Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 6 subscribers
  • Views 9989 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

sophos finding windows malware on mac

Marinko70

having eventually found some older hits around the similar topic wihch confirmed some things that happened to my mac here's a summary and some asks

sophos will find windows malware - typically in downloads folder. they can not infect your mac.

it seems that under normal circumstances sophos will delete them automatically and you don't even know it which is the the most appropriate action.

I had difficulties yesterday where sophos reported a trojan. I believed it was a real threat to my Mac - there's no way of me knowing that it was a windows trojan.

I used the 'clean-up' function in quaratine manager and sophos just went into a loop, my whole system became intermittantly unresponsive and other odd things - for those that had used windoes in the past this is a sure sign of a virus.

Having performed various actions - switching on hidden files as sophos was reporting that the trojan was in '.trashes' I deleted all such files that I don't need, I went to timemachine and deleted all files in downloads for all back-ups (as sophos was also pointing to that path.

After a number of reboots and sophos still reporting the problem and going into a loop every time I tried to use clean-up.

From my post on apple support community I was advised it was windows malware and that sophos was the likely culprit from slugging my mac. this came quickly which I'm glad of as I was about to erase my disk and rebuild the system.

I removed sophos from my mac and all OK.

I re-installed sophos and it could not find any malware.

it would help greatly if sophos could simply report that it's found windows malware.

one of the possible reasons for the loop is that my timemchine backup is on wireless storage. as sophos was also reporting malware in my backups, it may have been struggling to find the infected file. however this does not warrant sophos slugging my mac to the point of real concern that I was indeed infected by real malware. I am happy that sophos provides some protection but at the same time I don't want to lose 2-3 hours trying to address an issue that doesn't actually exist.  

:1012436


This thread was automatically locked due to age.
Parents
  • 0

    Hi marinko70,

    Thanks for the feedback. Re: your suggestion about identifying potentially malicious threats by platform, its more difficult than you might imagine because our SophosLabs team (those guys who research and respond 24x7 to threats) don't classify by platform. And given that many people use Windows VMs via Fusion or Parallels with shared drives, knowing about WIndows threats can be useful.

    I suggest given the version 9 preview a whirl, we've made some improvements in system performance when using a wireless Time Capsule type system.

    :1012442
Reply
  • 0

    Hi marinko70,

    Thanks for the feedback. Re: your suggestion about identifying potentially malicious threats by platform, its more difficult than you might imagine because our SophosLabs team (those guys who research and respond 24x7 to threats) don't classify by platform. And given that many people use Windows VMs via Fusion or Parallels with shared drives, knowing about WIndows threats can be useful.

    I suggest given the version 9 preview a whirl, we've made some improvements in system performance when using a wireless Time Capsule type system.

    :1012442
Children
No Data