My computer has been hit by something called PAU.OSX.IronCore.
There is information on it (you don't want it)
BUT no information so far on how to find the related file and delete it from a mac.
Or which anti-virus system can deal with it.
Has anybody had success with this issue - and is willing to share instructions?
Thanks
Sarah
MacBook Air, OS X Yosemite (10.10.5)
Sorry, that was meant to be PUA.OSX.IronCore
And my current anti-virus is Webroot.
Sarah
Just what symptoms are you seeing?
I could not find anything on that by Googling.
I have a Webroot Anti-Virus system and at the moment every time I start up within a minute or so it sends me a message saying it has found
PUA.OSX.IronCore. Then a scan isolates two or three files I am familiar with (just harmless word docs) that are now tagged by the antivirus system as being infected by the IronCore. I have googled it and apparently there are a few adware (malware) companies targeting macs with these malwares: mac apparently is not yet equipped to deal with them and neither are any anti-virus schemes. mac themselves recommended MalwareBytes program, which DID find and remove a trojan file with a name that was mentioned when I was googling these viruses. I thought I was set - but next time I started up there it was again.
Apparently they come in to your computer attached to seemingly valid downloads (from sites such as softonic). See image of the two files thought to be troublesome - i have deleted them about five times so far but the screen just keeps bringing them up.
Thanks for taking the time!
Sarah
Most likely a false positive. Those files are used to remember the window layout in Finder.
Thanks Barney.
What does false positive mean in this context?
Webroot is overreacting to something?
Sarah
Try this:
http://www.thesafemac.com/arg-spigot/
Also see:
http://www.sentinelone.com/blog/osx-ironcore-a-or-what-we-know-about-osx-flashim itator-a/
The above is general for PUAs (Potentially Unwanted Applications,)
Downloading anything from Softonic is fraught with potential for malware. The same goes for Downlite, Zeobit, MacPaw and Cnet. You really do not need anti virus ... just browse with care and don't download from sites you don't know. Always check them out through these forums first.
+1
this has become the rule with these sites rather than the exception.
Remove the worthless "Webroot" product by following the instructions on this page. If you have a different version of the product, the procedure may be different.
Back up all data before making any changes. Never install any "anti-virus" or "anti-malware" software again.
It would be a bit interesting to see what these two files may be, and what size they have.
The file OS X uses to keep track of folder attributes is:
.DS_Store
These are different, and are not files OS X creates. Yours are named:
._DS.Store
In case you're wondering why those perfectly innocuous files are named as they are, it's because they are on a flash drive in FAT format. The files are harmless. "Webroot" is harmful.
it's because they are on a flash drive in FAT format.
Ah. Missed the obvious clue there in the file path name.
Werac wrote:
And my current anti-virus is Webroot.
Get rid of it.
"Webroot" may prove difficult to uninstall. Please read my first reply to this recent Discussion: Re: remove best buy webroot
"softonic" is not a trustworthy source of Mac software. Neither are any other "download aggregator" websites primarily supposed by advertising revenue, including but not limited to "C Net Download", "Download dot com", "Mac Update Dot Com", "Soft Pedia Dot Com" etc. Never obtain software from any of those sites, or any others not explicitly authorized by the respective software's developer. If in doubt, constrain your software purchases to the Mac App Store.
Werac wrote:
Webroot is overreacting to something?
More accurately, webroot is overreacting to nothing.
To Kurt, Linc, John and Barney,
thanks all for bothering to get back to me!
Have read all responses.
Taking Mac into Apple on Friday to see what they can do.
Will get rid of Webroot.
After years of being a PC owner I feel nervous about the idea of having no anti-virus.
I do not surf and am very cagey about anything that comes to me rather than me going calling it up.
Online reviews suggested Kaspersky was compatible with macs.
Might try that.
And yes, I realised the Webroot was most often reacting when I tried moving files to and from a USB.
Thanks all for help -
do you guys wish to know outcome of Apple has any new info or a solve?
Sarah
is there a way to remove PUA.OSX.IronCore from my mac?
