Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 3504 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Continually picking up same virus...

Londongirl

Hi Everyone,

this is my first time on here, so apologies if this is in the wrong place...

I would like to get some advice on Sophos (as my IT Dept seem woefully inadequate!)

Have had ongoing virus issues on our network , and recently upgraded our virus system and had sophos installed on the computers.

I know it is continually scanning, but it appear to be picking up the same virus over and over again. Each time the message says that it has been deleted, but then seems to pick it up again.

For example, I had all applications closed, so just sitting in windows, and ran a virus scan. it picked up items and says all were deleted. One file was quarantined, and then cleaned up using the function in Sophos.

Without opening anything, or doing anything at all, I ran another scan. And it picked up the same (or what appeared to be the same) problems in the same places.

How is this possible?

IT were no help at all. Is there a problem with Sophos and it isn't deleting the items properly? Or is there another cause?

It is driving me mad!

Any advice would be gratefully received!

Londongirl (UK)

:1415


This thread was automatically locked due to age.
Parents
  • 0

    Hello, these files are created by the trojan that is on your machine, as soon as you delete the file it will be recreated, you need to find the root cause.

    There will be a program that is running, 1st look in the startup folder. 2nd check all the processes, you are better to use winmsd (from start,run or start, programs, accessories, system information) . Look at all of the processes running, you should find one that stands out, likely to be called msoffice.exe or something that is trying to hide itself as a normal application.

    This will also have embedded itself in your registry so you can also look in HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run then do a search through the registry.

    Unfortunately this type of virus is a pain to remove, you find the source malware that is creating everything else.

    :1437
Reply
  • 0

    Hello, these files are created by the trojan that is on your machine, as soon as you delete the file it will be recreated, you need to find the root cause.

    There will be a program that is running, 1st look in the startup folder. 2nd check all the processes, you are better to use winmsd (from start,run or start, programs, accessories, system information) . Look at all of the processes running, you should find one that stands out, likely to be called msoffice.exe or something that is trying to hide itself as a normal application.

    This will also have embedded itself in your registry so you can also look in HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run then do a search through the registry.

    Unfortunately this type of virus is a pain to remove, you find the source malware that is creating everything else.

    :1437
Children
No Data
Unfiltered HTML