, do you know if I can check for "sha256" in my already-installed clamxav?

You can check sha256 of a file with openssl, like so:
open Terminal.app, enter where <file> is the actual file (you can drag it into Terminal.app to paste its full path).

The checksum I gave is only for the .dmg, so no it does not apply to your installed ClamXav, sorry.
(I don't know how to get checksum of an entire installation! Note that a .app is actually an entire folder, not a single file; and that the ClamAV is installed in the system as a package - which in this context basically means scattered about .)

ok as you said, it would have worked on the dmg only.

I'd not care to pay few euro for the app but ... actually ... I've never detected anything. So I don't even know if the app really works. Well, on the other side I hope I'll NEVER find anything in the files (mostly pdf) I handle