Sophos Anti-Virus = 6.5.7
Release status = Full
Threat detection engine = 2.47.0
i received a notification from sophos that Mal/Behav-053 http://www.sophos.com/virusinfo/analyses/malbehav053.html had been found in C:/Documents and Settings\Users\Application Data\BOC424\evidence.boc i would guess that this is a false positive especially given BOC reputation,
My Threat identity files are updated hourly from my workplace and this threat has been protected by sophos since May but my computer only picked up the “threat” in a scan today
i don’t think it is a false-positive… what sophos is flagging is a copy of some malware that BOC has removed, but saved a a copy of, as “evidence.boc”… all that you would have to do to allow the malware to run would be to restore the original file extension…
in BOC’s “configuration”, you can disable the option for “keep copy of trojan as evidence”… otherwise, you have your “copy of trojan”, “evidence.boc”, which sophos is flagging…
