I've been noticing recurring evidence of a virus/spyware in the Sophos logs called Troj/MDrop-EJU. Sophos is unable to clean, however it states that the infection was successfully blocked, however I see remnants of the virus behaviour continuing. In this case, this virus creates link files on share drives, and I see computers that connect to those shares also pop up in Sophos logs as being blocked.
Should this be something of concern or is it enough to accept that Sophos is actively blocking this infection? If it is being blocked successfully, why are there files still being create from the virus? Thanks all.
This thread was automatically locked due to age.
