Previous 1 2 3 4 Next 45 Replies Latest reply: Feb 28, 2006 4:38 PM by Badunit
technorae Level 1 Level 1 (25 points)
This morning while performing a routine update of Sophos anti-virus software (yes, I am running it to practice safe computing and to help my friends in the PC world by not passing on PC viruses) I received the following message from my computer.

"Virus 'OX/Inqtana-B' detected in Macintosh HD:Library:Spotlight:Microsoft Office.mdimporter:Contents:MacOS:Microsoft Office

Disinfection not available for this virus."

I can't find any info on the Apple site about it and have done a search in the forum and found only Inqtana.A.

One question--
How do I get rid of it?

thanks in advance,

Powerbook   Mac OS X (10.4.5)  
  • Dr. Smoke Level 9 Level 9 (56,585 points)
    It may be a new variant of "OSX.Inqtana.A", based on the original.

    You should check to see if Sophos has new virus definitions for this or contact them.

    Good luck!

    Dr. Smoke
    Author: Troubleshooting Mac® OS X
  • SuperSizeIt Level 3 Level 3 (575 points)
    What Antivirus program should we all be using? Norton or Intego? I don't want one that slows down the computer to a crawl or cause OS issues.

    Now that Macs are unsafe as a PC/Windows. Buyers don't really see the advantage of having a Mac anymore.
  • Al Van Malsen Level 6 Level 6 (18,740 points)
    "Now that Macs are unsafe as a PC/Windows. Buyers don't really see the advantage of having a Mac anymore. "

    There is, at this time, a world of difference between the safety and security of Windows and those using the Mac OS. While no one knows how long it will last we still don't face the constant and unending barrage of viruses, trojans, worms and other malware that is released for Windows users every single day. That may change, but for now it still holds true that the Mac is far far safer and vastly more secure than Windows.

    I believe the advantages of owning a Mac, other than security, play more of a part in the purchasing decision that you are giving credit for.
  • SuperSizeIt Level 3 Level 3 (575 points)
    I think your wrong there. Just about everyone who I know that has switched to Mac considers security as a purchasing factor. Anyway, which one is the most compatible nowadays with Apple? Intego or Norton? Or is there another brand?
  • Benny Gee Level 1 Level 1 (15 points)
    I came in this morning and saw the same thing. It's not the Inqtana-A virus.
    This one is listed as Inqtana-B. I can't open any Microsoft programs. Illustrator won't open. Sophos is scanning right now.
  • dj john g Level 1 Level 1 (40 points)
    I had Sophos delete a ton of Microsoft Office 2004 file, so many that I can no longer use Office unless I reinstall. Just for curiosity, I ran the immediate scan and about 2/3 through it's found 145 instances of OSX/Inqtana-B.

    Personally, I'm going to call BS on this because I have not had Bluetooth on and that is supposedly how the virus / worm is spread. I'm going to look at the log files when this thing is done running, then I'll check to see how badly this thing messed up my computer. I'll report back in a bit.
  • Will : Hi ! Level 5 Level 5 (4,305 points)
    OSX/Inqtana-B, from Sophos' website.

    SuperSizelt, I would go with Intego's products, because they aren't intrusive and that many people have reported issues with Symantec products, including products from the Norton family.

    dj john, Bluetooth is this wrom/virus' way of spreading automatically, however, it can very well have spread manually, if it was contained in an Office document that you got by email, for example.

    Edit : Who are BS, by the way ?
  • Thyme Level 1 Level 1 (0 points)
    I also have this virus message coming up today and I have no idea how to get rid of it. If it is true that it is spread when bluetooth is on then that would make sense because I always leave mine on.

    Please tell me how to get rid of it!
  • SuperSizeIt Level 3 Level 3 (575 points)
    Intego it is then. Thanks.
  • SuperSizeIt Level 3 Level 3 (575 points)
    This can turn out to be a potential major issue for Mac users. I hope Apple sends a patch or fix right away.
  • dj john g Level 1 Level 1 (40 points)
    I think this is a Sophos issue. I sent them an email and here's what I got back:

    "Hello John,

    It's probably a false positive in the detection. We are going pull that
    detection until we can correct the matter."

    I noticed that Sophos updated the IDE file shortly after they posted the original. I'm guessing there isn't a problem. If you don't have Sophos set to delete the files automatically, you can drag them back into your Applications > Microsoft Office _ > Office folder and it should work. I don't know about any other programs.

    I'm going to reinstall my OS tonight just to be safe, but I think this was a MAJOR issue coming from Sophos.
  • Wade Peeler Level 6 Level 6 (10,905 points)
    Okay, so OS X is just as insecure as Windows because there are a couple of trojans that require manual user intervention to run and spread, while Windows has literally tens of thousands of viruses that can install and spread themselves without user intevention or even knowledge?!

    So with this B variant, my count of total OS X trojans is now up to 6, and still 0 viruses for OS X. And these latest ones use pure social engineering; no system vulnerabilities are exploted at all. Really insecure...

    The Safari thing they're talking about today is an actual vulnerability, although as far we know no one has made an exploit for it yet.

    We should all be careful about what files we download and run, and maybe we're arriving at the point that we need to run anti-malware software, but OS X is a far cry from being as vulnerable as Windows.
  • TheresaL Level 1 Level 1 (5 points)
    We also have this issue. We contacted Sophos about 2 hours ago and they asked for samples of files. We have sent them off to them.
  • SuperSizeIt Level 3 Level 3 (575 points)
    Wow is it that easy to wipe out your drive with a simple modification of this virus?

    I found this post on ZDNET: &start=1

    "Do you know how easy it would be to change the example's shell script into one that deletes all of a user's personal files? Let me help:
    rm -rf ~/"
Previous 1 2 3 4 Next