I just downloasded a trial version of SOPHOS for Mac yesterday. I'm running a real time virus scan on MacAir OSX 10.8.5. A couple of times the following has happened:
Quarantine Manager popped up, warning about a detected threat Mal/KeyGen-M. It has offered to clean it up. I didn't react quickly enough, and Quarantine Manager got cleared on its own, as if there were nothing detected at all. My "Open Preferences | Scan Local Drives | When a threat is found" == "Move threat" (/Users/Shared/Infected). I checked for Infected sub-folder under /Users/Shared. No such sub-folder. The only trace of the event I was able to find is in "/Library/Logs/Sophos Anti-Virus.log". Please see below. Was the offending keygen.exe file taken out by some other program, or by some "mothership" virus process?
I'd appriciate if somebody can comment of the "vanishing act" I'm observing.
----------From /Library/Logs/Sophos Anti-Virus.log-----------------------------------------------------
com.sophos.intercheck: 2014-01-23 13:28:18 -0800 Threat: 'Mal/KeyGen-M' detected in /private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.vbfolder_ybyuYV/keygen.exe
com.sophos.intercheck: Access to the file denied
com.sophos.intercheck:
com.sophos.intercheck: Encrypted file: /private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.vbfolder_VcqzJl/=?koi8-r?B?79TexdQgwdDSxczYIDIwMDkueGxz?=
com.sophos.intercheck: Encrypted file: /private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.vbfolder_y61uke/=?koi8-r?B?79TexdQgycDO2CAyMDA5Lnhscw==?=
This thread was automatically locked due to age.
