On-Premise Endpoint

Sophos Endpoint Software Question on Acknowledge and Clean up of Viruses

On-Premise Endpoint requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 1 reply
Subscribers 1 subscriber
Views 2086 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Question on Acknowledge and Clean up of Viruses

Arjun786 over 14 years ago

Hi Sophos Support Team,

I have a three questions on Acknowlege and Clean up

Is is safe to Acknowledge viruses which show the message " None of the Alerts can be cleaned up"?
In some cases, the virus is not actually present in the endpoint but appears on the console, why? Does it get deleted in a very short time period of events and hence the System is still searching for the deleted file?
For issues similar to the previous question, if the acknowledge has been given and if the virus is actually present without the administrator checking the endpoint, would be virus appear back on the console?

Thank you.

Regards

Arjun.

This thread was automatically locked due to age.

Parents

0 wickedkittenz over 14 years ago

Hi Arjun786
When you acknowledge threats:
If the threat is still on the machine they will come back into the console automatically.
Some threats require full systems scan - which you can acknowledge, run a full system scan on the machine and see if it returns.
you should then be able to clean it up
: else go to the machine and see what is infected (might be windows processes if its a scribble or likewise PE Infector threat ) see if the user has rights, and where the threat is residing (Maybe system restore)
Some threats you wont be able to clean up, so you have to acknowledge them - like threats from CD'.
Burn the disc if you can get hold of it. :)
If threats say they are not cleanable there is a reason similar to the 2nd point (what, where and who)
That’’’’s why scheduled scans are very important, they will do the full system scans to make sure nothing 'dormant' is on the machines.
Hope this adds more insight to the cleanup process
:)
:16457
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 wickedkittenz over 14 years ago

Hi Arjun786
When you acknowledge threats:
If the threat is still on the machine they will come back into the console automatically.
Some threats require full systems scan - which you can acknowledge, run a full system scan on the machine and see if it returns.
you should then be able to clean it up
: else go to the machine and see what is infected (might be windows processes if its a scribble or likewise PE Infector threat ) see if the user has rights, and where the threat is residing (Maybe system restore)
Some threats you wont be able to clean up, so you have to acknowledge them - like threats from CD'.
Burn the disc if you can get hold of it. :)
If threats say they are not cleanable there is a reason similar to the 2nd point (what, where and who)
That’’’’s why scheduled scans are very important, they will do the full system scans to make sure nothing 'dormant' is on the machines.
Hope this adds more insight to the cleanup process
:)
:16457
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data