This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Getting email alert but no machines showing as having virus / malware in Enterprise console

Hi we have just installed Sophos Enterprise console 5.2.0.644 (have been using enterprise console 4.5).

Since this has been installed (2 days) we have been getting SAV email alerts for a few machines with the message below, but these machines are showing with a green icon and same as policy in the enterprse console and there are no mahine with alerts at all.

Shouldnt the machine be showing with an alert in the console?

User: NT AUTHORITY\SYSTEM

Scan: On-access

Machine: xxxxx

File "C:\Windows\Temp\TMP00000166B7184A7E24C3AE5D" belongs to virus/spyware 'Mal/VBDrop-G'.

This thread was automatically locked due to age.

Parents

0 QC over 11 years ago

Hello nwblue,

please inspect the clients' logs - the detection should be recorded there. The mail is sent from the clients and the detection might not be sent upstream to SEC. My first thought was blocked download - doesn't usually go to SYSTEM's %TEMP% though. Anyway, the logs should tell more. As for cleaning - just check whether the file is there or not.

Christian
:45175
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 QC over 11 years ago

Hello nwblue,

please inspect the clients' logs - the detection should be recorded there. The mail is sent from the clients and the detection might not be sent upstream to SEC. My first thought was blocked download - doesn't usually go to SYSTEM's %TEMP% though. Anyway, the logs should tell more. As for cleaning - just check whether the file is there or not.

Christian
:45175
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data