Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 40 replies
  • Subscribers 6 subscribers
  • Views 66699 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Troj/Zbot - HAD

dakotaspurs

Hi everybody,

I am using Sophos Anti-Virus 8.0.20C on the Mac and I am having a very annoying alert recurring constantly throughtou the day.

I have an alert come up saying that it has detected the Troj/Zbot - HAD (sometimes the HAD is replaced with something else).  So I open up Quarantine Manager and Authenticate to be able to remove it, but as soon as I have authenticated, the threat in the window disappears without giving me a chance to clear it.

This has been going on for weeks and I have run the full scan of the machine a number of times, which comes up clean, but it keeps coming up.

Does anyone know why this is and how I can stop this happening?

UPDATE - I have since truned off the Scan inside archives and compressed files option in the preferences pain as suggetsed on another post but this hasn't solved the issue.

:1014787


This thread was automatically locked due to age.
Parents
  • 0

    Thank you for all of those options Ruckus,

    Couple of things:

    Did you switch off TM during the scan or unmount the volume?

    I turned Time Machine off before that scan had finished so yes.

     One suggestion I would make is that 'log only' for detected threats is perhaps better than 'cleanup' and if that fails 'delete'...

    This is fine, but I think the issue I have is with the On-Access Scanner.  These threats keep popping up when I am not running a scan.  But in the On Access pane of the System Preferences there isn't a 'log only' option, I have 'deny access', 'clean up threat' 'deny access and move threat' or 'delete threat'.  So what should I set in here?  I have always had it as 'clean up threat' and then 'delete threat'.

    Thanks :)

    :1015481
Reply
  • 0

    Thank you for all of those options Ruckus,

    Couple of things:

    Did you switch off TM during the scan or unmount the volume?

    I turned Time Machine off before that scan had finished so yes.

     One suggestion I would make is that 'log only' for detected threats is perhaps better than 'cleanup' and if that fails 'delete'...

    This is fine, but I think the issue I have is with the On-Access Scanner.  These threats keep popping up when I am not running a scan.  But in the On Access pane of the System Preferences there isn't a 'log only' option, I have 'deny access', 'clean up threat' 'deny access and move threat' or 'delete threat'.  So what should I set in here?  I have always had it as 'clean up threat' and then 'delete threat'.

    Thanks :)

    :1015481
Children
No Data