Geek News: Latest Technology, Product Reviews, Gadgets and Tech Podcast News for Geeks

Sophos Anti-Virus Deletes Itself as a Virus

Posted by Alan at 12:50 PM on September 20, 2012

Anti-virus software is a necessary evil in today’s world, thanks to the proliferation of hackers, malware and botnets.  Unfortunately, the software can frequently cause high profile problems like locking users out of their computers and causing endless reboots by deleting necessary Windows system files.  Perhaps no problem has been more embarrassing than the recent Sophos debacle.  The security software flagged it’s own files as malicious and proceeded to delete them.

For the most part, it’s better for these programs to err on the side of caution than risk allowing a user’s system to be infected.  However, Sophos went a bit far with their most recent update, when it flagged the Shh/Updater-B file as malicious.  Although the problem was worldwide, thankfully Sophos allows users and administrators to choose what happens when threats are detected.  If your settings called for simply denying access to the file then there was little harm.  For those who set their computers to delete offending files the program proceeded to cripple itself by deleting it’s own updater.  That made the process to undo the damage a bit more time consuming and difficult than simply waiting patiently for an update to trickle down.

Sophos has since fixed the issue by pushing an update.  Kudos to the company for acting quickly in this matter, but it illustrates the problems that have plagued this type of software.  With Windows 8 now looming on the horizon these problems may become less widespread thanks to the built-in Windows Defender that handles most of this duty, much to the dismay of third-party software makers.


  1. From El antivirus Sophos identifica varios de sus propios archivos como virus y los borra | Jonéame at 5:43 am on September 25, 2012

    [...] El antivirus Sophos identifica varios de sus propios archivos como virus y los borra por me_joneo_pensando_en_ti hace 15 segs [...]

  2. From alfred at 10:40 am on September 25, 2012

    y así niños es como conoci a vuestra madre

  3. From Sophos, el antivirus justiciero | TICbeat at 3:27 am on September 26, 2012

    [...] La nueva versión de su antivirus que Sophos lanzó identificaba el archivo Shh/Updater-B como malicioso. El programa daba la opción de borrar el fichero o denegar el acceso. Si se escogía la segunda vía el daño es menor y con la actualización que ha sacado la compañía se repara fácilmente. En caso contrario será más complicado, según indican desde Geek News Central. [...]