Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 59 replies
  • Subscribers 6 subscribers
  • Views 72473 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Help with Creating a Custom Scan to remove a Threat

hjmarxmd

I would appreciate help with a problem identified when I did a
scan using the free Sophos Anti-Virus for IMac Home Edition that
uses Mac OS X 10.5.  The scan detected Mal/EncPk-LF threat and
the action advised was to "clean up manually" by creating a
custom scan, but I cannot figure out how to do that.
Herbert Marx (hjmarxmd@pol.net)

:1001625


This thread was automatically locked due to age.
  • 0

    Steps 2 and 3 have been merged; the window automatically comes up when you click the + now.

    :1002757
  • 0

    I just downloaded this virus program from the Apple page, as I apparently got infected with a fake virus called "MacProtector"....I want to **thank you**, merril444, for taking the time to post the step by step instructions on how to delete the threats posted as "manually cleanup".  Until I checked this forum, I could not figure out how to carry this out.  And, without your instructions, I would have had to either taken my Mac to the Apple store for removal of the virus' or pay Sophos to help me out.

    With my issue, I ran the library folder for scanning, which showed no virus', but then clicked onto "Applications" and it did run the scan and remove my virus'.  They were in my "download" file.  Cheers 2 u, also!

    :1002763
  • 0

    Thank you, Merril444 .  Brilliant job on this write-up.  Worked absolutely perfectly.  As an experienced novice I appreciated your extremely detailed step-by-step.  Sophos should post this in their FAQs or help section.

    :1002769
  • 0

    ok, so I followed step by step.

    /Volumes/Time Machine/Backups.backupdb/jeff  watson’’’’s Computer/2011-01-02-004254/Macintosh HD/Users/annandwil/Downloads/Ben Folds Collection/The Unauthorized Biography of Reinhold Messner/hospital song ben folds five.mp3

    /Volumes/Time Machine/Backups.backupdb/jeff  watson’’’’s Computer/2011-01-02-004254/Macintosh HD/Users/annandwil/Downloads/Battlefield 1942 + Expansions/Patch + keygens/Keygens/Battefield 1942.exe

    At this point I did a custom scan selecting the specific backup where the threat existed (Time Machine), choosing delete in options.  It did not get rid of threat so I reran with option of cleanup/delete.  Threats still there.  So went in to manually delete and get this message: "The operation can't be completed because backup items can't be modified."

    Suggestions?

    Any help is greatly appreciated,

    Stickman

    :1002775
  • 0

    Your the best merril444  that really helped.  Thank you.

    :1002849
  • 0

    Thanks from me too! 42 threats deleted (Troj type) The best!!

    :1002851
  • 0

    Excellent set of instructions. It worked as described. Thanks for the clear and instructive help.

    :1002857
  • 0

    Hi, everyone. I have several items of malware on my Mac. I jus tdid every step that merril444 set forth. But when I clicked on Quarantine Manager, all the threats were still there. Could any of you please help me find out what went wrong? Thanks so much.

    :1002881
  • 0

    Hello again. This is prtex. When I click on the blue link file name of a threat, the details say that the operating system affected by the threat is Windows. The details don't say anything about OS X. So I'm like, what the hell? I don't have Windows on my Mac. And if it's affecting Windows, why do I keep getting delivery failure notices for e-mails I never sent? I hope someone will reply and give me some helpful information. Thank you.

    :1002945
  • 0

    Hello All,

    I'm a new user of both the iMac and SAV. I've picked up a OSX/FakeAV-DWN and OSX/FakeAVDl-A anti-malware.zip, but the Quarantine Manager doesn't tell me where they are located. Both need to be cleaned manually, but I don't know where they are.

    Any advice or help would be greatly appreciated!

    Thank you.

    :1002951