Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1178 replies
  • Subscribers 1 subscriber
  • Views 3261319 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is any one else seing this alert - Shh/Updater-B False positives

leftout

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update.exe". Cleanup unavailable. This is trickling in as alerts but at an alarming rate.

:29723


This thread was automatically locked due to age.
Parents
  • 0
    Procopius wrote:

    Sorry if this has been posted before:

    I have written a batch file that:

    1.  Stops the Sophos Anti-Virus service

    2.  Deletes quarantine.xml

    3.  Starts the Sophos Anti-Virus service

    The problem I am having is that my Sophos Enterprise Console does not update to reflect that a particular host no longer has Virus/Spyware detected.  It does update when I manually open Sophos Endpoint Security and Control and clear the file from Quarantine manager.

    Thanks in advance.

    I did the same thing.

    I just finished running it against 75 computers in my environment and not a single one has cleared from the SEC.

    I am going to wait a little bit to see if the server just needs some time to process it.

    If it doesn't clear, a manual acknowledgement may be necessary.

    :31845
Reply
  • 0
    Procopius wrote:

    Sorry if this has been posted before:

    I have written a batch file that:

    1.  Stops the Sophos Anti-Virus service

    2.  Deletes quarantine.xml

    3.  Starts the Sophos Anti-Virus service

    The problem I am having is that my Sophos Enterprise Console does not update to reflect that a particular host no longer has Virus/Spyware detected.  It does update when I manually open Sophos Endpoint Security and Control and clear the file from Quarantine manager.

    Thanks in advance.

    I did the same thing.

    I just finished running it against 75 computers in my environment and not a single one has cleared from the SEC.

    I am going to wait a little bit to see if the server just needs some time to process it.

    If it doesn't clear, a manual acknowledgement may be necessary.

    :31845
Children
No Data