Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 6 subscribers
  • Views 3647 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

I have just installed Sophos : A virus was detected !!!!

JojoFrench

Hello !

I've just heard about Sophos AntiVirus a few hours ago.

So I decided to install it. It runs very smoothly.

I've ran a full scan right now, and Sophos has detected a virus !!! I'm very surprised about that !!

The name of the threat is : Mal/JavaHoxo-A in the file : /Users/Jojo/Library/Caches/Java/cache/6.0/41/ff74ae9-7d783ce1 [EIRC.class]

Mac... Viruses... What ? :smileysurprised:

:1000077


This thread was automatically locked due to age.
Parents
  • 0

    Hello JojoFrench,

    if you read the analysis for Mal/JavaHoxo-A you'll see that it affects Windows (only). Now you could argue why Sophos for Mac bothers with this threat. Fact is that the majority of malware is for Windows given its market share. To scan only for threats affecting the platform the AV is running on would complicate matters (you'd have to store the information along with the IDEs/signatures, you have to update it when new OS versions are available and so on). Do not confuse this with the objects scanned as this is usually OS specific. More and more the threats lurk in cross-platform objects (HTML, PDF, Java to name a few) and are of course detected even if they don't "match" the OS. 

    And if it is detected - why shouldn't Sophos alert you as you might otherwise unwittingly pass it on (please see also Aarons post and blog).

    Christian

    :1000137
Reply
  • 0

    Hello JojoFrench,

    if you read the analysis for Mal/JavaHoxo-A you'll see that it affects Windows (only). Now you could argue why Sophos for Mac bothers with this threat. Fact is that the majority of malware is for Windows given its market share. To scan only for threats affecting the platform the AV is running on would complicate matters (you'd have to store the information along with the IDEs/signatures, you have to update it when new OS versions are available and so on). Do not confuse this with the objects scanned as this is usually OS specific. More and more the threats lurk in cross-platform objects (HTML, PDF, Java to name a few) and are of course detected even if they don't "match" the OS. 

    And if it is detected - why shouldn't Sophos alert you as you might otherwise unwittingly pass it on (please see also Aarons post and blog).

    Christian

    :1000137
Children
No Data