Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 6 subscribers
  • Views 2157 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Re : How to tell what threats Sophos Deleted

Thomas_xsr

Hello, any help or knowledge is greatly appreciated.

I being a newbie unknowingly set the program to delete instead of log on my first scan apparently it found 1 threat which after i scanned another 3 times has apparently been deleted. Is there anyway to find out what that file was ??  I am afraid it may have deleted something that could cause instability, i am not having any problems at the moment , but i am getting paranoid and really want to find out what sophos deleted.

Please help :smileyindifferent:

:1002141


This thread was automatically locked due to age.
Parents
  • 0

    Hello Thomas,

    you don't have to use an internet search to get (some) information on the threat. For outstanding alerts you get a link in Quarantine manager, if you find a threat in the logs go to the Analyses page and enter the name there. Troj/JavaDl-BH is - as you've found out - a Windows Trojan in a Java class file. These things are most likely picked up by visiting a webpage. It was probably sitting there from a time before Sophos has been installed and it's safe to delete (a cache is just a cache).

    Please note that a detection does not necessarily mean infection - not even potential infection. So it's not uncommon to get a "cross-platform" or "cross-environment" detection (and example of the latter would be a Word macro virus).

    Christian       

    :1002159
Reply
  • 0

    Hello Thomas,

    you don't have to use an internet search to get (some) information on the threat. For outstanding alerts you get a link in Quarantine manager, if you find a threat in the logs go to the Analyses page and enter the name there. Troj/JavaDl-BH is - as you've found out - a Windows Trojan in a Java class file. These things are most likely picked up by visiting a webpage. It was probably sitting there from a time before Sophos has been installed and it's safe to delete (a cache is just a cache).

    Please note that a detection does not necessarily mean infection - not even potential infection. So it's not uncommon to get a "cross-platform" or "cross-environment" detection (and example of the latter would be a Word macro virus).

    Christian       

    :1002159
Children
No Data