What is the process "YaraScanService" and why does it hog all my RAM?
What does it do? And can I safely get rid of it?
I'm running High Sierra 10.13.6 on a Mac Pro (mid-2010) with 17GB Ram.
Mac Pro, macOS High Sierra (10.13.2), 2.8 GHz Quad-Core Intel Xeon
Sophos is essentially turned off and has been for a long time. I only use it for manual scans. I did a scan of the Sys Library last night and it found nothing. The disk I was using I erased but IIRC the creation date of July 7th seems to be what I remember.
Hi,
Yep, the only problem (and not the lesser) is that I have the same macOS version than Sweejak, the same Sophos, and NO YaraScanServices.xpc in my MRT.app. We are two in this thread who have NO YaraScanServices, one with Sophos and the other (as I believe understood) with no antivirus....
I would well advise me too to uninstall Sophos (or any antivirus) as we could consider macOS safe enough IF only I had the lesser clue about how this supposed "Malware Remove Tool" from Apple is supposed to WARN us about said malwares that it is (supposed to) discover...
Mojave beta's MRT.app seems to cause serious problem, it too, seen all what I read on the Internet...
Frankly, all these successive layers of clumpy and clingy processes added by Apple the ones above the others supposedly to "improve our security" begin to @#$$ me off just a tad...
Regards.
quote: "Anti-malware tools are complex and pragmatically very difficult to differentiate from malware in the ways that the tools hook into the host operating system."
Yep, mostly because they are considered themselves as "malwares" by the scans of their competitors.... 😁
I totally agree with you about the fact that antiviruses cause much more problems than they resolve (I mean more precisely than they resolve BEFORE all your Mac has been previously entirely plagued...)
quote: "This yaraservice thing is part of the system"
NOT mine: 10.13.6 (17G65)
NOT the one of Barney-15E
We are waiting for others to report.
quote "Having it [...] does NOT mean it hogs the cpu."
Obviously it hogs the CPU of many people around here...
https://www.reddup.co/r/MacOS/comments/8uo0qu/is_yarascanservice_eating_up_anyon e_elses_ramcpu
Probably you have a machine with 64GB of RAM and a system perfectly clean, therefore the interactions between this new "part of the system" and ALL other possible processes that the 99% of The People usually have on their Mac since decades may have escaped to your attention.
And, to answer in advance to the inevitable next advice that will sooner or later come here from one or another, NO we don't want to make any "clean install" by erasing everything on our Macs at each and every OS update. NEVER. We like to keep our personal thingies exactly where they are, and we are relying on Apple for removing, ITSELF, when it updates its OS, its own ill pigs from our stables.
LOL, well, that's pretty much how I feel about it, Almojgar although I am downloading a fresh install of Sierra to another drive and presumably I'll use Migration Assistant to get my work back up to speed. But how do I keep Yaro out? I have paying work to do and this sort of stuff seriously interferes. I suppose it wouldn't be so bad if I was a more advanced user. Generally, when something intractable shows up I just switch to a clone but both of them have the yaro virus Yes, I'll call it a virus.
BTW I removed Sophos I'll update on that when I reboot after the hours-long DL of Sierra.
Yup, but I'm still running the late and great Aperture and dread the Photos app.
We still don't know if this Yara thing is an actual Mac OS part or something else.
I suppose I could go to my oldest clone running 10.13.5 but there will be a lot of things that will have to be migrated.
Yep, the less one can tell, is that one doesn't simplify us work, nowadays... 😕
I use the magnificent Aperture, me too (the no more "supported" Aperture) (sigh...) (they really want our pelt, eh?)
That's why we haven't been plagued ALSO by Photo' ugly processes (contrary to a vast majority of users here and there...)
"except" that nasty thingy on your system, the last stable version of macOS 10.13.6 (17G65) seems to me decently stable... seen from here, at least...
quote: "glossy screens" We really should create a club 😁
Yep, I suspected a tad that it will be still there (it is in next OS Mojave, definitely...). Yet another little companion for 'photoanalysisd'... 200% of RAM (each) 😕
Is the ugly thing still using tons of resources (in this state of your install) or has-it been a tad tamed?
As I was reading your post yarascan quit itself and it's not even visible on Activity Monitor. Well, what to say? If it just goes away I'd call that a "feature", but slowing your computer down to where one can hardly type is a bug.
If that thing does really the job which it is supposed to do (scan your disk for malwares) such peak of activity "could" be normal, especially if your disk is large.
As long as it doesn't block totally your system during this (cough) "background task", of course.
Anyway, all what we ask it for the moment — in its state of development — is to stop to monopolise all the resources "forever" (at least much longer than this, as described in the numerous complaints here and there).
Seems to me that, even if it is not yet a news to write home about, at least it's rather encouraging... I mean: at least now macOS knows how to stop it...
Almojgar, doesn't Spotlight work innocuously in the background? I was watching what yara was doing after the restart and it seemed to be paying particular attention to my downloads folder where I had a fair amount of zip files and backups from my Wordpress blog. It looked like it was doing what the optimists were suggesting it was doing. Anyway, I think I'm done with this issue and can get back to work. See you next time, you know there will be one!
etresoft wrote:
Being a beta, it should be "reported" anywhere outside of any dedicated forums like the Developer forums.
Correction. Being a beta, it shouldn't be reported anywhere outside of authorized, Apple provided channels.
I can assure you that if I did encounter anything like that in my Developer beta of Mojave, I would file a bug report. I can't say anything more than that because this forum is not one of those authorized channels.
For now, my best guess is that it is an A/B test. Judging by what people report, it sounds like it fails that test. If you do have this software installed in your copy of Mojave, I suggest you erase the hard drive and reinstall.
Thanks for confirming that this is part of the apparently optional Apple installation of the 10.13.6 update. I can't complain about the scans on my computer. From what I can see it ran for a while, reached the preset limit of 90 seconds CPU and then stopped. I don't know how much RAM it used, but I was not doing much on the computer at the time.
Yara scan service is in my XPC Services folder
It runs at startup on my MacBook pro even after emptying download folder.
It only runs for a few seconds
It does not cause any problems with CPU or RAM
It was installed automatically when I recently updated Mavericks to 10.13.6
I do not have any antivirus software installed.
Hope this helps
What is "YaraScanService" and why does it hog all my RAM?
