This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Troj Agent-AIRO

After booting 2 times now, I get a popup from Sophos warning that the Troj/Agent-AIRO virus was detected (malware) and will be automatically removed.  I click on the Quarantine Manager which displays the Troj/Agent-AIRO line for about a minute and then the whole line disappears.

Sophos update says it is current.

I've checked the Sophos console log and do not find an entry.

What should I do?

Thx!

Sys info:  Mac OSX 10.10.2

Sophos Anti-Virus Home Edition version 9.2.2

  Threat detection engine: 3.55.0

  Threat data: 5.11

  Protects against 8588419 threats

:55692


This thread was automatically locked due to age.
Parents
  • You can move the discussion elsewhere if possible. 

    I searched this forum and googled before posting.

    Why is there is no mention in the Sophos A-V log when an threat is detected specifying where the threat is?  The threat cleared in a minute or 2 after clicking the Quarantine Manager.  I viewed the preferences and checked the Messaging > "Warn before cleaning up threats in QM".  Logging already had checked to "Write threat and error events to system log".  Is that the same as the A-V log?

    I ran a long Sophos scan on 2 TM backup volumes that took >1 day.  That finally found a threat in the backup on 1 volume.  I was able to use QM to reveal the location in Finder.  It was a Mail message that had the threat in a Gmail Spam folder.  Then, it's a bit tricky finding the source location to open Time Machine.  I told TM to delete all backups in the Spam folder.  Then, to prevent reoccurences, I went to TM preferences to exclude the Spam folder and other similar Junk folders that Apple mail uses.

    I am scanning some other volumes which will take a few days.  I will try rebooting to see if all is clear eventually.

    :55723
Reply
  • You can move the discussion elsewhere if possible. 

    I searched this forum and googled before posting.

    Why is there is no mention in the Sophos A-V log when an threat is detected specifying where the threat is?  The threat cleared in a minute or 2 after clicking the Quarantine Manager.  I viewed the preferences and checked the Messaging > "Warn before cleaning up threats in QM".  Logging already had checked to "Write threat and error events to system log".  Is that the same as the A-V log?

    I ran a long Sophos scan on 2 TM backup volumes that took >1 day.  That finally found a threat in the backup on 1 volume.  I was able to use QM to reveal the location in Finder.  It was a Mail message that had the threat in a Gmail Spam folder.  Then, it's a bit tricky finding the source location to open Time Machine.  I told TM to delete all backups in the Spam folder.  Then, to prevent reoccurences, I went to TM preferences to exclude the Spam folder and other similar Junk folders that Apple mail uses.

    I am scanning some other volumes which will take a few days.  I will try rebooting to see if all is clear eventually.

    :55723
Children
No Data