Earlier this evening, Sophos updated itself on my Mac (10.8.4 but now 10.8.5). When it reloaded, the on access scanning didn't come back so I took the opportunity to reboot and install 10.8.5.
When the computer came back up, a short while later I noticed Sophos popup with a virus in quarantine - it dissapeared quicker than I could read but on consulting the logs I saw this:
com.sophos.intercheck: 2013-09-19 23:36:16 +0100 Threat: 'Troj/Zbot-GEW' detected in /private/var/log/system.log
com.sophos.intercheck: Access to the file denied
I manually ran a scan against the system.log file and it came back clean - how can Sophos detect what looks to be a windows virus, in the OSX system.log file?
As a precaution, I am running a full scan - during the running of this, Sophos again put something in quarantine and then removed it almost immediately, checking the logs again I see this:
com.sophos.intercheck: 2013-09-20 02:13:07 +0100 Threat: 'Troj/Zbot-GEW' detected in /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/hu.lproj/InfoPlist.strings
com.sophos.intercheck: Access to the file denied
Running sweep again this file, it came back clean?
Is this something I should be concerned about? Help!
Thanks,
Grant
This thread was automatically locked due to age.
