Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

martinchivers

macrumors 6502
Original poster
Jun 19, 2011
279
9
Bath, Somerset, UK
using Mac OS High Sierra. Late 2012 iMac

Ive run Sophos Home and its come up with 4 viruses. These cannot be removed by Sophos itself but can only be removed manually. Ive made a note of the file names and searched (finder) for them. They are however hidden. Ive googled show hidden folders and followed the steps, but with no success at all.

file names....
/Users/martinchivers/documents/Outlook for macArchive_03.08.16.olm
and various versions of
/OutlookformacArchive_(dates) .olm

(see screenshot). I can find the normally hidden "Library" folder. Within "users"/martinchivers ive now been able to locate "martinchivers" and Documents (with is greyed out). But I am able to open the folders, but they don't contain the files I need to delete.

Can anybody tell me how to find them? Once I do, I assume I delete them, remove from trash-reboot etc? Anything else I need to do?
 

Attachments

  • Screen Shot 2017-11-28 at 12.28.22.png
    Screen Shot 2017-11-28 at 12.28.22.png
    70.4 KB · Views: 178
I don't use Sophos but that looks like it's indicating that it found the "virus" files in those OLM files, which are archives from your Microsoft Outlook app. This would indicate that they're probably in attachments in some email that was archived...I'm guessing that the archives were created on the dates that are in the OLM filenames.

You can look up the virus names yourself but I'm sure you'll find that they're all virus/trojans that affect Windows only.

I don't believe there's any way to get into an OLM file and delete a specific item. You would have to import the OLM, delete the offending email, and then re-export.

Is there any reason to keep these OLM archives? If not, the entire OLM file can be thrown away. However, as they stand the OLM files and the trojan/viruses they contain are no threat to your computer.

Are you currently using Microsoft Outlook?
 
  • Like
Reactions: keysofanxiety
Brian, thank you. Yes, I use Microsoft outlook as my email software. I would literally delete the entire .olm file, if I could locate it. One of the dates is in the future, though! (08.01.18). others are 2015 and 2016.
 
I see two 15s and two 16s.

The first one appears to be in your Documents folder if your account is "martinchivers". I don't think any of the files are invisible.
 
thanks. Ive downloaded it and run for "Invisible files and folders". Typed in both parts of the Trojan (the name of the virus and its location) (See screenshot). But unfortunatly its not found them
 

Attachments

  • Screen Shot 2017-11-29 at 11.06.20.png
    Screen Shot 2017-11-29 at 11.06.20.png
    56.3 KB · Views: 129
yes, it is weird isn't it.

Yes, I have (this is finder, right?). BUT without those additional search boxes (for want of a better description). How do you get this up?
 
You can start a search in any Finder window. That particular window appeared when I pressed “command-f” in Finder. You can add the extra conditions by clicking the “+”, selecting “other” and picking the condition. There’s checkboxes in there if you want to add the condition to the menu of conditions.
 
thanks. I tried it, and use ".olm" as the search term. It didn't find ANYTHING at all. I heard that High Sierra has security issues, maybe thats why ive got the virus in the first place, been using iMacs for 10 years and this is my first one.
 
What happens if you try from the Terminal ("/Applications/Utilities/Terminal")?

Code:
cd /Users/martinchivers
find . -name "*.olm" -print
 
Try a Terminal command that just lists the files in a folder, including invisible ones, and see if the file is actually there.

The first folder’s (your Documents folder) contents can be shown by copying and pasting this into Terminal:

ls -a ~/Documents/
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.