2014-12-18T21:49:56+00:00 Zend_Feed_Writer https://www.augwessex.org.uk/discussions/view/1137 AUGW info@augwessex.org.uk https://www.augwessex.org.uk/ 2014-12-18T12:01:32+00:00 https://www.augwessex.org.uk/discussions/view/1137#5093 David Chaplin info@augwessex.org.uk https://www.augwessex.org.uk/ I have been alerted by my Sophos software that it has detected the following threat :- "Troj/DocD/-cu". It now sits in quarantine; I have tried to "clean" but appears unsuccessful by Quarantine Manager. I have Googled it but no information is forthcoming. I am completing a full scan via Sophos (still in hand) but am wondering if this is one of those guises to persuade you to purchase a version of Sophos instead of the freebie or a real Trojan. Anyone experienced this issue? David Chaplin 2014-12-18T13:41:24+00:00 https://www.augwessex.org.uk/discussions/view/1137#5094 Mick Burrell info@augwessex.org.uk https://www.augwessex.org.uk/ My guess would be a Windows Trojan. See this: Sophos Link Or this where they specifically say that it's Windows that's affected (although I can't see a direct reference to the Trojan you give - this came up on my Google search) Another Sophos Link 2014-12-18T15:50:35+00:00 https://www.augwessex.org.uk/discussions/view/1137#5095 David Chaplin info@augwessex.org.uk https://www.augwessex.org.uk/ Afternoon MIck, Many thanks for your reply & have tried both of the Sophos links with no success; as you suspected this appears to be a Windows threat & I couldn't open the Virus Tool Remover anyway. However, I did note there was was slight difference in the Trojan reference you found - yours ended in "-co" whereas I recorded ending in "-cu". The Sophos scan I had been conducting (not completed after about 12 hours) appeared to seize, so I closed down the iMac & restarted to find there is now no trace of this Trojan reference number, only the window in Scan Manager stating "i threat had been identified" but no further information is forthcoming. Perhaps I should just forget it and get on with all things Christmas! The iMac working OK. Thanks again, & Happy Christmas to you. David. 2014-12-18T21:49:56+00:00 https://www.augwessex.org.uk/discussions/view/1137#5096 Euan Williams info@augwessex.org.uk https://www.augwessex.org.uk/ Hi David. The Sophos Virus remover tool only operates under MS Windows (Sophos state this clearly). Threat removal under OS X is done within the Quarantine manager. Very basically put, AV software "recognises" the signature of a particular malware and then refers to its database of what snippets of code to remove. This is a very fast-reaction industry and databases are constantly being revised. Malware coders try to alter their code so that, at least for a brief while, the code is out in the wild and unrecognised. Wikipaedia offers more information.