Advice Request Is my pc hacked or these is false positive ?(alert Sophos beta antivirus)

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

XxX Legolas XxX

Level 3
Thread author
Verified
Well-known
Sep 20, 2016
116
I install Sophos home beta and I opet internet explorer 11 Sophos beta pop-up.
What will I do ?
 

Attachments

  • Sophos home beta.jpg
    Sophos home beta.jpg
    202.9 KB · Views: 933
  • Sophos home beta.txt
    10.3 KB · Views: 422
  • Like
Reactions: AtlBo

XxX Legolas XxX

Level 3
Thread author
Verified
Well-known
Sep 20, 2016
116
I scan with Hitman Pro,Adwclener,Zemana,Sophos and 2nd option scanners and they sow pc is clean. These is alert from Hitman Pro alert
Safe Browsing detected browser Internet Explorer has been compromised it is build in new Sophos home and it pop-up
CryptoGuard detected ransomware in IObitUninstaler ??? These is two big infection.

I will post on Sophos forum.
 

Parsh

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Dec 27, 2016
1,480
I scan with Hitman Pro,Adwclener,Zemana,Sophos and 2nd option scanners and they sow pc is clean. These is alert from Hitman Pro alert
Safe Browsing detected browser Internet Explorer has been compromised it is build in new Sophos home and it pop-up
CryptoGuard detected ransomware in IObitUninstaler ??? These is two big infection.

I will post on Sophos forum.
I'm not sure about detection of IObit Uninstalle, but that can be an FP considering the functionality of the app. Also many IObit products are commonly flagged as PUPs.
If Safe Browsing says that browser is compromised, it can be a change in the default configuration of Internet Explorer like homepage/search engine change/trackers or a similar hijacking. It can probably be more serious.
However, it's not possible to inspect and decide about it fully without more details.
 

XxX Legolas XxX

Level 3
Thread author
Verified
Well-known
Sep 20, 2016
116
I'm not sure about detection of IObit Uninstalle, but that can be an FP considering the functionality of the app. Also many IObit products are commonly flagged as PUPs.
If Safe Browsing says that browser is compromised, it can be a change in the default configuration of Internet Explorer like homepage/search engine change/trackers or a similar hijacking. It can probably be more serious.
However, it's not possible to inspect and decide about it fully without more details.

What details you need to inspect and decide ?
 
  • Like
Reactions: frogboy

Parsh

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Dec 27, 2016
1,480
What details you need to inspect and decide ?
I went through some threads at Sophos reporting the same issue and what I get is that a lot of new users (Sophos newly installed on PC) are facing this alert for Internet Explorer and its not resolved officially.
Some user looked into this and confirmed that for him, disabling some add-ons (quite some 3rd party apps install or modify your IE settings or install plugins, of theirs or of their sponsors) helped.
This basically looks like Sophos is warning about some unusual or potentially unwanted start page/ settings modification or tracking add-ons (many add-ons have tracking features) in IE 11. And this shouldn't be an issue to worry about. The air at Sophos Community tags it as FP (ie. not some critical issue/tampering).

I suggest that you run Kaspersky System Checker and resolve any potential IE vulnerabilities. Remember that this won't automatically solve detections but find vulnerabilities for you to resolve, if any.
Also, you could try a Zemana Anti-malware scan. This should detect any likely hijackings/PUPs/unwanted modifications.
 
  • Like
Reactions: XxX Legolas XxX

Parsh

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Dec 27, 2016
1,480
Alternatively, you can disable IE completely from 'Program and Features' in Control Panel.
Otherwise, you can try adding it to exceptions in Exploit settings of Sophos, though that ain't recommendable in the long term.
 
  • Like
Reactions: XxX Legolas XxX
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top