We'd love to hear about it! Click here to go to the product suggestion community
Sophos detected Mal-Phish A in an email attachment currently on a time capsule backup.
How do I remove it?
David-Laxers-MacBook-Pro:2 davidlaxer$ pwd/Volumes/Time Machine Backups/Backups.backupdb/David Laxer’s MacBook Pro/2016-05-05-080928/Macintosh HD/Users/davidlaxer/Library/Mail/V3/POPfirstname.lastname@example.org/INBOX.mbox/BC431648-FFBD-4009-8158-4E255EC8A039/Data/7/9/Attachments/97348/2David-Laxers-MacBook-Pro:2 davidlaxer$ ls -ltotal 80-rw-r--r--@ 1 davidlaxer staff 38437 Nov 4 2015 2,,7_092--AmExCiVS_579,30.htmlDavid-Laxers-MacBook-Pro:2 davidlaxer$ sudo rm 2,,7_092--AmExCiVS_579,30.html override rw-r--r-- davidlaxer/staff for 2,,7_092--AmExCiVS_579,30.html? yesrm: 2,,7_092--AmExCiVS_579,30.html: Operation not permittedDavid-Laxers-MacBook-Pro:2 davidlaxer$
try this https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Mal~Phish-A.aspx
In reply to FormerMember:
I'm on a Mac running OS X 10.11.16. The tool above indicates it's for Windows.
In reply to David Laxer:
you shouldn't take a look at this tool but you should look at the section "Recovery Options"
The problem is that the file in question is in a hidden folder. Here's what I did when I had something similar in a Time Machine backup:
Show all hidden folders.
Go to Terminal. Type in: defaults write com.apple.Finder AppleShowAllFiles true
Hit return. At next prompt, type in: killall Finder
This will allow you to view all hidden folders. Connect backup drive and enter Time Machine. Follow the path Sophos indicated to locate the file. Once you've located it, right click (or option click) and the choice is called something like "remove all instances of this file" (something like that). Once you've done that, you can hide folders again.
Go to Terminal. Type in: defaults write com.apple.Finder AppleShowAllFiles false
This worked for me. I hope it works for you, too!