Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1178 replies
  • Subscribers 1 subscriber
  • Views 3260785 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is any one else seing this alert - Shh/Updater-B False positives

leftout

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update.exe". Cleanup unavailable. This is trickling in as alerts but at an alarming rate.

:29723


This thread was automatically locked due to age.
Parents
  • 0

    This worked for us:

    1. Sophos server couldn’’’’t update as the updater was located in an “infected” directory so when updater was accessed it was quarantined immediately – causing updating to fail. YIKES!
    2. Solution: I disabled on access scanning in the default policy (affecting everyone including sophos server) and was able to update the SOPHOS server immediately.
    3. Sophos server was now up to date and workstation updating should work (as on access scanning was disabled by the default policy change).
    4. We will enable On access scanning once we stabilize.

    Sophos server version is showing as 1.3.2.176 and reports:

    Using detection data version 4.81G (detection engine 3.35.1). This version can detect 3991863 items in AV Log.

    :30593
Reply
  • 0

    This worked for us:

    1. Sophos server couldn’’’’t update as the updater was located in an “infected” directory so when updater was accessed it was quarantined immediately – causing updating to fail. YIKES!
    2. Solution: I disabled on access scanning in the default policy (affecting everyone including sophos server) and was able to update the SOPHOS server immediately.
    3. Sophos server was now up to date and workstation updating should work (as on access scanning was disabled by the default policy change).
    4. We will enable On access scanning once we stabilize.

    Sophos server version is showing as 1.3.2.176 and reports:

    Using detection data version 4.81G (detection engine 3.35.1). This version can detect 3991863 items in AV Log.

    :30593
Children
No Data