Previous 1 2 3 4 Next 50 Replies Latest reply: Sep 21, 2013 2:06 PM by thomas_r. Go to original post
  • WZZZ Level 6 Level 6 (12,670 points)

    I have used AppCleaner (other application uninstallers, likewise, have a weak reputation for getting everything) and found it weak at removing all related files of an application. I would have used the Avast uninstaller, if there was one, or EasyFind, set to scan all files, including invisible, entering all the possible names associated with the program, e.g., the name of the program and the developer or anything else you know of. It might be interesting to see what still turns up from Avast if you do this.

     

    http://www.devontechnologies.com/products/freeware/

  • whoopy_whale Level 1 Level 1 (0 points)

    Perhaps you are right. But AppCleaner have worked pretty well for me. And lets say that it would've removed most of the avast related files. Even if something was remaining and was running, it would've shown up in the process manager, and it didnt.

     

    You have no idea how slow and unresponsive my Mac was...I spent a good amount in getting the best config available and when this AV made it slow, I was totally ****** off.

  • WZZZ Level 6 Level 6 (12,670 points)

    it would've shown up in the process manager, and it didnt.

    Not necessariy (BTW, that is Activity Monitor.)

     

    It just might be interesting to see what it may have left behind. Could be nothing, nothing important or something like a kernel extension that would have conflicted with Sophos. I'm not trying to get you to reinstall Sophos.

  • whoopy_whale Level 1 Level 1 (0 points)

    Yep, thats Activity Monitor. I'm sorry.

     

    I was using Windows previously and had tried several AV, including avast, Kaspersky, MS Security Essentials and so on. I know that the real time scanning can bring down the performance. All the uninstall/install processes have never created a problem for me in Windows.

     

    Here I've turned off the real time scanning of Sophos and I just cant believe that some leftover code can screw up my machine so badly!

  • Anakowi Level 1 Level 1 (10 points)

    I think having some kind of AV on your Mac is insurance. Do it.

     

    While malware etc has been rare it does happen and will happen and has recently happened. No problems for me with Flashback (Trojan), but then I did read somewhere that Flashback will look for the presence of certain files (ClamXav for instance) and if detected will not install itself and then delete itself from your system. (Does make me rather curious where Flashback originated ;-)

     

    With Sophos I also found a Windows worm hidden in a zip file in Dropbox - not an issue for Mac but I could have spread this to Windows users. Indeed the file was an old archive going back 9 years, requested by a client. Beware with Sophos, depending on the type of "threat", if found, don't have your Time Machine connected for a scan - you'll be there forever. If you need to deal with the threat and it is in TM, check out this discussion: http://community.sophos.com/t5/Sophos-free-tools/Sophos-Anti-Virus-Mac-query/td- p/9749

     

    @ Thom - "Compare Sophos with ClamX" is a decent topic title, I came looking for exactly that and found it. Topics shouldn't be archived just because their start date is old! History can have relevance.

    After reading here, I can't see why I wouldn't keep both Sophos and ClamXav on my systems - of course I won't run them at the same time!

  • thomas_r. Level 7 Level 7 (29,980 points)

    Topics shouldn't be archived just because their start date is old!

     

    I never said this topic should be made unavailable.  I believe you are referring to my comments to someone who posted an "all caps" post urging people to use Sophos.  That kind of post, especially when added almost a year after the last activity, is suspicious.  Although you'd have a hard time convincing me that Sophos would use such techniques to "sell" a free product, it would easily look that way to many.

     

    After reading here, I can't see why I wouldn't keep both Sophos and ClamXav on my systems - of course I won't run them at the same time!

     

    I have recently been testing Sophos, and have had ClamXav for some time.  They seem to coexist well for the most part...  but Sophos does interfere with ClamXav finding malware that has already been identified by Sophos.  Not a very serious problem for normal people, who wouldn't care which caught the malware as long as one or the other did.  It's just a bit of an annoyance when I want to do some testing with ClamXav updates against my malware collection.

     

    BTW, I don't use any of the active scanning features of ClamXav.  It's possible that if I did, I'd find more conflicts between the two.  And, of course, also possible that I wouldn't.

  • Anakowi Level 1 Level 1 (10 points)

    @ Thomas

    Ah... sorry. Re-reading and can now see how you made that response... and then I took it a different way. Darn, it's so easy to misread the nuance of words.

    In the last 36 hours I've become completely unsure about Sophos since loading it. Yes it found the Worm that ClamXav didn't but it seems to have caused some other conflicts, needed to do permission repairs. All good now I hope.

  • Alvin777 Level 1 Level 1 (55 points)

    Hi. I heard it's not good to have more thant 1 anti-virus/malware or more than 1 firewall app? But with Macs coud you have many malware/anti-virus and firewall app (on top of Mountain Lion's firewall) for maximum protection?

     

    Thank you in advance.

     

    God bless.

  • MadMacs0 Level 5 Level 5 (4,510 points)

    Alvin777 wrote:

     

    Hi. I heard it's not good to have more thant 1 anti-virus/malware or more than 1 firewall app? But with Macs coud you have many malware/anti-virus and firewall app (on top of Mountain Lion's firewall) for maximum protection?

