Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 9608 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Block Applications

DiceVTwo

Hi,

First of all, I am privilege and thankful for being with Sophos Community.

Our company is an Advertising Company which specializes in Big LED Screen and we also have a Programming Department for creating our own software in RFID and Digital Signage Software.

We are using Sophos Endpoint Security and Control v. 10.0 as our company's Anti Virus and some of our developers are experiencing problems in installing software applications requirements for their programming projects, some of the applications that is used by our LED team is also blocked such as PLC application and SCALA software.

How can we know or where can we find the status of the all our applications if they are really blocked by Sophos or not?

Is there any way to allow some application to run freely without Sophos blocking it?

Thanks for your kind response,

Dice

:46313


This thread was automatically locked due to age.
  • 0

    Hi,

    The action you take really depends on what is being detected.

    Do you have a sav.txt file from one of these computers?  

    You can find it typically under:

    C:\ProgramData\Sophos\Sophos Anti-Virus\logs\

    as SAV.txt.  

    If it's not too big you can post it here.  This should have the names of the items detected but you make like to double check first before uploading it.

    Regards,

    Jak

    :46321
  • 0

    Hi Jak,

    Sorry for the late reply.

    This is one of the SAV.txt file I have but i don't see any application that is blocked. Most of it are virus. This is incomplete since message cannot exceed 20,000 characters.

