Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Subscribers 6 subscribers
  • Views 24610 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

TROJ/DOCDL-RF keeps coming back - help needed!

leonschroder

On my Mac (Yosemite and Sophos 9.2.7) I keep getting the Sophos virus alert for 'troj/docdl-rf'. When I open the quarentine manager the threat gets cleaned up and everything seems fine but it keeps returning. A little while later (hours) I get the same alert again.

I tried clicking 'show in finder' but it does not work,

also the path is not shown.

If I disconnect completely from the network the alert stops. However, on my network there are no servers, just the printer, TimeCapsule (that I have excluded from scans completely to try to find the cause), and two workstations, on and off.

Does anyone have an idea how to solve this problem because itis driving me mad.

Leon 

:1021253


This thread was automatically locked due to age.
Parents
  • 0

    Hey leon,

    • Run the scan that detects the threat
    • Click the Sophos sheild tray icon and select Open Scans...
    • Alt-click the white space next to Scan Now button on the scan you just ran and selet View Scan Log
    • This will open Console.app, and will hopefully show you the path of where the threat is being detected. Feel free to post a screen shot or copy / paste of the output in your reply.  It should look something like this:

    You can also take a look at this article, which gives you details on all the different ways you can remove stubborn malware from your Mac. In your case, I would pay close attention to step #18. 

    :1021261
Reply
  • 0

    Hey leon,

    • Run the scan that detects the threat
    • Click the Sophos sheild tray icon and select Open Scans...
    • Alt-click the white space next to Scan Now button on the scan you just ran and selet View Scan Log
    • This will open Console.app, and will hopefully show you the path of where the threat is being detected. Feel free to post a screen shot or copy / paste of the output in your reply.  It should look something like this:

    You can also take a look at this article, which gives you details on all the different ways you can remove stubborn malware from your Mac. In your case, I would pay close attention to step #18. 

    :1021261
Children
No Data
Unfiltered HTML