Re: MAC host Checker and Virus Applications.

Stephen_ · ‎12-21-2007

Hi All,

I am trying to expand my host checker profiles to include more virus appliations so my MAC users can login. I am not a MAC person, or have access to one, so I'm hoping someone can offer up some Virus Application Processes and Dat File paths. One of my users tracked down the parameters for ClamAV, but that's the only one I have..

Thanks...

Dat file: /usr/local/clamXav/share/clamav/daily.cvd
Process Name: ClamXavSentry

-Stephen

mk_ · ‎02-04-2008

What other AV vendor details are you looking for?

Stephen_ · ‎03-28-2008

I'm not really sure.... I'm not a MAC user myself, so I don't know who writes antivirus enginesfor them. I'm guessing all the big guys probably do... McAfee/Norton/Trend/Sophos??

Message Edited by Stephen on 03-28-2008 10:28 AM

Andy_ · ‎12-12-2008

Hi

We use Sophos and found the Process name to be 'SophosAntivirus'.

We may have other MAC clients out there using McAfee, Kapersky, AVG and Norton. Anyone know what the MAC process names for these are?

Cheers

GuyDavies_ · ‎12-15-2008

Hi,

I'm not sure what the process names would be for the ones you mention, but I thought I'd point out that neither Kaspersky nor AVG currently make AV for Mac. The other producer of Mac AV, in addition to McAfee, Norton and Sophos, is Intego. I personally use ClamXav, which is fine for my personal requirements.

Rgds,

Guy

AlbertG_ · ‎06-25-2009

What is the process name/file to check for the Intego product? We're thinking of deploying it

A

GuyDavies_ · ‎06-26-2009

Hi Albert,

I'm using Netbarrier from Intego (but not their AV app) and I see this...

ps axwwl | grep -i netbarrier

0 57 1 0 31 0 600172 168 - Ss ?? 0:00.01 /bin/sh /Library/StartupItems/NetBarrierKPI/load

0 89 57 0 31 0 87964 1800 - S ?? 6:49.25 /Library/StartupItems/NetBarrierKPI/NetBarrier Daemon X5.app/Contents/MacOS/NetBarrier Daemon X5

502 14803 134 0 46 0 419412 3672 - S ?? 19:03.23 /Applications/NetBarrier Monitor.app/Contents/MacOS/NetBarrier Monitor -psn_0_6948512

Rgds,

Guy

dstoll_ · ‎06-26-2009

I run Symantec AV on my mac. Here is the process list:

aragorn:~ dstoll$ ps auxww | grep -i symantec
dstoll 35303 0.2 0.0 590472 104 s000 R+ 9:50AM 0:00.00 grep -i symantec
dstoll 437 0.0 0.2 432920 6616 ?? S Mon08PM 0:12.28 /Library/Application Support/Symantec/SymUIAgent/SymUIAgent.app/Contents/MacOS/SymUIAgent
root 81 0.0 0.0 78292 1096 ?? Ss Mon07PM 0:00.15 /Library/Application Support/Symantec/AntiVirus/DiskMountNotify.app/Contents/MacOS/DiskMountNotify
root 79 0.0 1.8 157492 76852 ?? Ss Mon07PM 8:16.10 /Library/Application Support/Symantec/AntiVirus/NortonAutoProtect.bundle/Contents/MacOS/NortonAutoProtect
root 78 0.0 0.0 89444 1732 ?? Ss Mon07PM 0:00.56 /Library/Application Support/Symantec/Daemon/SymDaemon.bundle/Contents/MacOS/SymDaemon
root 77 0.0 0.0 601180 396 ?? Ss Mon07PM 0:00.01 /Library/Application Support/Symantec/Scheduler/SymSecondaryLaunch.app/Contents/SymSchedulerDaemon
aragorn:~ dstoll$

PG_ · ‎06-29-2009

Here's the list that I've put together for our Mac users:

Norton: process required: NortonAutoProtect

McAfee: process required: VShieldCheck

Sophos: process required: SophosAntivirus

ClamXav: process required: ClamXavSentry

VirusBarrier X5 process required: VirusBarrierScan

rswinter_ · ‎06-18-2010

Does anyone know the "dat" file neanes for any of these? We also check to make sure the date file is up2date. For clamAv, we look at this file... /usr/local/clamXav/share/clamav/daily.cvd Thanks. -S