Is any one else seing this alert - Shh/Updater-B False positives

Anybody know why I'm not getting the "Update Sophos" Option under SOphos 10.0?

This is how I got this sorted. Appreciate it will not work for everyone:

http://www.mysysadmintips.com/windows/clients/322-sophos-antivirus-false-positive-shh-updater-b

---

ptran wrote:

Anybody know why I'm not getting the "Update Sophos" Option under SOphos 10.0?

---

Are the Sophos Autoupdate services running? Do you have the system tray icon (almon.exe) currently? Where are you expecting to see this option?

---

P-Dogg wrote:

So yesterday, I was able to follow instrcutions and put affected computers under a policy with on-access scanning turned off, then go to Update Computers and it would run the update. Now, after applying the new policy, Update Computers is greyed out. WTF??

---

Sounds like the Sophos Autoupdate services might not be running.

@Nathan

Thanks man for taking the time to respond. I know you must be stupid busy.

It seems that a lot of my machines are not clearing automatically for some reason.

I might have to manually ackowledge. I am assuming that as long as I don't receive a second alert I should be good to go.

@P-Dogg

I had this same issue. I ended up having to push just the Sophos client back out to my clients.

I didn't think to check if the Update Service was running or not. For me, pushing the clients out again wasn't a big deal because I didn't have some of the crazy high number of affected clients others are reporting.

Check the service as @Nathan has mentioned, probably this is your best bet.

Thanks for the response guys. No, the AutoUpdate service is running. I'm resorting to re-protecting as well, but for some reason it's going very slowly on each machine. It's a shame because I fixed about 2200 machines last night with just the updating feature. I have about 800 more to do, and re-protecting seems to be the only way for me to update.

This is really starting to blooooooooooooooooooooooow...

Not one response via email since I replied to my open case from yesterday this morning at 8am.

Waited on hold for 60 mins before getting disconnected.

Have 2 support numbers and both give a busy.

Maybe Sophos could route their phones to Trend-Micro's call center... :smileytongue:

Nathan,

My update server is running but I am having some problems reinstalling to some workstations.  I followed the instructions from the KB article 118311 for cleints that were set to "delete" and it did work on a few but I am getting this error on a few cleints when I try to project the workstation:

Verification of update files failed. The files did not match the manifest.

Can seem to reinstall on these cleints because of this.  Anyone else seeing this error?

we plan on using altiris to push the bat file if you have something like that

Nathan, thank you for staying in the thread. It seems like you may be the only person working at Sophos!

The question below may be off topic but I cannot manage the group without it. My desktop guys are manually touching pc's today due to a pre-exisitng issue with the console and now the false positive snafu.

We have had a case open for a week pertaining to a problem with our console on the server. We have followed the instrcutions from one of your peers but have had little response especially with this new meltdown you guys are having. My console will not open and it seems to be do to not connecting to the DB. The Sophos Management Service on the server will not start. I have tried different credentials and verified the registry settings for the dbuser. I know this is off topic but I can't seemt o get any response from anyone and you may be the only thing keeping me from rescinding our multi-year contract and picking another vendor.

Question: If I install 5.1 on the server on top of 5.0 will it possibly fix the console execution or do I chance losing connectivity to my clients and other bad things?

[#3440045] Error
Starting Enterprise Console