Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 14 replies
  • Subscribers 6 subscribers
  • Views 34252 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Detected Thread disappears

bawe

OS X Yosemite 10.10.2

Detected Thread Mal/RtfExe-A: Indicated by Sophos each 10 minutes on desktop, after clicking on "Quarantine Manager" it appears listed in. But by clicking for further measures the indication of the thread always disappears.

What's wrong here?

:1020162


This thread was automatically locked due to age.
Parents
  • 0
    kevs40 wrote:

    OK just happened, the file was TROJ-DOC-DI-Q

    May have one digit off but that the one that keep coming back,  open Quarantine and then vanishes.

    As you can imagine, its not obvious what is happening. An advanced diagnostics technique is to use "opensnoop" on the command line (Terminal) to observe what files are being opened by which applications (including our scanner).

    sudo opensnoop -ve

    Obviously I always recommend taking care whenever you run a command with sudo.

    A good tutorial about dtrace scripts can be found here: http://dtrace.org/blogs/brendan/2011/10/10/top-10-dtrace-scripts-for-mac-os-x/

    :1020324

    ---

    Bob Cook (bob.cook@sophos.com) Director, Software Development

Reply
  • 0
    kevs40 wrote:

    OK just happened, the file was TROJ-DOC-DI-Q

    May have one digit off but that the one that keep coming back,  open Quarantine and then vanishes.

    As you can imagine, its not obvious what is happening. An advanced diagnostics technique is to use "opensnoop" on the command line (Terminal) to observe what files are being opened by which applications (including our scanner).

    sudo opensnoop -ve

    Obviously I always recommend taking care whenever you run a command with sudo.

    A good tutorial about dtrace scripts can be found here: http://dtrace.org/blogs/brendan/2011/10/10/top-10-dtrace-scripts-for-mac-os-x/

    :1020324

    ---

    Bob Cook (bob.cook@sophos.com) Director, Software Development

Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?