Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 40 replies
  • Subscribers 6 subscribers
  • Views 66689 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Troj/Zbot - HAD

dakotaspurs

Hi everybody,

I am using Sophos Anti-Virus 8.0.20C on the Mac and I am having a very annoying alert recurring constantly throughtou the day.

I have an alert come up saying that it has detected the Troj/Zbot - HAD (sometimes the HAD is replaced with something else).  So I open up Quarantine Manager and Authenticate to be able to remove it, but as soon as I have authenticated, the threat in the window disappears without giving me a chance to clear it.

This has been going on for weeks and I have run the full scan of the machine a number of times, which comes up clean, but it keeps coming up.

Does anyone know why this is and how I can stop this happening?

UPDATE - I have since truned off the Scan inside archives and compressed files option in the preferences pain as suggetsed on another post but this hasn't solved the issue.

:1014787


This thread was automatically locked due to age.
Parents
  • 0
    ruckus wrote:

    One suggestion I would make is that 'log only' for detected threats is perhaps better than 'cleanup' and if that fails 'delete'...

    Scan name: "Scan Local Drives"
Scan items:
Configuration:
	Scan inside archives and compressed files: Yes
	Automatically clean up threats: Yes
	Action on infected files: Delete
	Live Protection enabled: Yes

    Sorry, to clarify: It was just a side note for the 'Scan This Mac' on-demand scan you ran, not for on-access scanning. :0)

    Can you run a scan of the TM volume only and see what is found?  No exclusions for the TM volume and leave compressed files on.  May take some time to complete so set it going and wander off or leave it over night.  THat's not to say you can't use the Mac while it's scanning, but it may slow the Mac down grinding through the TM backups.

    :1015489
Reply
  • 0
    ruckus wrote:

    One suggestion I would make is that 'log only' for detected threats is perhaps better than 'cleanup' and if that fails 'delete'...

    Scan name: "Scan Local Drives"
Scan items:
Configuration:
	Scan inside archives and compressed files: Yes
	Automatically clean up threats: Yes
	Action on infected files: Delete
	Live Protection enabled: Yes

    Sorry, to clarify: It was just a side note for the 'Scan This Mac' on-demand scan you ran, not for on-access scanning. :0)

    Can you run a scan of the TM volume only and see what is found?  No exclusions for the TM volume and leave compressed files on.  May take some time to complete so set it going and wander off or leave it over night.  THat's not to say you can't use the Mac while it's scanning, but it may slow the Mac down grinding through the TM backups.

    :1015489
Children
No Data