Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 6 subscribers
  • Views 1140 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Simplest way to remove Mal/FakeDouf-B

bossfo
Simplest way to remove Mal/FakeDouf-B

 

11-10-2012 12:14 PM

I have 8 incidents of Mal/FakeDouf-B with different file names and all need to be cleaned up manually.

When i click on the threat to get details on how to do this it takes me to a page, http://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Mal~FakeDouf-B.aspx  where it states "Affected Operating Systems: Windows"

I am using Mac OSX 10.7.5 and wanted to know if this threat affects me? and if so, the easiest way to get rid of it?  and even where I got it, so I can try and avoid these sites.

Thanks

JB

:1010758


This thread was automatically locked due to age.
Parents
  • 0

    Mal/FakeDouf-B is a rootkit-like trojan for Windows that uses anti-detection techniques to attempt to avoid AV scanners.  On OS X, if you've got the filename, you can just delete the file, either by setting up a custom scan set to delete, or by locating the files in the Finder and throwing them in the trash.  Cleanup fails because it is expecting to be embedded into the Windows OS and cleanup involves attempts to extract it from the OS.  Since all these cleanup steps will fail on OS X, cleanup itself is failing.

    However, if this is being detected on a Windows partition, you should clean it up from within the Windows OS, as just removing the executable file won't undo all the changes it has made to the operating system.

    :1010766
Reply
  • 0

    Mal/FakeDouf-B is a rootkit-like trojan for Windows that uses anti-detection techniques to attempt to avoid AV scanners.  On OS X, if you've got the filename, you can just delete the file, either by setting up a custom scan set to delete, or by locating the files in the Finder and throwing them in the trash.  Cleanup fails because it is expecting to be embedded into the Windows OS and cleanup involves attempts to extract it from the OS.  Since all these cleanup steps will fail on OS X, cleanup itself is failing.

    However, if this is being detected on a Windows partition, you should clean it up from within the Windows OS, as just removing the executable file won't undo all the changes it has made to the operating system.

    :1010766
Children
No Data