Q: Anti-virus software picking up "Exploit Script Null" Trojan Variant. Help!
-
Mar 14, 2014 4:43 PMby thomas_r.,This is not the name of any known Mac malware. It is a name that is used for some Windows malware by McAfee... note that if you're using McAfee, you should get rid of it immediately. Although you certainly can find anti-virus software that is more worthless than McAfee on the Mac, it would be difficult. See the results of my Mac anti-virus testing 2014.
Most likely, this is simply Windows malware attached to an e-mail message, or something similar. Removing it is not something you should trust anti-virus software to do. To get rid of it, see How to remove infected files. Note that removing it yourself will help you identify where it is, and how it keeps getting back on your computer, and thus may help you diagnose an infection on some other Windows machine.
Finally, I would recommend that you read my Mac Malware Guide for more information on protecting yourself from malware.
-
Mar 14, 2014 6:13 PMby Musiquelavie,I am running McAfee but I am also running Sophos.
It was picked up by McAfee, but the detection reads
Accessed by SophosAvAgent
Status detection found
Total detection 1
McAfee ran clean right up until January. About a week after I downloaded Mavericks. Then the problems began.
My computer has crashed three times this week. I have never seen my Mac crash before.
-
Mar 14, 2014 6:50 PMby etresoft,Musiquelavie wrote:
My computer has crashed three times this week. I have never seen my Mac crash before.
Try uninstalling the antivirus software. We spend far more time here on the support forums cleaning up problems with antivirus software than we do cleaning up problems with viruses.
It isn't a question of whether there is or isn't Mac malware. The problem is that Mac antivirus software is just ports of Windows software to the Mac that doesn't run well and spends 99.9% of its time checking for Windows viruses. Apple includes XProtect antivirus that checks for any malware that might actually be a threat to your machine.
-
Mar 15, 2014 3:38 AMby thomas_r.,Running two anti-virus apps with active "on-access" scanning capabilities enabled is a very bad idea. It should never be done. This looks like it could potentially be a case of the two interfering with each other, and nothing more than that.
As I've already said, McAfee needs to go. It's garbage. Not only is it not doing a decent job of protecting you against anything, but it's probably causing a lot of the problems you're experiencing. Remove it using the McAfee uninstaller, found in the Applications folder.
Regarding Sophos, it is normally well-behaved, but has been known to cause spontaneous shutdown problems with Mavericks in some cases. (Outdated versions of Sophos cause more problems than that with Mavericks.) I have asked a contact at Sophos, and they say that it should be fixed "soon." (I don't know how soon "soon" might be.) It would probably be a good idea to uninstall it for now (using the Sophos Remove app in the Applications folder). You can make the choice about whether to reinstall it later, after it has been updated, and after you have read my Mac Malware Guide.
