Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1178 replies
  • Subscribers 1 subscriber
  • Views 3261225 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is any one else seing this alert - Shh/Updater-B False positives

leftout

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update.exe". Cleanup unavailable. This is trickling in as alerts but at an alarming rate.

:29723


This thread was automatically locked due to age.
Parents
  • 0
    That1TechDude wrote:

    I am also experiencing these issues. I am able to update the SUM and SEC on the server side and some of my machines have removed the items from quaratine. In a rush to stem off an infection, or what I thought was an infection, I deleted files that Sophos flagged yesterday before I knew that this was an error on Sophos's part. I cannot get the update manager on those endpoints to start. I tried running the vb script included in here with no avail. I've done just about everything I can and the shield still doesn't show up. I try to start the Sophos AutoUpdate Server and I get this message:

    Windows could not start the Sophos AutoUpdate Service service on Local Computer

    Error 2: The system cannot find the file specified.

    I went to the KB artice and tried the option where files were deleted. I replaced the files and I still can't get this to start.

    I also tried running the ALMon.exe and I get this error:

    Error loading external resources (0x8007007e).

    And I tried to run the ALUpdater.exe and it said another program is being installed and I need to wait for it to complete. Funny this is that there are no other programs being installed. 

    I am on Win7 64-bit with other client machines on Win7 32-bit

    Help please!!!!

    The behavior you are seeing is consistent with the files still missing. Can I please have you go through the steps again and make sure something wasn't skipped? Also, if you haven't taken steps to prevent redection of the false positive, the files may be getting deleted again as soon as you copy them over.

    :31639
Reply
  • 0
    That1TechDude wrote:

    I am also experiencing these issues. I am able to update the SUM and SEC on the server side and some of my machines have removed the items from quaratine. In a rush to stem off an infection, or what I thought was an infection, I deleted files that Sophos flagged yesterday before I knew that this was an error on Sophos's part. I cannot get the update manager on those endpoints to start. I tried running the vb script included in here with no avail. I've done just about everything I can and the shield still doesn't show up. I try to start the Sophos AutoUpdate Server and I get this message:

    Windows could not start the Sophos AutoUpdate Service service on Local Computer

    Error 2: The system cannot find the file specified.

    I went to the KB artice and tried the option where files were deleted. I replaced the files and I still can't get this to start.

    I also tried running the ALMon.exe and I get this error:

    Error loading external resources (0x8007007e).

    And I tried to run the ALUpdater.exe and it said another program is being installed and I need to wait for it to complete. Funny this is that there are no other programs being installed. 

    I am on Win7 64-bit with other client machines on Win7 32-bit

    Help please!!!!

    The behavior you are seeing is consistent with the files still missing. Can I please have you go through the steps again and make sure something wasn't skipped? Also, if you haven't taken steps to prevent redection of the false positive, the files may be getting deleted again as soon as you copy them over.

    :31639
Children
No Data