Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 9 subscribers
  • Views 3245 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Malware FakeAV-Jo Keeps Showing Up

Lynn M

PC Windows 10

I'll receive a windows pop-up notification to the side that Sophos has detected malware/fakeav-jo and moved it to quarantine. When I open Sophos I see the file briefly in quarantine before it disappears by itself. 

 

The pop-up notification of this malware keeps appearing at least 5x in a row with the same message. These episodes also happen about twice a month. What's going on here?



This thread was automatically locked due to age.
Parents
  • 0

    Hello Lynn M,

    briefly in quarantine before it disappears
    this is normal. When automatic cleanup is enabled and a threat is cleanable a cleanup routine is dispatched. Depending on the threat it might perform a simple action like deleting the file, do some additional specific scanning, or even decide that a full scan is required. A file appears in QM immediately after detection, once cleanup is successful it will disappear.

    5x in a row with the same message
    an important pice of information is the file's path, it might give a hint which application is responsible. Likely the detection is on write and the application (e.g. Dropbox sync) might check whether the file has been successfully written and retry a few times.

    What's going on here?
    Hard to say from the outside without more information. If you have no idea why it happens about twice a month the Source Of Infection tool might help to find the culprit.

    Christian

Reply
  • 0

    Hello Lynn M,

    briefly in quarantine before it disappears
    this is normal. When automatic cleanup is enabled and a threat is cleanable a cleanup routine is dispatched. Depending on the threat it might perform a simple action like deleting the file, do some additional specific scanning, or even decide that a full scan is required. A file appears in QM immediately after detection, once cleanup is successful it will disappear.

    5x in a row with the same message
    an important pice of information is the file's path, it might give a hint which application is responsible. Likely the detection is on write and the application (e.g. Dropbox sync) might check whether the file has been successfully written and retry a few times.

    What's going on here?
    Hard to say from the outside without more information. If you have no idea why it happens about twice a month the Source Of Infection tool might help to find the culprit.

    Christian

Children
Unfiltered HTML