Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 6 subscribers
  • Views 16323 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

threats on my imac

Darlene
Hello,
 
I have received two threats on my imac, and when I called Apple they said that I need to be careful because the Sophos Anti-Virus could read Apples software as foreign to Sophos and that it could delete some important files and it could crash my computer is this true??
 
They also say that Apple has it's own built in virus protection; however, if that is true...why didn't it catch these threats??  I am very frustrated and don't know which way to go here and I do hope that you will be able to help me!!??
 
This what I received from a drop down box:
On Sept. 5th ....Threat.....Mal/EncPk-MP------Filecase..5740759.zip--------------------------------------------Action clean up
On Sept. 6th.....Threat.....TrojAgent-ADLD---Filecase ..Secure Message.zip---------------------------------Action clean up
 
Thank you,
Darlene
:1013266


This thread was automatically locked due to age.
  • 0

    1. Doubtful Sophos Antivirus would wreck your Mac.  Something would have to go seriously wrong with the program.  If you get hit with some nasty malware designed for a Mac then the wrecking starts.
    2. Built-in AV?  Not really what many would call AV.  Think they are referring to this:
    http://www.macworld.com/article/1142457/snowleopard_malware.html
    3. Mal/EncPk-MP and TrojAgent-ADLD are both detections for Windows malware - hence these files cannot harm (or even run) on you Mac running OS X.

    Delete the files as they are malicious, however you'd need to run them on a Windows operating system to cause a problem.

    To delete them either clean up the files from the quarantine manager or locate the files and delete manually (then clear the files from the quarantine manager so they are not longer listed).

    :1013274
  • 0

    Hello again,

    1-How would I know the difference if I got hit with a nasty malware for Mac??

    2-No they are not talking about Sophos AV, they did say that I  don't need an AV because Apple doesn't get virus' so are these virus' that I am talking about only for windows? I did look at the link that you provided and I do see that it is important to have the  Sophos Antvirus because Apple mac's can get a virus..so if I delete these two threats will I have a problem, will it delete any Apple files or software!!??  It says that if I delete the threat I could lose Apple files!!?? I will be waiting for your answer.

    I do appreciate your help!!

    Please let me know via email when you answer this email.

    Thank you,

    Darlene

    :1013276
  • 0

    Answer for Q1:

    Malware targeted at Macs is detected by Sophos Antivirus as 'OSX/...'.

    Therefore if SAV detected OSX/NetWrdRC-A you could search for the detection name Sophos gave it and you'd find the Threat Analysis page for the detection where you can read more.  For example OSX/NetWrdRC-A can...

    • Allow others to access the computer
    • Steal information
    • Drop more malware
    • Download code from the internet
    • Reduce system security
    • Monitor browser activity
    • Open links to websites
    • Monitor System Activity
    • Enable remote access

    ...hence (a) it is for Mac and (b) that description makes it sound nasty.

    Answer for Q2:

    "Does a Mac need antivirus software?" is an often debated question. 'Virus' is a particular type of Windows-only computer threat - so it's best not to use that word.  However Macs can get infected with other kinds of malware. 

    People (including computer experts) use the word 'virus' and 'mac' in the same sentence because most people have heard of the term 'computer virus', but don't know about 'Trojans', 'Spyware', 'Backdoors', 'Worms', 'Phishing scam', 'Spear phishing scam', 'Adware', 'Scareware', 'Ransomware', 'Rookit', 'Dialers', 'Keyloggers', etc. - to the newbie they are all one and the same thing...bad.  Therefore it's best to say 'malware'.

    Apple Macs can and do get infected with Mac malware - simple.  You need antivirus software for peace of mind.  The person at Apple is going to lean towards the 'you're safe' end of the argument.  The later versions of Mac OS X have been designed so you can't immediately click on a file that was downloaded without a prompt and Apple thinks this will stop malware.  First: if Macs don't get infected then why has Apple gone to the bother of putting this functionality in?  Surely you should be able to click on anything you like and not be hurt? And second: Even though Mac OS X prompts you to confirm you are sure, if you click on the link (maybe by mistake) the program runs - you allowed it.  All the blame is on you.  Sophos Antivirus for Mac doesn't prompt you.  It just sits in the background and lets you do your thing and if you ever click on a malicious file it jumps to stop it before you have let go of the mouse button.

    To delete or not:

    Where exactly are the files?  Do you have a full path?

    I can't email you this post - your subscription settings allow you to be emailed when a reply is posted.

    :1013280
  • 0

    Hi Diz,

    I really do thank you for taking the time to explain things to me..

    You asked me where exactly are the files and do I have full path, and I don't know what files they are talking about.  Can you help me with this?

    When I tried to clean the threat, I received a pop up that said:

    Cleanup may delete files that are identified as threat components and listed under threat details.

    Note: I don't know what files are involved and I don't know how to clean them

    also if I just let it sit there is the threat still doing damage in my computer?

    If I just delete them anyway will I be o.k since I am not on a windows computer?

     
    Why do I get the threat warnings when they are only a problem on windows?  Do I have the threats/virus actually in my computer even tho it's for windows?
    :1013294
  • 0
    The files are only going to be a problem for Windows computers so if you do nothing then you're not going to have a problem with them.

    However I'd recommend you cleanup the files anyway as you may (possibly) transfer them to a Windows computer at some point.

    Just cleanup the files and don't worry too much. Post back any problems with cleanup - if there are any.

    Good luck.
    :1013296
  • 0

    O.k, then I can just go to Quarantine and do it there and it will not harm any of the files, right?

    :1013298
  • 0

    Done!!!!!

    You sure do work long hours!! 

    I have had Sophos Anti-virus for  3 years and never had a problem like this.  Thank you, very much for all of your help!

    Darlene

    :1013302
  • 0

    :smileywink: Don't forget to kudos the posts above that were helpful...

    <--

    :1013308