Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 6 subscribers
  • Views 3468 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Help - please

golddigger

Im new to Sophos and would  appreciate a little help. I installed  the Free Edition  the other day and did a full scan of my Mac.

One threat was found ie a Mal ware threat. It looks like its been there a while and always shows up on my Bipra  portable back-up drive.

Here  is an example of some of the failed clean ups

Failed to clean up file
2014-04-30 06:40:16 +0100 Threat component: 'Mal/Phish-A' in /Volumes/BIPRA 250GB/Backups.backupdb/bill wilson’’’’s iMac/2013-04-08-003405/Macintosh HD/Users/billwilson/Library/Containers/com.apple.iPhoto/Data/Library/Mail/V2/IMAP-bill.wlsn1@imap.gmail.com/[Gmail].mbox/Spam.mbox/352B04A4-CAAB-414C-93F3-E62ACD0EDE81/Data/0/6/1/Attachments/160853/2/acc_protect.html

Ther are quite a lot of these faiuled clean ups.

How do I search for all the failed  files and get rid of them thats indeed if I have to.

Any help appreciated

:1017127


This thread was automatically locked due to age.
Parents
  • 0

    Failed to clean up file
    2014-04-30 06:40:16 +0100 Threat component: 'Mal/Phish-A' in /Volumes/BIPRA 250GB/Backups.backupdb/bill wilson’’’’s iMac/2013-04-08-003405/Macintosh HD/Users/billwilson/Library/Containers/com.apple.iPhoto/Data/Library/Mail/V2/IMAP-bill.wlsn1@imap.gmail.com/[Gmail].mbox/Spam.mbox/352B04A4-CAAB-414C-93F3-E62ACD0EDE81/Data/0/6/1/Attachments/160853/2/acc_protect.html

    Thanks for the log extract.  It shows the item that has been detected is not only in a backup, but inside there it is an attachment to a spam email.

    SAV for Mac can detect items in backup (because it has 'read' access), but cannot then go and clean them up because it is not enable to get full access (e.g., 'write' access).  Therefore it's a common problem that having say clicked 'Scan This Mac' all local drives are scanned (included the backup drive) and ending up with a lot of 'buried' items that cannot be removed.

    The best approach is not to scan the backups - exlcude them from future scans - and clear from the list any current items shown in the Quarantine Manager.  A html file ('acc_protect.html'), attached to an email, inside a backup isn't going to harm anything.

    Watch the scanning video on YouTube about excluding drives - not only will you avoid getting alerts for items buried in backups, but also the scan time will speed up.

    SAV for Mac playlist: https://www.youtube.com/watch?v=zO8GpDmgna0&list=PL_b4O8ZwWOqsJbP55d6EF0lBV9NDMaLfE

    :1017129
Reply
  • 0

    Failed to clean up file
    2014-04-30 06:40:16 +0100 Threat component: 'Mal/Phish-A' in /Volumes/BIPRA 250GB/Backups.backupdb/bill wilson’’’’s iMac/2013-04-08-003405/Macintosh HD/Users/billwilson/Library/Containers/com.apple.iPhoto/Data/Library/Mail/V2/IMAP-bill.wlsn1@imap.gmail.com/[Gmail].mbox/Spam.mbox/352B04A4-CAAB-414C-93F3-E62ACD0EDE81/Data/0/6/1/Attachments/160853/2/acc_protect.html

    Thanks for the log extract.  It shows the item that has been detected is not only in a backup, but inside there it is an attachment to a spam email.

    SAV for Mac can detect items in backup (because it has 'read' access), but cannot then go and clean them up because it is not enable to get full access (e.g., 'write' access).  Therefore it's a common problem that having say clicked 'Scan This Mac' all local drives are scanned (included the backup drive) and ending up with a lot of 'buried' items that cannot be removed.

    The best approach is not to scan the backups - exlcude them from future scans - and clear from the list any current items shown in the Quarantine Manager.  A html file ('acc_protect.html'), attached to an email, inside a backup isn't going to harm anything.

    Watch the scanning video on YouTube about excluding drives - not only will you avoid getting alerts for items buried in backups, but also the scan time will speed up.

    SAV for Mac playlist: https://www.youtube.com/watch?v=zO8GpDmgna0&list=PL_b4O8ZwWOqsJbP55d6EF0lBV9NDMaLfE

    :1017129
Children
No Data