Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 27 subscribers
  • Views 2595 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos InterceptX is showing Threats but not auto cleaning them

Vicky Khan

Hi All,

I am trying to run Sophos Intercept X it is showing as threat detected but not auto cleaning it, even i can browse to the infected file, i dont want to manually delete it as it should be deleted automatically.



This thread was automatically locked due to age.
Parents
  • 0

    Hi Vicky,

    Intercept X is the correct group to raise this - https://community.sophos.com/products/intercept/

    Assuming you ran the malware somehow and an alert [which type of alert was it?] was issued, a Sophos Clean scan is triggered which needs a working internet connection to convict a file which might be a very new malware. 

    We are interested to have a copy of the file submitted. Please let us know the Case ID which gets generated post your sample submission and we'll get to the bottom of this. 

    Thanks,

    Vikas

  • 0 in reply to Vikas

    below was the email i received:

     

    What was detected: Exp/201711882-U

    User associated with device: domainname\username 

    How severe it is: High

    What Sophos has done so far: We attempted to clean up.

    What you need to do: In the Sophos Central Admin console, go to the Alerts page and find the threat alert. Click on the threat name to see details and cleanup advice on the Sophos website. Then go to the affected computer and clean up the threat manually.

     

    it should clean it automatically, there are user who are not good with the computers so manual cleaning is not an option for them.

Reply
  • 0 in reply to Vikas

    below was the email i received:

     

    What was detected: Exp/201711882-U

    User associated with device: domainname\username 

    How severe it is: High

    What Sophos has done so far: We attempted to clean up.

    What you need to do: In the Sophos Central Admin console, go to the Alerts page and find the threat alert. Click on the threat name to see details and cleanup advice on the Sophos website. Then go to the affected computer and clean up the threat manually.

     

    it should clean it automatically, there are user who are not good with the computers so manual cleaning is not an option for them.

Children