Endpoint Protection

View Only

Back to discussions

Expand all | Collapse all

OSX.trojan.Gen virus

1. OSX.trojan.Gen virus

Recommend
Ralph Parchmann
Posted Jun 08, 2018 02:41 PM

Reply Reply Privately
I am using an Apple MacBook Pro laptop computer. My anti-virus software found a virus in the following directory but can not delete it. The directory path is /volumes/Install/Install.app/contents/MacOS/Install OSX.Trojan.Gen. When I use the anti-virus software (Endpoint Protection) I get a message that the repair failed!!!! It calls the virus "OSX Bundlore activity 2". I have updated the anti-virus signatures but this does NOT delete the virus. I found out about this when I tried to update Adobe Acrobat reader software. I need a solution to this issue please!
2. RE: OSX.trojan.Gen virus

Recommend
ℬrίαη
Posted Jun 08, 2018 04:15 PM

Reply Reply Privately
Can't you manually remove it?
3. RE: OSX.trojan.Gen virus

Recommend
Ralph Parchmann
Posted Jun 10, 2018 08:01 AM

Reply Reply Privately
I am NOT able to manually delete it.
4. RE: OSX.trojan.Gen virus

Recommend
ℬrίαη
Posted Jun 10, 2018 08:07 AM

Reply Reply Privately
Why?? What errors come up? Try in safe boot.
5. RE: OSX.trojan.Gen virus

Recommend
Mick2009
Posted Jun 11, 2018 05:17 AM

Reply Reply Privately
Hi Ralph,

Thanks for the post. Can you copy-and-paste exactly what SEP says it is detecting?

OSX.Trojan.Gen
https://www.symantec.com/security-center/writeup/2014-112615-1003-99

is an umbrella term for AV detections (malware and unwanted files on the computer).

System Infected: OSX Bundlore Activity 2
https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=30794

is an IPS signature (blocking traffic associated with an infection). That specific IPS signature concerns PUA traffic... Potentially Unwanted Application. That's likely a program of questionable value that was installed unintentionally and that you may wish to remove.

All About Grayware
https://www-secure.symantec.com/connect/articles/all-about-grayware

Full details on the unique hashes involved in the AV detection should be available in the logs or from your company's security admin. (Available from the SEPM if your SEP client is managed.) A check of the hash should reveal the nature of exactly what's on the machine.

Please do keep this thread up-to-date with your progress!
6. RE: OSX.trojan.Gen virus

Recommend
Mick2009
Posted Jun 12, 2018 05:06 AM

Reply Reply Privately
Hi again,

Just a ping to see if there are any additional details-?

Adding one more resource: this Security Response white paper is a few years old but is very much worth reading for any Mac user:

The Apple threat landscape
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/apple-threat-landscape.pdf

Endpoint Protection

OSX.trojan.Gen virus

Ralph ParchmannJun 08, 2018 02:41 PM

ℬrίαηJun 08, 2018 04:15 PM

Ralph ParchmannJun 10, 2018 08:01 AM

ℬrίαηJun 10, 2018 08:07 AM

Mick2009Jun 11, 2018 05:17 AM

Mick2009Jun 12, 2018 05:06 AM

1. OSX.trojan.Gen virus

2. RE: OSX.trojan.Gen virus

3. RE: OSX.trojan.Gen virus

4. RE: OSX.trojan.Gen virus

5. RE: OSX.trojan.Gen virus

6. RE: OSX.trojan.Gen virus