This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

W32/Small.CA

Hello

in our enterprse we work with SEC5 and Enpoint 10.0.2, on Win7 enterprise 64b

Recently we got several workplaces where we get the message from Windows ActionCenter, that a (well known) virus was found and must be removed. This is called W32/Small.CA.

Question is now, why does Sophos not detect this threat ? When doing a full system scan, nothing is found.

Best regards

Marco

This thread was automatically locked due to age.

Parents

0 QC over 13 years ago

Hello Frank-Michael ,
same question: Do you have an idea where the threat is detected? I assume you are running Windows Defender (WAC is not a scanner, just the messenger). Defender logs (AFAIK) to the System and Application event logs and %ProgramData%\Microsoft\Windows Defender\Support.
Without a sample no AV vendor can tell whether it's a false positive or not - and if it is, no vendor other than Microsoft can fix it. And without a "working sample" (i.e. one that triggers reliably the alert) or the responsible party's statement no one else will be able to tell you that it has been fixed.
Christian
:23051
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 QC over 13 years ago

Hello Frank-Michael ,
same question: Do you have an idea where the threat is detected? I assume you are running Windows Defender (WAC is not a scanner, just the messenger). Defender logs (AFAIK) to the System and Application event logs and %ProgramData%\Microsoft\Windows Defender\Support.
Without a sample no AV vendor can tell whether it's a false positive or not - and if it is, no vendor other than Microsoft can fix it. And without a "working sample" (i.e. one that triggers reliably the alert) or the responsible party's statement no one else will be able to tell you that it has been fixed.
Christian
:23051
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data