This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos detecting new updates as threat #3453878

We are seeing several alerts for Sophos detecting the new AutoUpdates as a threat –

Following file and locations-

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files\Sophos\AutoUpdate\ALsvc.exe". Cleanup unavailable.

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\ALUpdate.exe". Cleanup unavailable.

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files (x86)\Sophos\AutoUpdate\inetconn.dll".

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update_64.exe".

Please advise if these needs to be actioned or are legitimate files.

Your Support Numbers are not working !

This thread was automatically locked due to age.

Parents

0 MatthewCary over 13 years ago

roll back your detection definiton version to 1.2.1.161 (the update before the false positive).
Otherwise as more of your network pull the buggy definition from your update server more will be infected.
Once this has blown over you can revert to the reccomended version.
:30359
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 MatthewCary over 13 years ago

roll back your detection definiton version to 1.2.1.161 (the update before the false positive).
Otherwise as more of your network pull the buggy definition from your update server more will be infected.
Once this has blown over you can revert to the reccomended version.
:30359
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data