    For the most part, there is no problem in having multiple A-V apps installed as long as no more than one of them is operating in a "real-time" mode as they would fight over scanning newly arrived files. They would also be taking up a lot of resources (CPU & RAM) to accomplish the same thing. As long as you use them for manual scanning, one at a time, they should get along just fine.

     

    If you are on a home network behind a router using NAT there is no need to use the built-in OS X firewall or any other firewall software to protect against incoming connection attempts. Using something like Little Snitch to protect against outgoing connections may be worthwhile if you think you need that. It has proven itself to protect some users against one variant of Flashback in the Spring when nothing else did.

  • MadMacs0 Level 5 Level 5 (4,510 points)

    curly41 wrote:

     

    If someone can provide information or links which ports should have which open/close-status especially those ports mostly used by hackers for "viruses-action" I would appreciate it

    Don't know if you ever received an answer to this, but if you check with Shields Up you should find that all ports are closed to attack, probably even in stealth mode.

  • whoopy_whale Level 1 Level 1 (0 points)

    http://thenextweb.com/insider/2012/09/20/sophos-antimalware-software-detects-mal ware-deletes-critical-binaries/

     

    whoa!. Sophos detects itself as malware and removes components!

     

    Good thing that I uninstalled its product from my Mac!

  • LeBalladeer Level 1 Level 1 (0 points)

    For whoever is still looking for this answer, I have just tried both. Sophos is a lot smoother to run. All from the resource, hunger, visual appeal and easy to use interface points of view.

     

    What I did: I install ClamXav and explored settings, UI and features in general and then scanned my entire Mac. Almost right from the beginning my Mac was brought to almost a halt and at some point it was difficult to even use it. Initials it did two updates which were probably daily and main virus definition files and it took like an eternity to update.

     

    I did pretty much the same thing with Sophos and that is what broughtt the conlcuion I've typed in first paragraph.

     

    Sophos didn't fry my machine, it's setup is pretty much. Interface is dumb-proof and I must add the UI/look and feel gels well with the overall Mac appearance(thought it shouldn't be a deciding factor whe you are worried about your Mac's security. Scan is faster too. It didn't install any uodates initially. Instead it just let me download a larger .app file which I assume had all the latest updates and then I did set an üpdate check interval of an hour and whenever it connects to the Internet.

     

    One important point, when say Sophos ran smoothly it only ran smoothly when compared to ClamVax but if you compare with other daily life heavy apps like a web browser e.g. Firefox/Chrome(I don't use Safari) then Sophos is anything but smooth and it does also uses system resources heavily but a lot lesser than ClamXav and (Sophos') it's easy to use and obviously it's virus signatures will be updated a lot faster.

  • MadMacs0 Level 5 Level 5 (4,510 points)

    LeBalladeer wrote:

     

    What I did: I install ClamXav and explored settings, UI and features in general and then scanned my entire Mac. Almost right from the beginning my Mac was brought to almost a halt and at some point it was difficult to even use it.

    I would agree that it is a heavy CPU user, which is why I don't usually recommend scanning the entire hard drive very often and not when I need to be using the computer for much of anything else. Obviously an initial scan is always in order, especially if no other A-V software is in use or when you suspect something. Using Sentry to watch the home folder is much easier on resources.

    Initials it did two updates which were probably daily and main virus definition files and it took like an eternity to update.

    You are correct that it does not come with a definitions database. That way you only need to download less than 22MB for the application rather than over 95MB for the app and definitions.

     

    Unfortunately you picked the very worst time possible to download the definitions. The folks at ClamAV® reconfigured the database to fold in most of what had become a very large daily portion into the main late Thursday which meant that every user had to download a very large main update and an entirely new daily. Their network has been extremely overtaxed for the last two days. My update took 30 minutes that day.  A normal update consist of around half a dozen incremental updates of the daily and usually completes in less than a minute with one scheduled update each day.

  • powerbook1701 Level 3 Level 3 (555 points)

    Everyone is equally entitled to their opinion, and everyone has a different experience with software. I just wanted to chime into say that my experience with ClamXav is 100% positive. The interface, while basic, does what it needs to do. The support forum is top notch (as you get fellow users and even the creator of ClamXav app commenting). I'll admit, I'm still at ClamXav version 2.3.6. (one update behind the current version). The latest version makes some really good advances forward in email scanning.

    When first installed, ClamXav is in a passive mode and you must activate and set up the things you want to happen. I like it that way as there is nothing that can go wrong because you haven't read the instructions on what to do. After installing, you can at least scan files on demand. I haven't had any issues with CPU usages yet.

     

    Like I said, everyone has their opinions and experiences and I believe most to be valid. Hearing both positive and negatives can help potential users decide what to do and also helps the developer make the app better.

  • powerbook1701 Level 3 Level 3 (555 points)

    Thomas, have you thought about redoing that test you did awhile back using the latest versions of the software. I would really like to see how ClamXav holds up all this time later after all the improvements...