Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 6 subscribers
  • Views 2004 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can't remove Windows threat found on my Mac

izzyeckerslike

I ran Sophos for the first time a short while ago and the scan found one threat I have to remove manually  :  Mal/Zbot-I

But it's a Window (exe) file. and I have a Mac running Snow Leopard.  How can I get rid of a Windows file on a Mac?

All suggestions greatfully accepted.

:1009564


This thread was automatically locked due to age.
Parents
  • 0
    gbtbag wrote:

    Hi, Christian.  Thanx for getting back to me.

    I tried highlighting the virus in QM then pressing delete and nothing happened.

    I see the path below in the threat details window.  It appears that the threat is on my backup drive.  Would a threat on my backup drive affect the performance of the computer's actual drive?  My Mac has been running slow for the past several days, which is why I downloaded and ran Sophos.

    Thank you.

    Try this:

    1. If the file path contains “/Backups.backupdb/”,

                                                                   i.      make note of the complete file path.  Eg: /Volumes/<Time Machine Volume Name>/Backups.backupdb/<Computer Name>/YYYY-MM-DD-NNNNNN/<User Name>/Library/Caches/Java/cache/6.0/8/123456-123456

                                                                 ii.      temporarily disable on-access scanning from the Sophos Preferences window,

                                                                iii.      In the finder, navigate as close to this location as you can, starting from the <User Name> portion.  When the next level down no longer exists (or when you’’’’ve found the file indicated), select “Enter Time Machine” from the Time Machine menu item (a clock face with an arrow around the outside).

                                                               iv.      Navigate to the date and time indicated by YYYY-MM-DD in the file path, and then follow the path to the detected file within Time Machine.

                                                                 v.      Control or right-click the file, and select “Delete All Backups of <detected filename>”.

                                                               vi.      Click OK

    Re-enable on-access scanning from the Sophos Preferences.

    A threat on your backup drive wouldn't affect performance however, and neither would a Windows threat.

    To check performance, you ahve two useful apps: first is Activity Monitor, and the second is Console.  The first will show you if some process is using large amounts of processing time or memory; the second will let you check the log files for your computer to see if the OS is warning you about something that's gone wrong.  The system log in Console has a LOT of information, but may be the best place to check.

    :1009588
Reply
  • 0
    gbtbag wrote:

    Hi, Christian.  Thanx for getting back to me.

    I tried highlighting the virus in QM then pressing delete and nothing happened.

    I see the path below in the threat details window.  It appears that the threat is on my backup drive.  Would a threat on my backup drive affect the performance of the computer's actual drive?  My Mac has been running slow for the past several days, which is why I downloaded and ran Sophos.

    Thank you.

    Try this:

    1. If the file path contains “/Backups.backupdb/”,

                                                                   i.      make note of the complete file path.  Eg: /Volumes/<Time Machine Volume Name>/Backups.backupdb/<Computer Name>/YYYY-MM-DD-NNNNNN/<User Name>/Library/Caches/Java/cache/6.0/8/123456-123456

                                                                 ii.      temporarily disable on-access scanning from the Sophos Preferences window,

                                                                iii.      In the finder, navigate as close to this location as you can, starting from the <User Name> portion.  When the next level down no longer exists (or when you’’’’ve found the file indicated), select “Enter Time Machine” from the Time Machine menu item (a clock face with an arrow around the outside).

                                                               iv.      Navigate to the date and time indicated by YYYY-MM-DD in the file path, and then follow the path to the detected file within Time Machine.

                                                                 v.      Control or right-click the file, and select “Delete All Backups of <detected filename>”.

                                                               vi.      Click OK

    Re-enable on-access scanning from the Sophos Preferences.

    A threat on your backup drive wouldn't affect performance however, and neither would a Windows threat.

    To check performance, you ahve two useful apps: first is Activity Monitor, and the second is Console.  The first will show you if some process is using large amounts of processing time or memory; the second will let you check the log files for your computer to see if the OS is warning you about something that's gone wrong.  The system log in Console has a LOT of information, but may be the best place to check.

    :1009588
Children
No Data