The Sophos Community will be offline for scheduled maintenance this Saturday, May 27th, at 13:00 UTC for approximately 1 hour. Apologies for any inconvenience caused.
"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
The Sophos Diagnostic Utility (SDU) features a malware switch that collects vital system information that could indicate malware.
The following instructions describe how to run the tool and send the results to Sophos Technical Support.
Note: The malware switch can only be used when the SDU tool is run from a command line.
cd "C:\Program Files\Sophos\Sophos Diagnostic Utility"
cd "C:\Program Files (x86)\Sophos\Sophos Diagnostic Utility"
Click on Start | Run | Type: %temp%\SDU | Press return. All the Diagnose archives will be located here, be sure to use the most recently created file
The SDU archive contains multiple XML files and text files to assist with finding malware.
In addition to the XML and text files the SDU tool also collects the Sophos Anti-Virus log SAV.txt which will show all current and previous detections on the computer. Note: Suspected items of malware should be submitted to the SophosLabs for analysis. Below is a list of some of the files that are collected by the SDU tool and a brief explanation of what each contains:
To help identify a malicious program here are some tips:
C:\Documents & Settings\[Username]\Temp
Tutti i commenti qui inseriti vengono letti (dal team di supporto), ma non verranno inviate risposte specifiche ad alcun quesito tecnico. Nel caso richiediate supporto tecnico, vi invitiamo a postare il vostro quesito nella nostra community. Altrimenti, se la richiesta di supporto riguarda un prodotto con licenza, vi invitiamo ad aprire un ticket per il team di supporto.