Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 6 subscribers
  • Views 7534 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Quarantine manager appears to hang clearing threats

jallday

I have 8.0.16c on my macbook pro.

It claims to have found OSX/NetWrdRc-A and put it into quarantine manager.

However, no filename or path is specified.

When I "clear up" the software appears to hang - it never stops clearing.

If I clear the threat from the list, then it comes back again after a few moments.

Any thoughts/advice?

Jonathan

:1013170


This thread was automatically locked due to age.
  • 0

    It could be hanging because the malware is running.

    Are you happy using Terminal?  Fancy creating a (temp) new user that has 'Allow user to administer this computer' checked and log in as that?

    If so you can read what files OSX~NetWrdRC-A uses on the detailed-analysis page and - using the new login that's free from running malware - delete the files mentioned manually.

    You could use Activity Monitor to kill processes the malware is currently running and work from your current user account (but only if you're confident).

    :1013224
  • 0

    Something that may be simpler...

    1. One create a new user and make it an admin.
    2. Log off the current user.
    3. Log on with the new user.
    4. Scan the computer with SAV again and use the quarantine manager to clean it up.

    That should have been my first recommendation but the geek in me just loves the DIY approach. :smileyhappy:

    If this idea doesn't work try the manual delete using Terminal in my first post.

    :1013226
  • 0

    I tried your second solution: adding a new admin and clearing the malware.

    However, it didn't do the trick. The "Cleaning in progress" continues to hang and never gets rid of the threats.

    What's next?

    :1013264
  • 0
    Diz previously wrote:

    If this idea doesn't work try the manual delete using Terminal in my first post.

    You should also look in Activity Monitor and using the SophosLabs detailed threat analysis page (linked previously) see if you can kill the processes causing the problem.

    :1013270