Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 22 replies
  • Subscribers 1 subscriber
  • Views 27307 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos detecting new updates as threat #3453878

Gaurav

We are seeing several alerts for Sophos detecting the new AutoUpdates as a threat –

Following file and locations-

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files\Sophos\AutoUpdate\ALsvc.exe". Cleanup unavailable.

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\ALUpdate.exe". Cleanup unavailable.

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files (x86)\Sophos\AutoUpdate\inetconn.dll".

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update_64.exe".

Please advise if these needs to be actioned or are legitimate files.

Your Support Numbers are not working !

:30183


This thread was automatically locked due to age.
Parents
  • 0

    If you have set the policy to move or delete the file then you are stuffed.

    I have tried everything and this is not looking pretty.

    Enterprise Console cannot update, even after removing the agen-xqv.ide file, restarting the services etc.

    The updates are not working.

    The fixes are not working

    I have 500 orphaned PC's that are unable to contact the server that are getting false positive pop-ups all the f**king time.

    This is insane.

    I'm recommending to the business owners that I know to drop Sophos.

    A fix was required hours ago, now they have no activity in the forums?

    Sophos, PM me or e-mail me when you've got a solution. You can remote in and fix it.

    What a joke!

    :31077
Reply
  • 0

    If you have set the policy to move or delete the file then you are stuffed.

    I have tried everything and this is not looking pretty.

    Enterprise Console cannot update, even after removing the agen-xqv.ide file, restarting the services etc.

    The updates are not working.

    The fixes are not working

    I have 500 orphaned PC's that are unable to contact the server that are getting false positive pop-ups all the f**king time.

    This is insane.

    I'm recommending to the business owners that I know to drop Sophos.

    A fix was required hours ago, now they have no activity in the forums?

    Sophos, PM me or e-mail me when you've got a solution. You can remote in and fix it.

    What a joke!

    :31077
Children
No Data