Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1178 replies
  • Subscribers 1 subscriber
  • Views 3260763 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is any one else seing this alert - Shh/Updater-B False positives

leftout

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update.exe". Cleanup unavailable. This is trickling in as alerts but at an alarming rate.

:29723


This thread was automatically locked due to age.
  • 0

    This process has been confirmed here.

    Machines updated, alerts/errors have not returned.

    Seems "On-Access Scanning" was the culprit preventing the machines from updating...including the update server.  Once disabled, everything started flowing through okay.

    Aside from the error happening in the first place, thanks and kudos to all who contributed to this fix.

    :30567
  • 0

    Hey thank you very much. I figured if I had information that would help everyone with this headache, why not share the love. I'm glad it helped you, made my day!

    :30569
  • 0

    Thanks for the fix but is anyone getting "Unkown" under update field?

    Do the machines need a reboot?

    Sorry if I have missed something as it is getting late in the UK :-)

    :30571
  • 0

    I got the console to update with your help, and i tried to push the update to all the pc's, and then acknowledge the error, but I'm still getting re-occuring desktops saying they've infected, and they say "failed to install savxp: An unknown exception has occured." Tried rebooting a couple pc's but i don't think that has done anything.

    :30573
  • 0

    What to do with the quarantined files if not deleted or moved ???

    swi_update.exe

    SingleGUIPlugin.dll

    inetconn.dll

    ALsvc.exe

    :30575
  • 0

    LukeMurphy, I tried your steps, but only with mixed success.

    For some reason, not all machines would accept the updated policy (with on access disabled). When I logged into these, almon.exe had also crashed, coincidentally (?)

    I had to manually disable on access scanning, update, re-enable on access scanning, and then no more errors.

    Also, for me, the local quarantine was not cleared.

    :30577
  • 0

    Still can't get the services to start.

    Sophos Update Manager Service

    Runtime Error

    Program: c:\program files\sophos\update manager\sumservice.exe

    This application has requested the runtime to terminate it in an unusual way.

    Please contact the application's support team for more information.

    :30579
  • 0

    >Run the update manager on the server and check for an update.

    Just get "software delivery failed" when try to run update.

    :30581
  • 0

    One of my employees deleted files in quarantine. Not sure what that will do?

    Another workstation completely froze up and will not restart. Any ideas?
    Help!

    :30583
  • 0

    I cant even log into my server to try any fixes!! I just shut it down and upped its hardware stats and it is still not logging in. I guess I will just have to wait until it decides to fully load! :smileymad:

    :30585