This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

File detected as malicious after weeks

Hi all,

Just wondering if anyone can give me some info on what might have happened here:

Two users download a .zip email attachment, browse contents and decide that since it is an unexpected attachment from an unknown email, they will just ignore it.
The file remains in the Downloads folder of there devices for nearly 2 weeks until one day Sophos decides it is malicious and alerts us to it.
The malware was detected, so I triggered a scan of the devices and spoke to the users about the file.
On the first device it took 57 minutes for the malware to be cleaned up by Sophos and on the second device it took 1 hour and 50 minutes! During this time the file remained accessible in the Downloads folder

My main concerns are:

  1. Why might the file have been on the devices for so long without being detected as malware and what could have made Sophos suddenly decide it was malicious?
  2. Why did it take so long for Sophos to clean up the malware and should it not have quarantined the file until it was cleaned up?

This thread was automatically locked due to age.