    ...20140107 082232    Virus/spyware 'W32/Brontok-D' has been detected in "\\192.168.2.252\Shared Folder\Data OTHER.exe". Cleanup unavailable.
    20140107 082232    Virus/spyware 'W32/Brontok-D' has been detected in "\\192.168.2.252\Shared Folder\Shared Folder.exe". Cleanup unavailable.
    20140107 082232    Infected file "\\192.168.2.252\Shared Folder\Data OTHER.exe" has been deleted.
    20140107 082232    Infected file "\\192.168.2.252\Shared Folder\Shared Folder.exe" has been deleted.
    20140107 082232    Scanning "\\192.168.2.252\Shared Folder\Shared Folder.exe" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140107 082232    File "\\192.168.2.252\Shared Folder\Shared Folder.exe" belongs to virus/spyware 'W32/Brontok-D'.
    20140107 082232    On-access scanner has denied access to location "\\192.168.2.252\Shared Folder\Shared Folder.exe" for user L-DC_CELADINA\ZAC CELADINA
    20140107 082232    Scanning "\\192.168.2.252\Shared Folder\Shared Folder.exe" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140107 082232    File "\\192.168.2.252\Shared Folder\Shared Folder.exe" belongs to virus/spyware 'W32/Brontok-D'.
    20140107 082232    On-access scanner has denied access to location "\\192.168.2.252\Shared Folder\Shared Folder.exe" for user L-DC_CELADINA\ZAC CELADINA
    20140107 082232    Scanning "\\192.168.2.252\Shared Folder\Data OTHER.exe" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140107 082232    Virus/spyware 'W32/Brontok-D' has been detected in "\\192.168.2.252\Shared Folder\Data OTHER.exe".
    20140107 082232    On-access scanner has denied access to location "\\192.168.2.252\Shared Folder\Data OTHER.exe" for user L-DC_CELADINA\ZAC CELADINA
    20140107 082711    Scanning "\\192.168.2.25\Shared Folder\Shared Folder.exe" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140107 082711    File "\\192.168.2.25\Shared Folder\Shared Folder.exe" belongs to virus/spyware 'W32/Brontok-D'.
    20140107 082711    On-access scanner has denied access to location "\\192.168.2.25\Shared Folder\Shared Folder.exe" for user L-DC_CELADINA\ZAC CELADINA
    20140107 234735    Using detection data version 4.96G (detection engine 3.48.0). This version can detect 6152278 items.
    20140107 234736    User (NT AUTHORITY\LOCAL SERVICE) has started on-access scanning for this machine.
    20140107 235354    User (NT AUTHORITY\SYSTEM) has stopped on-access scanning for this machine.
    20140107 235404    Using detection data version 4.96G (detection engine 3.48.0). This version can detect 6152316 items.
    20140107 235405    User (NT AUTHORITY\SYSTEM) has started on-access scanning for this machine.
    20140108 002043    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140108 002047    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140108 044918    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140108 045327    User (NT AUTHORITY\SYSTEM) has stopped on-access scanning for this machine.
    20140108 045330    Using detection data version 4.96G (detection engine 3.48.0). This version can detect 6152326 items.
    20140108 045331    User (NT AUTHORITY\SYSTEM) has started on-access scanning for this machine.
    20140108 055829    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140108 060108    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140108 064207    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140108 075620    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140108 081337    User (NT AUTHORITY\SYSTEM) has stopped on-access scanning for this machine.
    20140108 081345    Using detection data version 4.96G (detection engine 3.48.0). This version can detect 6152342 items.
    20140108 081345    User (NT AUTHORITY\SYSTEM) has started on-access scanning for this machine.
    20140108 085214    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140108 110330    User (NT AUTHORITY\SYSTEM) has stopped on-access scanning for this machine.
    20140108 110333    Using detection data version 4.96G (detection engine 3.48.0). This version can detect 6152359 items.
    20140108 110333    User (NT AUTHORITY\SYSTEM) has started on-access scanning for this machine.
    20140108 121030    Using detection data version 4.96G (detection engine 3.48.0). This version can detect 6152359 items.
    20140108 121030    User (NT AUTHORITY\LOCAL SERVICE) has started on-access scanning for this machine.
    20140108 234351    Using detection data version 4.96G (detection engine 3.48.0). This version can detect 6152359 items.
    20140108 234351    User (NT AUTHORITY\LOCAL SERVICE) has started on-access scanning for this machine.
    20140108 235009    User (NT AUTHORITY\SYSTEM) has stopped on-access scanning for this machine.
    20140108 235016    Using detection data version 4.96G (detection engine 3.48.0). This version can detect 6152409 items.
    20140108 235018    User (NT AUTHORITY\SYSTEM) has started on-access scanning for this machine.
    20140109 004217    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 011545    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 013943    Using detection data version 4.96G (detection engine 3.48.0). This version can detect 6152409 items.
    20140109 013944    User (NT AUTHORITY\LOCAL SERVICE) has started on-access scanning for this machine.
    20140109 023535    User (NT AUTHORITY\SYSTEM) has stopped on-access scanning for this machine.
    20140109 023538    Using detection data version 4.96G (detection engine 3.48.0). This version can detect 6152411 items.
    20140109 023540    User (NT AUTHORITY\SYSTEM) has started on-access scanning for this machine.
    20140109 024432    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 024633    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 024633    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 030023    Using detection data version 4.96G (detection engine 3.48.0). This version can detect 6152411 items.
    20140109 030024    User (NT AUTHORITY\LOCAL SERVICE) has started on-access scanning for this machine.
    20140109 053217    User (NT AUTHORITY\SYSTEM) has stopped on-access scanning for this machine.
    20140109 053223    Using detection data version 4.96G (detection engine 3.48.0). This version can detect 6152420 items.
    20140109 053224    User (NT AUTHORITY\SYSTEM) has started on-access scanning for this machine.
    20140109 061704    Scanning "Boot record, drive H:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 062533    Scanning "Boot record, drive H:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 062534    Scanning "Boot record, drive H:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 062921    Scanning "Boot record, drive H:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 064203    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 064424    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 064429    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 064429    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 064430    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 064433    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 064434    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 064437    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 064440    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 064442    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 064705    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 064721    Scanning "Boot record, drive H:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 070110    Scanning "Boot record, drive H:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 081206    User (NT AUTHORITY\SYSTEM) has stopped on-access scanning for this machine.
    20140109 081214    Using detection data version 4.96G (detection engine 3.48.0). This version can detect 6152425 items.
    20140109 081216    User (NT AUTHORITY\SYSTEM) has started on-access scanning for this machine.
    20140109 082553    Scanning "Boot record, drive J:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140109 235514    Using detection data version 4.96G (detection engine 3.48.0). This version can detect 6152425 items.
    20140109 235514    User (NT AUTHORITY\LOCAL SERVICE) has started on-access scanning for this machine.
    20140110 000133    User (NT AUTHORITY\SYSTEM) has stopped on-access scanning for this machine.
    20140110 000138    Using detection data version 4.96G (detection engine 3.48.0). This version can detect 6152480 items.
    20140110 000139    User (NT AUTHORITY\SYSTEM) has started on-access scanning for this machine.
    20140110 003528    Scanning "Boot record, drive H:" returned SAV Interface error 0xa0040210: The file could not be accessed.
    20140110 003537    Scan 'Right-Click Scan' started.
    20140110 003628    Scanning "H:\EUODOO MEDICAL SSC\Application\AVG ANTI VIRUS 2011\avg_free_x86_all_2011_1136a3181.exe" returned SAV Interface error 0xa0040212: The file is encrypted.
    20140110 003628    Scanning "H:\EUODOO MEDICAL SSC\Application\AVG ANTI VIRUS 2011\avg_free_x86_all_2011_1136a3181.exe" returned SAV Interface error 0xa0040212: The file is encrypted.
    20140110 003628    Scanning "H:\EUODOO MEDICAL SSC\Application\AVG ANTI VIRUS 2011\avg_free_x86_all_2011_1136a3181.exe" returned SAV Interface error 0xa0040212: The file is encrypted.
    20140110 003845    Scan 'Right-Click Scan' completed.
    20140110 003845    Summary of results for scan 'Right-Click Scan':
            Items scanned: 1230
            Errors: 3
            Items quarantined: 0
            Items dealt with: 0

    Regards,

    Dice

    :46427
  • 0

    Our Sophos support visited us and shared us some of the feature of Sophos AV.

    Thanks for the initial response. Cheers!

    -: Topic Closed :-

    :46489