So this is a two part question. I have a file which I think is very erroniously flagged as malicious. It seems that it flags the exe's and DLLs from the microsoft SFC system in XP. Which is fine, just another false positive and i can whitelist it. However it has now taken to flagging this DLL in a shadow copy system folder. I cannot clean this file, and i would hate to have to whitelist this at some random file path on every computer that has the problem.
So can you let me know, 1) why is the system file checker and assocaited DLL's flagged as malicious, and 2) how can I deal with this shadow copy file that i cannot clean and if i acknowledge, it just gets flagged again 20 minutes later.
The third option is that it is a virus that is on some of my XP machines, but I think its doubtful.
According to this post, http://www.overclock.net/t/1053054/sfc-os-dll-virus-sytem32-file , it can be caused by NLITE and disabiling the SFC system. That may have been done years and years ago. Regardless I want to whitelist this at any path and with any filename. Does sophos not do MD5 hash whitelisting?
This thread was automatically locked due to age.
