Sophos Shh/Updater-B (Allgemeines)
Sophos ist anscheind im letzten Update ein Fehler unterlaufen und es hat sich damit nicht nur gleich selbst als Virus eingestuft , sondern viele andere Programme ebenfalls.
What To Do
You should ensure that endpoints are up to date with the latest IDE files. This issue is resolved with javab-jd.ide which was released at Wed, 19 Sep 2012 21:32 +0000.
Sophos Update Manager unable to update
If SUM is unable to update it is probable that files in the warehouse are failing to be decoded as they are being falsely detected as Shh/Updater-B.
To workaround this issue and successfully download the IDE file that fixes this issue follow these steps:
1. Delete agen-xuv.ide from C:Program FilesSophosSophos Anti-Virus [C:Program Files (x86)SophosSophos Anti-Virus]
2. Restart the 'Sophos Anti-Virus Service'
3. Update SUM via the Sophos Enterprise Console
Endpoints unable to update
If you have endpoints that are unable to update due to the false positive issue the following steps can be taken to get the fixed IDE to them:
1. Centrally disable On-Access scanning via policy in SEC
2. Select Groups in SEC and select 'Update Now'
3. Once a group has updated re-enable On-Access scanning via policy in SEC
Quelle und Original Nachricht: