Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 40 replies
  • Subscribers 6 subscribers
  • Views 66669 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Troj/Zbot - HAD

dakotaspurs

Hi everybody,

I am using Sophos Anti-Virus 8.0.20C on the Mac and I am having a very annoying alert recurring constantly throughtou the day.

I have an alert come up saying that it has detected the Troj/Zbot - HAD (sometimes the HAD is replaced with something else).  So I open up Quarantine Manager and Authenticate to be able to remove it, but as soon as I have authenticated, the threat in the window disappears without giving me a chance to clear it.

This has been going on for weeks and I have run the full scan of the machine a number of times, which comes up clean, but it keeps coming up.

Does anyone know why this is and how I can stop this happening?

UPDATE - I have since truned off the Scan inside archives and compressed files option in the preferences pain as suggetsed on another post but this hasn't solved the issue.

:1014787


This thread was automatically locked due to age.
Parents
  • 0

    Hi ruckus,

    It seems that whenever it appears it has "Access to the file denied" written below it.

    Some of these are on the Time Machine folder, so it may be running out of time to access it before Time Machine closes, so I am running a scan on that drive now.

    Some other cases are listed below:

    com.sophos.intercheck: 2013-12-10 15:21:59 +0000 Threat: 'Troj/Zbot-HAD' detected in /Users/simonjudd/Library/Application Support/Google/Chrome/Local State
    com.sophos.intercheck: Access to the file denied

    com.sophos.intercheck: 2013-12-10 12:05:57 +0000 Threat: 'Troj/Zbot-HAD' detected in /Users/simonjudd/.Extensis/FMCore/NameServer.db
    com.sophos.intercheck: Access to the file denied

    com.sophos.intercheck: 2013-12-10 09:48:51 +0000 Threat: 'Troj/Zbot-HAD' detected in /Users/Shared/.ST150
    com.sophos.intercheck: Access to the file denied

    Any ideas?

    :1014973
Reply
  • 0

    Hi ruckus,

    It seems that whenever it appears it has "Access to the file denied" written below it.

    Some of these are on the Time Machine folder, so it may be running out of time to access it before Time Machine closes, so I am running a scan on that drive now.

    Some other cases are listed below:

    com.sophos.intercheck: 2013-12-10 15:21:59 +0000 Threat: 'Troj/Zbot-HAD' detected in /Users/simonjudd/Library/Application Support/Google/Chrome/Local State
    com.sophos.intercheck: Access to the file denied

    com.sophos.intercheck: 2013-12-10 12:05:57 +0000 Threat: 'Troj/Zbot-HAD' detected in /Users/simonjudd/.Extensis/FMCore/NameServer.db
    com.sophos.intercheck: Access to the file denied

    com.sophos.intercheck: 2013-12-10 09:48:51 +0000 Threat: 'Troj/Zbot-HAD' detected in /Users/Shared/.ST150
    com.sophos.intercheck: Access to the file denied

    Any ideas?

    :1014973
Children
No Data