Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1178 replies
  • Subscribers 1 subscriber
  • Views 3261506 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is any one else seing this alert - Shh/Updater-B False positives

leftout

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update.exe". Cleanup unavailable. This is trickling in as alerts but at an alarming rate.

:29723


This thread was automatically locked due to age.
Parents
  • 0
    Alphateam wrote:

    I cannot get through to tech support. I have gotten hung up on MANY times. When I add my name to be called back, the calls never come. I have been trying since 8am today to talk to someone in support.

    Can I just create a new Sophos server and push out the current client? Will the new client and settings replace any of the clients that are broken?

    First, I apologize for the difficulty you are having reaching support. I can assure you that nobody is being intentionally hung up on, however our phone system is under incredible load right now and has dropped a few unfortunate callers. Please try again if answers to your questions aren't easily found in the articles that have been released to assist with this issue.

    Creating a new Sophos server and reprotecting is going to be more work then remediating your current environment. Further, reprotecting endpoints will likely fail if you are still getting false positives as the new files pushed to the endpoints will be deleted again. Please work through the steps in Advisory KBA and if you hit a snag, post back here and I or someone else may be able to provide you an answer to get you going again.

    :32369
Reply
  • 0
    Alphateam wrote:

    I cannot get through to tech support. I have gotten hung up on MANY times. When I add my name to be called back, the calls never come. I have been trying since 8am today to talk to someone in support.

    Can I just create a new Sophos server and push out the current client? Will the new client and settings replace any of the clients that are broken?

    First, I apologize for the difficulty you are having reaching support. I can assure you that nobody is being intentionally hung up on, however our phone system is under incredible load right now and has dropped a few unfortunate callers. Please try again if answers to your questions aren't easily found in the articles that have been released to assist with this issue.

    Creating a new Sophos server and reprotecting is going to be more work then remediating your current environment. Further, reprotecting endpoints will likely fail if you are still getting false positives as the new files pushed to the endpoints will be deleted again. Please work through the steps in Advisory KBA and if you hit a snag, post back here and I or someone else may be able to provide you an answer to get you going again.

    :32369
Children
No Data