232533.2emlxpart virus
Comments
-
@MrC
I don't think so. Sophos
identified the the file as a known trojan virus.But I am not an expert in these things. Just concerned about security.
0 -
Hi @johneddy,
All virus checkers will occasionally incorrectly flag a file as malware (this is called a False Positive). Malware detection software uses static rules, patterns, and heuristics to make a determination, and just by random chance some file will happen to fit the criteria.
It is exceptionally rare that a reputable software vendor releases a file that contains a virus or malware, so that's why I recommend the follow-up by scanning the relevant files using a suite of scanners. And when those scanners show no issues, you can report the file as a False Positive to the A/V vendor via their false positive report page (as explained here).
0 -
Hi @johneddy,
You can select the "Reveal in Finder" option on that screen to open the folder the file resides in within Finder. Then you can use the website MrC mentioned to scan the file and see if it is indeed infected or not.
Do you have file attachments in your 1Password database? The most likely scenarios are either a false positive from Sophos as MrC mentioned (anti virus isn't infallible), or a file you've attached to a 1Password item is infected, though it seems unlikely Sophos would be able to detect it even if this were the case.
Thanks
Ben
0 -
@bwoodruff
@MrC
Thank you both. Sophos cleaned the file out for me so I no longer have it to check as you both kindly suggested.I was not concerned that Agilebits had unwittingly distributed malware in its software package- I was more concerned that someone had somehow managed to create a virus that targets 1Password specifically and I wanted to let someone at Agilebits know about it in case it something that deserves attention.
It sounds like you both think it is not of concern. Is this correct?
thanks again.
0 -
I was not concerned that Agilebits had unwittingly distributed malware in its software package- I was more concerned that someone had somehow managed to create a virus that targets 1Password specifically and I wanted to let someone at Agilebits know about it in case it something that deserves attention.
@johneddy: Absolutely! Better safe than sorry. :) :+1:
It sounds like you both think it is not of concern. Is this correct?
Not at all. I won't go into too much detail, as it's a bit of a long explanation. But 1Password for Mac is digitally signed both by AgileBits and by Apple as part of their security initiative. So while it's entirely possible that malware could modify it (as it could any file), the signature would no longer match, and then Gatekeeper would complain that it couldn't be validated and not even let you launch it. :pirate:
0 -
Thanks again. What does "digitally signed" mean? Do you recommend any reading on becoming familiar with this kind of security?
0 -
Hi @johneddy,
You can read about digital signing here:
https://en.wikipedia.org/wiki/Digital_signature
Thanks!
Ben
0
