This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is any one else seing this alert - Shh/Updater-B False positives

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update.exe". Cleanup unavailable. This is trickling in as alerts but at an alarming rate.

This thread was automatically locked due to age.

Parents

0 LINCK over 13 years ago

Hello Sophos
The big troubble is that the false positive malware has deleted files detected when the on-access has configured to delete the file.
In this case the Sophos Auto-Update has damaged and is impossible recovery easyly.
I things that one Sophos Utility designed to reinstall the Sophos Auto-Update and execute an upgrade inmeditelly in the affected machines was help to solve this troubble.
Maybe, this utility too will be work executing manually, automatically from AD or remotelly with some tool as psexec.
The other action to next days is include options to Denied access to all Sophos components to block this fails or the malware attack.
Regards
Linck Tello Flores
INNOVARE
www.innovare.pe
:31045
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 LINCK over 13 years ago

Hello Sophos
The big troubble is that the false positive malware has deleted files detected when the on-access has configured to delete the file.
In this case the Sophos Auto-Update has damaged and is impossible recovery easyly.
I things that one Sophos Utility designed to reinstall the Sophos Auto-Update and execute an upgrade inmeditelly in the affected machines was help to solve this troubble.
Maybe, this utility too will be work executing manually, automatically from AD or remotelly with some tool as psexec.
The other action to next days is include options to Denied access to all Sophos components to block this fails or the malware attack.
Regards
Linck Tello Flores
INNOVARE
www.innovare.pe
:31045
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data