The Sophos Community will be offline for scheduled maintenance this Saturday, May 27th, at 13:00 UTC for approximately 1 hour. Apologies for any inconvenience caused.
"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
When malware is detected on your Mac computer you may see an alert similar to the screenshot below.
When alerted to the presence of malware, you should open the Quarantine Manager (the part of Sophos Anti-Virus that lists what was detected) and remove the malware.
See the following video on how to cleanup an infection on Mac OS X:
Applies to the following Sophos products and versions Sophos Anti-Virus for Mac OS X v9.x, Sophos Anti-Virus for Mac Home Edition v9.x
Important: If malware is detected on your computer, and Sophos Anti-Virus informs you that it must be cleaned up manually, this means that you must create a custom scan. (Full details are given in the relevant section below.)
Some common locations for such files are:
/Volumes/<Time Machine Volume Name>/Backups.backupdb/<Computer Name>/YYYY-MM-DD-NNNNNN/<User Name>/Library/Caches/Java/cache/6.0/8/123456-123456
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.