+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 18
Windows Thread, Sophos gone mad...hopefully in Technical; Is any one else having issues with sophos reporting a virus on all there workstation? The e-mail I'm getting is: ...
  1. #1
    arthur231283's Avatar
    Join Date
    Sep 2008
    Location
    Dartford
    Posts
    164
    Thank Post
    34
    Thanked 37 Times in 23 Posts
    Rep Power
    18

    Sophos gone mad...hopefully

    Is any one else having issues with sophos reporting a virus on all there workstation?

    The e-mail I'm getting is:

    Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update.exe". Cleanup unavailable.

    Infected file "C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update.exe" has been deleted.

    I hope this is a false positive after sophos updating itself and not a major issue

  2. Thanks to arthur231283 from:

    speckytecky (20th September 2012)

  3. #2

    Join Date
    Mar 2008
    Location
    Midlands
    Posts
    119
    Thank Post
    0
    Thanked 21 Times in 20 Posts
    Rep Power
    16
    yep getting a few dozen emails through to my phone

    Sophos have said its a false positive but the problem i see is the updater is being quaranteened meaning how will it get the updated ide?

    Apparantley if live protection is enabled it will fix itself. Hopefully the IDE will be updated before all of our pc's come on tomorrow!

  4. #3
    DrCheese's Avatar
    Join Date
    Apr 2008
    Posts
    1,026
    Thank Post
    97
    Thanked 158 Times in 107 Posts
    Rep Power
    58
    I've just logged on remotely and killed the Sophos updater share for now. All our clients (well... 95% of them) are off anyway at the moment so they won't get a chance to pick up the fraked up IDE's.

    I've got 52 machines tho (including servers) reporting it tho. All it's done is "blocked" them for now.

  5. #4

    Join Date
    Mar 2008
    Location
    Midlands
    Posts
    119
    Thank Post
    0
    Thanked 21 Times in 20 Posts
    Rep Power
    16
    I was going to kill the share but its required to get the updated fix IDE?

  6. #5

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,846
    Thank Post
    877
    Thanked 1,680 Times in 1,460 Posts
    Blog Entries
    12
    Rep Power
    444

  7. Thanks to FN-GM from:

    speckytecky (20th September 2012)

  8. #6

    Join Date
    Mar 2012
    Location
    Birmingham
    Posts
    21
    Thank Post
    2
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I've gotten this too, just had a load of emails come through on my phone from Sophos

  9. #7

    Join Date
    Mar 2008
    Location
    Midlands
    Posts
    119
    Thank Post
    0
    Thanked 21 Times in 20 Posts
    Rep Power
    16
    looks like javab-jd.ide recieved at 22.20pm is released to fix this issue

  10. #8
    DrCheese's Avatar
    Join Date
    Apr 2008
    Posts
    1,026
    Thank Post
    97
    Thanked 158 Times in 107 Posts
    Rep Power
    58
    Quote Originally Posted by AliG View Post
    I was going to kill the share but its required to get the updated fix IDE?
    Aye, I did it until the fix was out. I might just leave it dead until the morning, when sophos have a proper fix out (rather than a rushed one :P)

  11. #9
    arthur231283's Avatar
    Join Date
    Sep 2008
    Location
    Dartford
    Posts
    164
    Thank Post
    34
    Thanked 37 Times in 23 Posts
    Rep Power
    18
    Just checked my work e-mail and I have 615 unread all from sophos with the last one received at 5:55 reporting a virus on the computer that hosts the sophos enterprise console

    So I assume I'm going to have a busy day!

  12. #10
    flyinghaggis's Avatar
    Join Date
    Jan 2006
    Posts
    994
    Thank Post
    99
    Thanked 70 Times in 57 Posts
    Rep Power
    114
    +1 same here

    Virus/spyware 'Shh/Updater-B' has been detected in "C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_aut oupdate1.dir\ALUpdate.exe". Cleanup unavailable.

    Virus/spyware 'Shh/Updater-B' has been detected in "C:\ProgramData\Sophos\AutoUpdate\cache\sophos_aut oupdate1.dir\alupdate.exe".

    Virus/spyware 'Shh/Updater-B' has been detected in "C:\ProgramData\Sophos\AutoUpdate\cache\sophos_aut oupdate1.dir\alupdate.exe".


    I could almost let Sophos off for accidentally picking up other system updates as potential but to let the software decide that their own program is virus is just plain inept. Having said that given the amount of grief Sophos has caused us over the last couple of years maybe it's right to classify itself as a virus!

  13. #11

    Join Date
    Jul 2006
    Location
    London
    Posts
    1,256
    Thank Post
    111
    Thanked 242 Times in 193 Posts
    Blog Entries
    1
    Rep Power
    74
    I've got to say this is the first time I've had Sophos cause me a headache since 2006. The fix looks easy enough, even for those of us mad enough to have 'delete' as the default action.(*)

    Maybe. We'll see how it goes.


    (*)Turns out I'm not that mad after all. Its always nice to discover you haven't made a terrible mistake!
    Last edited by psydii; 20th September 2012 at 09:41 AM.

  14. #12

    Miscbrah's Avatar
    Join Date
    Dec 2011
    Posts
    885
    Thank Post
    244
    Thanked 251 Times in 151 Posts
    Rep Power
    114
    Yeah we got this too. Whoopdidoo.

    A helpful chappy from the Sophos forums contributes thus:

    Believe it or not, every last AV provider has had this screw up and some of them have been considerably worse than this. If a false positive has you in such a twist maybe you should stay clear of antivirus as a whole.
    What a charming lad who definitely wouldn't benefit from a punch.

  15. #13
    newpersn's Avatar
    Join Date
    Nov 2010
    Location
    Gloucestershire
    Posts
    1,188
    Thank Post
    273
    Thanked 110 Times in 83 Posts
    Rep Power
    76
    Come in this morning to find out its put it self in the bin.... Im leaving it there....

    Sophos Virus.jpg

  16. #14
    kennysarmy's Avatar
    Join Date
    Oct 2005
    Location
    UK
    Posts
    1,286
    Thank Post
    80
    Thanked 45 Times in 31 Posts
    Rep Power
    30
    Having the same issues here....So whats the advice?
    Wait for them to patch it or turn something off?

    HEeelllpppp

  17. #15

    X-13's Avatar
    Join Date
    Jan 2011
    Location
    /dev/null
    Posts
    9,060
    Thank Post
    591
    Thanked 1,945 Times in 1,345 Posts
    Blog Entries
    19
    Rep Power
    813
    Quote Originally Posted by newpersn View Post
    Come in this morning to find out its put it self in the bin.... Im leaving it there....

    Sophos Virus.jpg
    Attachment 15241

    I think I have you beaten.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. [CLOSED] Layout Issue: Formatting gone mad...
    By LosOjos in forum EduGeek.net Site Problems
    Replies: 8
    Last Post: 19th August 2010, 02:41 PM
  2. Replies: 1
    Last Post: 21st November 2008, 09:55 AM
  3. Help staff proxy setting gone mad
    By maark in forum Wireless Networks
    Replies: 7
    Last Post: 26th August 2008, 12:25 PM
  4. PC Gone Mad
    By Anorak in forum General Chat
    Replies: 25
    Last Post: 25th January 2008, 06:40 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •