Found Virus now what?

Discussion in 'Mac Basics and Help' started by Boca, Apr 7, 2012.

  1. Boca macrumors 6502

    Joined:
    Feb 13, 2008
    #1
    Hi, ran Clamx and it discovered this:

    File:
    215233. Enlx
    Infection:
    Heuristics.Phish...

    Then this message: One or more infected files were found, but were left where they are. You can either deal with them yourself, or scan again with the preferences set to move them into a different folder.

    What should I do, and how? thanks, have a great day.
     
  2. simsaladimbamba

    Joined:
    Nov 28, 2010
    Location:
    located
    #2
    Can this help?

    Where does the file belong to?
    Did you scan again?
    What would happen, if you delete it?
    Is the report you get longer or is the information you posted everything?

    PS: It is not a virus. At least not one affecting Mac OS X.

    Currently there are zero viruses affecting Mac OS X in public circulation, but there are other kinds of malware existing, that can infect your Mac.
    But as long as you don't install software from unknown and untrusted sources, you are safe, as malware needs administrative permissions to run successfully, which means, you need to install the malware yourself, it can't install itself (one of the reasons, why a Mac OS X virus hasn't appeared yet).
    To learn more about malware in Mac OS X and what steps can be taken to protect yourself, read the following F.A.Q.:
    Mac Virus/Malware Info by GGJstudios
    The above F.A.Q. includes the following topics:
    • Malware terminology - What is the difference between viruses, worms, and Trojans?
    • Antivirus apps
    • What security steps should I take?
    • What about sending files to Windows users?
    • Why am I being redirected to other sites?
    • Recent threats in the news

     
  3. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #3
    You didn't provide the information about what ClamXav found. There are no Mac OS X viruses in the wild, so it's most likely Windows malware. Repost again and give complete information.

    Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 10 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). Also, Mac OS X Snow Leopard and Lion have anti-malware protection built in, further reducing the need for 3rd party antivirus apps.
    1. Make sure your built-in Mac firewall is enabled in System Preferences > Security > Firewall

    2. Uncheck "Open "safe" files after downloading" in Safari > Preferences > General

    3. Uncheck "Enable Java" in Safari > Preferences > Security. Leave this unchecked until you visit a trusted site that requires Java, then re-enable only for your visit to that site. (This is not to be confused with JavaScript, which you should leave enabled.)

    4. Check your DNS settings by reading this.

    5. Be careful to only install software from trusted, reputable sites. Never install pirated software. If you're not sure about an app, ask in this forum before installing.

    6. Never let someone else have access to install anything on your Mac.

    7. Don't open files that you receive from unknown or untrusted sources.

    8. Make sure all network, email, financial and other important passwords are complex, including upper and lower case letters, numbers and special characters.

    9. Always keep your Mac and application software updated. Use Software Update for your Mac software. For other software, it's safer to get updates from the developer's site or from the menu item "Check for updates", rather than installing from any notification window that pops up while you're surfing the web.
    That's all you need to do to keep your Mac completely free of any virus, trojan, spyware, keylogger, or other malware. You don't need any 3rd party software to keep your Mac secure.
     
  4. Drew017 macrumors 65816

    Drew017

    Joined:
    May 29, 2011
    Location:
    East coast, USA
    #4
  5. wpotere Guest

    Joined:
    Oct 7, 2010
    #5
  6. simsaladimbamba

    Joined:
    Nov 28, 2010
    Location:
    located
    #6
  7. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #7
  8. jekyl macrumors 6502

    jekyl

    Joined:
    Mar 6, 2011
    Location:
    Mid-Michigan
    #8
    I've never seen any reason to install java, or flash as far as that goes. Nothing but a world of hurt from any of that dren.

     
  9. Drew017 macrumors 65816

    Drew017

    Joined:
    May 29, 2011
    Location:
    East coast, USA
    #9
    Alright, I just wanted to share my findings ;) I've heard mixed opinions about this on different sites, but I don't really see it as a virus, either. Didn't Apple just release a software update that addresses Java?
     
  10. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #10
    Yes, they did.
     
  11. Boca thread starter macrumors 6502

    Joined:
    Feb 13, 2008
    #11
    Thank you all for suggestions. Above is the total message I got after the Clamx scan. From what I've read moving it to a different folder is no different than keeping it where it is in the ClamX. I'll continue to read and follow your suggestions. Thanks.
     
  12. McGiord macrumors 601

    McGiord

    Joined:
    Oct 5, 2003
    Location:
    Dark Castle
  13. Shrink macrumors G3

    Shrink

    Joined:
    Feb 26, 2011
    Location:
    New England, USA
    #13
    I, too, get that "Heuristic" file every time I do a ClamXav scan. It's happened at least 5 times.

    I have it quarantined to Desktop, and then dump it in the Trash, and Empty Trash.

    Interestingly, for some reason it never ends up on my Time Capsule. On two occasions (I don't bother any more) I did a Clam scan on my Time Capsule after finding the infected file, and it didn't show up in the TC scan.

    BTW: I follow all the instruction the GGJ provided above.

    It's happened so often, I don't particularly worry about it. A knowledgeable friend suggested that it's probably a Trojan and I'm not getting the pop up or other request necessary to install it because I have pop ups blocked, and Adblock.
     

Share This Page