Is any one else seing this alert - Shh/Updater-B False positives

@akurk I have just gone through this process on a network of 20 and I can verify that the applications flagged in Quarantine do still in fact work here in my scenerio. I have done a few random checks on systems and my tests show Flash Player, Java and QuickBooks updater are sitting in Quarantine but all of those applications appear to be functioning fine after I have the FP corrected.

Keep in mind my Cleanup options are set to the defaul to "Deny access only". I did have one user who did a Cleanup in Quarantine himself and ended up deleting the items. This happened to be Sophos files and I did have to "re-protect" that system from SCC.

I am still working on cleaning out the Quarantine issue however... Our server has 218 items in Quarintine at the moment... I have been researching this for about 15 minutes and the only option I see is to deal with it locally - not so bad for me with 20 systems - but I feel sorry for you larger networks out there.

I don't even know if I should leave my SEC/SUM server online tonight.  I'm worried it's going to push the faulty update to the few thousand machines that get turned on in the morning.

I've followed the instructions to remove the faulty fix and got the fixed .ide, but machines have still been deleting files for hours.

Can't get through on the phone.. no response to email.

hey there...

so far, i didn`t find a solution for my problem in this thread (hope i didn`t overlook).

the "update part" of my sophos control center is missing as is the shield icon in the notification tray, so i can`t start any updates. a few pages before it was said running ALMond.exe would fix the problem but it didn`t. it`s running but there is no alsvc.exe at the task manager...

uninstalling with multiple tools (even with one which is provided by my university which has a license for giving sophos out to us students, that`s why i use it) didn`t work, so i don`t have any clue what to do now. doesn`t make it easier i live in a non-english speaking country and lack of computer skills :-/

any ideas what to do?

Repair the sophos update manager installation in add/remove programs. That worked for me... Though I am still have issues running updates on the client side.

---

Jose_D_Rivera wrote:

Repair the sophos update manager installation in add/remove programs. That worked for me... Though I am still have issues running updates on the client side.

---

only option is to remove sophos, no repair :-/

FInd the installation for just SUM and run that. Should then give you a repair option

the problem seems to be i have a german sophos version. i only have two installations: sophos anti-virus and sophos autoupdate. no repair option for both...

or it`s because "my" sophos is provided by my university  which has a license to do so. maybe it`s some kind of downgraded version.

guess i have to wait until it`s morning over here and call the support *sigh* anyway, thanks a bunch^^

is it possible to continu with the main problem. I have 1300 devices with this error and all the devices have the new : ide : javab-jd.ide

But still have the files blocked! It's quite urgent we are an hospital!

Hi Support, my side also having the same issue. Please suggest a way for us to clean it. Thanks.

---

CHU-Brugmann wrote:

is it possible to continu with the main problem. I have 1300 devices with this error and all the devices have the new : ide : javab-jd.ide

But still have the files blocked! It's quite urgent we are an hospital!

---

I am in the same boat. 2000+ Clients. I have our SEC and SUM up and running. I have manually fixed a few workstations (21) by manually running the batch file and then the vbs script and then reinstalling our Meds application because it was targeted by this screw up. Will definitely have a conversation with our rep in the morning only because his phone went straight to VM!

Going to deploy them domain wide in the morning. I am just frustrated with Sophos not providing an Endpoint solution to fix there own mess.