Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 4026 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Endpoint does not remove Conficker

IvanildoGalvão

Sophos Endpoint dealer here in my city, in Brazil, also do the installation and configuration in business.

Well, I have realized the console Sophos Conficker several events not removed, this is an old virus, so why Sophos does not remove? What should I do to make it go to remove it?

Please see the attached figure.



This thread was automatically locked due to age.
Parents
  • 0

    Hello Ivanildo Galvão,

    the anti-virus log on the endpoint (%ProgramData%\Sophos\Sophos Anti-Virus\logs\SAV.txt) might have details for the removal error.
    The first error on the screenshot (bottom line, 6/7/2016 9:27:14 AM) predates the current detected item so there was at least one other detection. Do the errors correspond to repeated detections for trz1.tmp or does the error occur without an associated detection (again, SAV.txt will have more details)?

    an old virus
    indeed the analysis for Mal/Conficker-A hasn't been changed since Oct 2011, but as you can see it covers a range of variants. Did you already try the steps in the removal article?

    Christian

Reply
  • 0

    Hello Ivanildo Galvão,

    the anti-virus log on the endpoint (%ProgramData%\Sophos\Sophos Anti-Virus\logs\SAV.txt) might have details for the removal error.
    The first error on the screenshot (bottom line, 6/7/2016 9:27:14 AM) predates the current detected item so there was at least one other detection. Do the errors correspond to repeated detections for trz1.tmp or does the error occur without an associated detection (again, SAV.txt will have more details)?

    an old virus
    indeed the analysis for Mal/Conficker-A hasn't been changed since Oct 2011, but as you can see it covers a range of variants. Did you already try the steps in the removal article?

    Christian

Children
Unfiltered HTML