Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 3 subscribers
  • Views 4494 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Enpoint protection on a mac gives the message "Malware not cleaned up: 'DocDl-BBS' at '/'"

JeroenAartse

On some mac clients we get several times a day a malware message. In the cloud we get the message "Malware not cleaned up: 'DocDl-BBS' at '/'".

But when i open the quarantine manager on the client, there is no malware. When i scan (full) the client, it finds nothing. And when i browse the filesystem, i can't find the suspicious files on '/'.

The malware 'DocDl-BBS' is only affected by windows, but we have mac clients. It's possible that the malware is in a deleted mail message, but why does sophos find the malware on '/' and not in '/Users/user/Library/Mail/V2/IMAP-mailbox/...'? We deleted all "deleted" and "send" mail.

How can we solve these messages?



This thread was automatically locked due to age.
Parents
  • 0

    Hello JeroenAartse,

    if you go to the Community home page and type DocDl in the search field you'll get a list of similar posts in other forums. Basically it seems that a mail client is fetching mail with a rogue attachment, the scanner intercepts, the item "disappears" though (don't ask me why and how) along with the path information.
    I know this is not a satisfactory reply (especially why the path information is lost). Book Cook didn't comment on this in his post where he suggested a potential solution

    Christian

Reply
  • 0

    Hello JeroenAartse,

    if you go to the Community home page and type DocDl in the search field you'll get a list of similar posts in other forums. Basically it seems that a mail client is fetching mail with a rogue attachment, the scanner intercepts, the item "disappears" though (don't ask me why and how) along with the path information.
    I know this is not a satisfactory reply (especially why the path information is lost). Book Cook didn't comment on this in his post where he suggested a potential solution

    Christian

Children
No Data
Unfiltered HTML