ClamXAV has detected com.mitmproxy...Adware.OSX.Adload 4 times in the last 45 minutes. I read that this malware is difficult to remove.

Does anyone know how to solve this problem?

jaybass

Try the free version of Malwarebytes.

What browser are you using? And is it the latest version?

Also see that you are running OS 10.12.6. Given that Apple no longer issues Security Updates for that OS, that could be an issue.

In any event, I also have ClamXAV, but have never had that issue. Here are the results of a google search of "com.mitmproxy...Adware.OSX.Adload":

https://www.google.com/search?q=com...415j0j1&sourceid=chrome&ie=UTF-8

This particular link:

https://geeksadvice.com/remove-adload-malware-mac/

recommends using Malwarebytes, as Ira L already suggested.

Good luck, and let us know if things work out.

I contacted ClamXAV and they told me how to send them a diagnostic report. Also they repaired their scanning engine which took about twenty minutes.

After their initial report, I ran Antivirus Zap & virus scanner which picked up 11 malware issues. Some of them were apps I had used for years i.e. iPhoto duplicate finder and another

duplicate finder. I physically trashed all viruses and That seems to be normal. BTW, I use safari 12.1.2


Now everything is normal including my email problem...thanks to my son's efforts.

jaybass

What does that mean? I am not aware of that company repairing their scanning engine "on the fly". Do you actually mean that you were not using the latest version? I am.

The reason ClamXAV ran a diagnostics test was because the app reported the same 2 infections 4 times in about 45 minutes...very unusual.

Yes I do have the latest version...3.2

Here is the diagnostics tool.

https://www.clamxav.com/openDiagnostics3.php

Scanning on the fly is something I have not heard of either.

jaybass

Hmm, strange indeed. I just ran a complete scan on my internal SSD, and it found nothing.

I suspect when they "repaired their scanning engine" that refers to the database file that contains the virus/malware/Potentially Unwanted Program signatures used by ClamXAV to detect/identify the viruses/malware/Potentially Unwanted Programs present in the system it is protecting. Normally those are updated at regular intervals ranging from every few hours to weekly depending on the particular application and user preferences. (I use MalwareBytes Premium and have it set to check every three hours for updated signature files.) Given a new exploit appears every eleven seconds, on the average, those files are highly dynamic, and it would not be surprising that a version could easily become corrupt or damaged and have to repaired.

Thanks for the explanation, joemikeb. Whenever I launch ClmXAV, the first thing it does, of course, is to update its malware database. I then run a complete scan of my entire internal SSD. It does take some time, so I guess it's possible the updated database could already be "old", per se.

Given:

• New exploits appear "in the wild" every eleven seconds
• it can takes hours, days, or even weeks before the exploit is discovered, cataloged, and a counter strategy developed.
• It can take a good while for that information to be entered into ClamXAV (or whatever anti-malware app you use) database
  
• No PUP can be detected unless its [I]signature{/I] is known and included in the signature database file on your computer.

It is inevitable any database you download is already out of date and may not detect the latest exploits.