Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 26 replies
  • Subscribers 6 subscribers
  • Views 37977 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is a Trojan stopping Sophos running full scan?

mambaman

Hi guys

I recently was presented with a whole bunch of Trojans that had been sent to my Google Mail account in iMail. Apple had quarantines some of them to the Spam folder though not all but Sophos identified all of the Trojans and I clicked 'clean up. The issue kept appearing however and I am not sure whether this is because the Trojan is self-replicating or because there were a lot of them

I decided to run a full scan but something keeps holding that up: checking my log there are several messages of this type:

  • com.sophos.intercheck: Issue: Could not scan /private/tmp/68f01de2.$$$
    com.sophos.intercheck: An unexpected error occurred

    And similar. This seems to be what is stopping the scan

    Can anyone advise

I am wondering whether it is linked to the Torjans themselves all of which appear to be of this type:

  • com.sophos.intercheck: 2012-01-03 14:30:58 +0000 Threat: 'Troj/JSRedir-EK' detected in /Users/benamponsah68/Library/Mail/V2/Mailboxes/Junk (Gmail).mbox/C49321ED-C846-415A-BC11-115D7CA05705/Data/1/3/1/Attachments/131557/2/kizjfxyvpun.html

Any help appreciated as I am stumped

com.sophos.intercheck: Access to the file denied

:1004921


This thread was automatically locked due to age.
  • 0

    Well my browser is Safari and presented all as one line

    I have copied and pasted and same result....file could not be found :mansad:

    :1005027
  • 0

    OK: try

    /Users/benamponsah68/Library/Mail/

    and then navigate from there.

    :1005029
  • 0

    Finally!!

    That worked Andrew so hopefully thats it

    Are there likely to be recurrences of this Trojan? Or will that be it now I have deleted it from the back up?

    :1005031
  • 0

    Well, this one is commonly spammed out as an email attachment, so you may end up with it again in the future.

    However, now that you know what to do to remove it from Mail.app and GMail, it shouldn't find its way into your backups.

    Usually Google will catch these before you even see anything, and it won't be downloaded to your Mac.

    :1005033
  • 0

    Thanks very much for your patience and forbearance with thsi Andrew-really have taken Sophos Customer Service to new levels :-)

    :1005035
  • 0

    Hi Andrew

    Annoyingly there were 3 more this morning: same type of Trojan, 2 different e-mails

    2 were spotted by Google and quarantined to its Spam section, 1 I had to put there: All 3 triggered Sophos's alerts. 2 were cleaned up automatically and 1 I had to do

    My question is: I am getting 10-15 spam mails into Google per day-will this sort of thing just continue to happen and why arent Google sorting their sh*t out? I mean this was precisely the reason that I switched from Hotmail to Google in the 1st place grrr

    I dont get any spam to my me.com account. Go figure...

    :1005039
Cookie Information Banner