Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 6854 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos fails to delete JavaDI-CH

quieselkopf

Hello,

I have a virus detected by Sophos for quite some time now. It's the JavaDI-CH Trojan and it's located in a \\.\GLOBALROOT\Device\...\harddiskVolumeShadowCopy\..\ folder.

However Sophos can't delete or move the file and when trying to manually accessing the file I am told that the network path was not found.

My PC is part of the universitiy network and I am not quite sure what to do here.

Any tips? 

:15613


This thread was automatically locked due to age.
Parents
  • 0

    Hi Quieselkopf,

    It is often easy enough to identify the true location on disk

    instead of;

    \\.\GLOBALROOT\Device\...\harddiskVolumeShadowCopy\..\ folder

    it will be

    C:\folder

    Having identified the location :

    Clear from list within the Quarantine Manager for the detection.

    Do a right click scan of the folder the file is in and redetection should occur with the true file path

    Action cleanup if available

    If clean up is not available then raise a ticket with Sophos Support.

    :15639
Reply
  • 0

    Hi Quieselkopf,

    It is often easy enough to identify the true location on disk

    instead of;

    \\.\GLOBALROOT\Device\...\harddiskVolumeShadowCopy\..\ folder

    it will be

    C:\folder

    Having identified the location :

    Clear from list within the Quarantine Manager for the detection.

    Do a right click scan of the folder the file is in and redetection should occur with the true file path

    Action cleanup if available

    If clean up is not available then raise a ticket with Sophos Support.

    :15639
Children
No Data