Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 9 replies
  • Answers 1 answer
  • Subscribers 10 subscribers
  • Views 37063 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Troj/DocDrop-TJ

Morten Ryberg

Hi Guys,

I´m using Sophos anti virus Home edition 9.6.1.

For the last couple of months, I get a "Threat detected by Sophos" message for every scan I make.

It reads: `virus/spywarre` Troj/docDrop-TJ has been detected and moved to quarantine.

I then open the quarantine manager, and can see several thousand (!) locations.

The pathname is almost the same for all of them:
/user/mortenryberg/desktop/sophos/scan_003_6309024125.doc_1_1_4

The next one reads:
/user/mortenryberg/desktop/sophos/scan_003_6309024125.doc_1_1_4_1 and so on and on

I then manually delete all the files in:
/user/mortenryberg/desktop/sophos/

I empty my Thrash bin afterwards.

Then in my next scan, the same happens.....

Can any one tell me whats going on, since I can't get ride of the malware? Where can I find the path to the original source of the malware, so I can delete it?



This thread was automatically locked due to age.
Parents
  • 0

    Hi Morten,

    That is quite odd behaviour to be honest, I am going to need some more informatuon.

    If you go to c:/programdata/sophos/Sophos antivirus/logs

    You should find a sav.txt log file. Can you open that and find one of these detections listed. Then copy and paste about 10 lines from the log before and after the detection and paste them on here for me to take a look please.

  • 0 in reply to PeterM

    Hi Peter, thx for answering!

    I´m on a mac, so where should I look for the log?

    I did  a search for sav.txt but got nothing.

    I dont have the "show scan log" option prop because a use the free version.

Reply Children
Unfiltered HTML