An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
malware
#58366 03/16/21 02:59 PM
Joined: Aug 2009
Likes: 2
jaybass Offline OP
OP Offline

Joined: Aug 2009
Likes: 2
ClamXAV has detected com.mitmproxy...Adware.OSX.Adload 4 times in the last 45 minutes. I read that this malware is difficult to remove.

Does anyone know how to solve this problem?

jaybass


OS 13.6.4 iMac (Retina 5K, 27", 2017, 3.4 GHz Intel Core i5, 24 GB RAM, 2400 MHz DDR4. SuperDuper. 1 TB Lacie HD
Re: malware
jaybass #58369 03/16/21 06:00 PM
Joined: Aug 2009
Likes: 8
Online

Joined: Aug 2009
Likes: 8
Try the free version of Malwarebytes.


On a Mac since 1984.
Currently: 24" M1 iMac, M2 Pro Mac mini with 27" BenQ monitor, M2 Macbook Air, MacOS 14.x; iPhones, iPods (yes, still) and iPads.
Re: malware
jaybass #58371 03/16/21 06:41 PM
Offline

Joined: Oct 2020
Originally Posted by jaybass
ClamXAV has detected com.mitmproxy...Adware.OSX.Adload 4 times in the last 45 minutes. I read that this malware is difficult to remove.

Does anyone know how to solve this problem?

jaybass

What browser are you using? And is it the latest version?

Also see that you are running OS 10.12.6. Given that Apple no longer issues Security Updates for that OS, that could be an issue.

In any event, I also have ClamXAV, but have never had that issue. Here are the results of a google search of "com.mitmproxy...Adware.OSX.Adload":

https://www.google.com/search?q=com...415j0j1&sourceid=chrome&ie=UTF-8

This particular link:

https://geeksadvice.com/remove-adload-malware-mac/

recommends using Malwarebytes, as Ira L already suggested.

Good luck, and let us know if things work out.

Last edited by MartyByrde; 03/16/21 06:45 PM.
Re: malware
MartyByrde #58375 03/16/21 07:56 PM
Joined: Aug 2009
Likes: 2
jaybass Offline OP
OP Offline

Joined: Aug 2009
Likes: 2
I contacted ClamXAV and they told me how to send them a diagnostic report. Also they repaired their scanning engine which took about twenty minutes.

After their initial report, I ran Antivirus Zap & virus scanner which picked up 11 malware issues. Some of them were apps I had used for years i.e. iPhoto duplicate finder and another

duplicate finder. I physically trashed all viruses and That seems to be normal. BTW, I use safari 12.1.2


Now everything is normal including my email problem...thanks to my son's efforts.

jaybass


OS 13.6.4 iMac (Retina 5K, 27", 2017, 3.4 GHz Intel Core i5, 24 GB RAM, 2400 MHz DDR4. SuperDuper. 1 TB Lacie HD
Re: malware
jaybass #58379 03/17/21 12:24 AM
Offline

Joined: Oct 2020
Originally Posted by jaybass
I contacted ClamXAV and they told me how to send them a diagnostic report. Also they repaired their scanning engine which took about twenty minutes.

What does that mean? I am not aware of that company repairing their scanning engine "on the fly". Do you actually mean that you were not using the latest version? I am.

Re: malware
MartyByrde #58381 03/17/21 01:44 AM
Joined: Aug 2009
Likes: 2
jaybass Offline OP
OP Offline

Joined: Aug 2009
Likes: 2
The reason ClamXAV ran a diagnostics test was because the app reported the same 2 infections 4 times in about 45 minutes...very unusual.

Yes I do have the latest version...3.2

Here is the diagnostics tool.

https://www.clamxav.com/openDiagnostics3.php

Scanning on the fly is something I have not heard of either.

jaybass


OS 13.6.4 iMac (Retina 5K, 27", 2017, 3.4 GHz Intel Core i5, 24 GB RAM, 2400 MHz DDR4. SuperDuper. 1 TB Lacie HD
Re: malware
jaybass #58384 03/17/21 02:53 AM
Offline

Joined: Oct 2020
Originally Posted by jaybass
The reason ClamXAV ran a diagnostics test was because the app reported the same 2 infections 4 times in about 45 minutes...very unusual.

Yes I do have the latest version...3.2

Here is the diagnostics tool.

https://www.clamxav.com/openDiagnostics3.php

Scanning on the fly is something I have not heard of either.

jaybass

Hmm, strange indeed. I just ran a complete scan on my internal SSD, and it found nothing.

Re: malware
jaybass #58389 03/17/21 10:50 PM
Joined: Aug 2009
Likes: 16
Moderator
Online
Moderator

Joined: Aug 2009
Likes: 16
I suspect when they "repaired their scanning engine" that refers to the database file that contains the virus/malware/Potentially Unwanted Program signatures used by ClamXAV to detect/identify the viruses/malware/Potentially Unwanted Programs present in the system it is protecting. Normally those are updated at regular intervals ranging from every few hours to weekly depending on the particular application and user preferences. (I use MalwareBytes Premium and have it set to check every three hours for updated signature files.) Given a new exploit appears every eleven seconds, on the average, those files are highly dynamic, and it would not be surprising that a version could easily become corrupt or damaged and have to repaired.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: malware
joemikeb #58392 03/18/21 04:10 AM
Offline

Joined: Oct 2020
Originally Posted by joemikeb
I suspect when they "repaired their scanning engine" that refers to the database file that contains the virus/malware/Potentially Unwanted Program signatures used by ClamXAV to detect/identify the viruses/malware/Potentially Unwanted Programs present in the system it is protecting. Normally those are updated at regular intervals ranging from every few hours to weekly depending on the particular application and user preferences. (I use MalwareBytes Premium and have it set to check every three hours for updated signature files.) Given a new exploit appears every eleven seconds, on the average, those files are highly dynamic, and it would not be surprising that a version could easily become corrupt or damaged and have to repaired.

Thanks for the explanation, joemikeb. Whenever I launch ClmXAV, the first thing it does, of course, is to update its malware database. I then run a complete scan of my entire internal SSD. It does take some time, so I guess it's possible the updated database could already be "old", per se.

Re: malware
MartyByrde #58394 03/18/21 03:06 PM
Joined: Aug 2009
Likes: 16
Moderator
Online
Moderator

Joined: Aug 2009
Likes: 16
Originally Posted by MartyByrde
Thanks for the explanation, joemikeb. Whenever I launch ClmXAV, the first thing it does, of course, is to update its malware database. I then run a complete scan of my entire internal SSD. It does take some time, so I guess it's possible the updated database could already be "old", per se.
Given:
  • New exploits appear "in the wild" every eleven seconds
  • it can takes hours, days, or even weeks before the exploit is discovered, cataloged, and a counter strategy developed.
  • It can take a good while for that information to be entered into ClamXAV (or whatever anti-malware app you use) database
  • No PUP can be detected unless its [I]signature{/I] is known and included in the signature database file on your computer.

It is inevitable any database you download is already out of date and may not detect the latest exploits.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein

Moderated by  alternaut, dianne, MacManiac 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.044s Queries: 34 (0.037s) Memory: 0.6209 MB (Peak: 0.7090 MB) Data Comp: Zlib Server Time: 2024-03-28 17:30:54 UTC
Valid HTML 5 and Valid CSS