Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1178 replies
  • Subscribers 1 subscriber
  • Views 3261330 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is any one else seing this alert - Shh/Updater-B False positives

leftout

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update.exe". Cleanup unavailable. This is trickling in as alerts but at an alarming rate.

:29723


This thread was automatically locked due to age.
Parents
  • 0
    toddh wrote:
    Azurus wrote:
    AndreLtbg wrote:
    Nathan wrote:
    Procopius wrote:

    Sorry if this has been posted before:

    I have written a batch file that:

    1.  Stops the Sophos Anti-Virus service

    2.  Deletes quarantine.xml

    3.  Starts the Sophos Anti-Virus service

    The problem I am having is that my Sophos Enterprise Console does not update to reflect that a particular host no longer has Virus/Spyware detected.  It does update when I manually open Sophos Endpoint Security and Control and clear the file from Quarantine manager.

    Thanks in advance.

    If you add a restart of the Sophos Agent service to your batch file, that should update the SEC console too.


    I have added the Sophos Agent part to my batch file but the console does not seem to update the virus status of the clients.

    AndreLtbg

    I have had to reboot XP machines to get them to communicate with the console, and then run an update from the console (not from the PC). Depending on which update server they are using. I have found that Windows 7 machines do not require a reboot to communicate their status back to the console.

    Hi,

    I tried the reboot as well and I still do not get the SEC updating.

    I am wondering if there is something in the registry....

    I know sometimes when the SEC shows "A reboot is required...." simply rebooting the computer isn't enough.

    You have to run a registry edit and bounce one of the services and then the error clears.

    I wonder if this is similar situation?

    Make sure that after you reboot them that you are running a manual trigger update from the Console on each machine.

    :31857
Reply
  • 0
    toddh wrote:
    Azurus wrote:
    AndreLtbg wrote:
    Nathan wrote:
    Procopius wrote:

    Sorry if this has been posted before:

    I have written a batch file that:

    1.  Stops the Sophos Anti-Virus service

    2.  Deletes quarantine.xml

    3.  Starts the Sophos Anti-Virus service

    The problem I am having is that my Sophos Enterprise Console does not update to reflect that a particular host no longer has Virus/Spyware detected.  It does update when I manually open Sophos Endpoint Security and Control and clear the file from Quarantine manager.

    Thanks in advance.

    If you add a restart of the Sophos Agent service to your batch file, that should update the SEC console too.


    I have added the Sophos Agent part to my batch file but the console does not seem to update the virus status of the clients.

    AndreLtbg

    I have had to reboot XP machines to get them to communicate with the console, and then run an update from the console (not from the PC). Depending on which update server they are using. I have found that Windows 7 machines do not require a reboot to communicate their status back to the console.

    Hi,

    I tried the reboot as well and I still do not get the SEC updating.

    I am wondering if there is something in the registry....

    I know sometimes when the SEC shows "A reboot is required...." simply rebooting the computer isn't enough.

    You have to run a registry edit and bounce one of the services and then the error clears.

    I wonder if this is similar situation?

    Make sure that after you reboot them that you are running a manual trigger update from the Console on each machine.

    :31857
Children
No Data