Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 3 replies
  • Subscribers 2 subscribers
  • Views 2550 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Not cleanable viruses...

Craig_IT

Hi,

Tried finding some articles on the matter to no avail...every now and then I get a virus notification for an end point PC that is classed "not cleanable". I look it up on the Sophos Website to see if there is any info on it, usually not so I try to submit a sample. The log lists the file location, usually in the temp internet files but whenever I try to locate the file I can never get to the bottom of the file path as it simply isn't there and there is nothing in the end point PC's quarantine.

So just wondering what the go is here, how can I submit samples of uncleanable viruses when I can never obtain a copy of the files?

What is the general process everyone else uses when confronted with the same situation?

Thanks,


Craig

:6529


This thread was automatically locked due to age.
Parents
  • 0

    Hi Christian,

    Thanks for the advice. I thought I had already set that up but upon inspection it was not so.

    I have now set my Antivirus and HIPS scripts to deny and move to a share on my antivirus server for easy administrating of un-cleanable viruses and set my server script to not scan that directory as suggested. This will not compromise my system in anyway will it? In the process of moving the files to this share, will Sophos still rename their file extensions?

    Thanks,

    Craig

    :6659
Reply
  • 0

    Hi Christian,

    Thanks for the advice. I thought I had already set that up but upon inspection it was not so.

    I have now set my Antivirus and HIPS scripts to deny and move to a share on my antivirus server for easy administrating of un-cleanable viruses and set my server script to not scan that directory as suggested. This will not compromise my system in anyway will it? In the process of moving the files to this share, will Sophos still rename their file extensions?

    Thanks,

    Craig

    :6659
Children
No Data