This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Anyone seeing zFP-xxxx?

ITGal1967 over 12 years ago

I have searched the knowledge base and could not find any information other that this was to alert other than knowledge base id 118379. I ran the bat on the server (it is the one that has the SEC) and produced the text file:

SQL server instance name: (local)\SOPHOS

Database name: SOPHOS50

Fetching list of files that have been moved or deleted by the false positive ...

<domain>\<servername>; Moved; C:\Program Files (x86)\Sophos\AutoUpdate\ALUpdate.exe

However when I browsed to that folder, the ALUpdate.exe file was still there. Considering I spent significant time dealing with the Ssh/Update-B false positive, I am concerned that it is again reporting something incorrectly.

Is anyone else seeing this and if so, what have you been advised to do about it?

This thread was automatically locked due to age.

Parents

0 jak over 12 years ago

Hi,
If that file is the only file returned from the report and the client on which that file was moved is now functioning you are done. You can resolve the alert.
The zFP- suspicious behaviour alerts are shown against the management server only and are to ensure that admins who may not know that applications have been affected (if they had move or delete selected) by the recent false positive take action as required.
Regards,
Jak
:34839
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 jak over 12 years ago

Hi,
If that file is the only file returned from the report and the client on which that file was moved is now functioning you are done. You can resolve the alert.
The zFP- suspicious behaviour alerts are shown against the management server only and are to ensure that admins who may not know that applications have been affected (if they had move or delete selected) by the recent false positive take action as required.
Regards,
Jak
:34839
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data