This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is any one else seing this alert - Shh/Updater-B False positives

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update.exe". Cleanup unavailable. This is trickling in as alerts but at an alarming rate.

This thread was automatically locked due to age.

Parents

0 Nathan over 13 years ago

ktremain wrote:
I have an MSP platform that was set to MOVE non-cleanable files.
How do i get all the REMOTE clients fixed now?
I have repaired the SEC and SUM servers, so the updates are waiting to go out, but the clients updaters are MOVED, so they are not pulling fixed files.
Unfortunately, you'll first need to restore the files that were moved. Perhaps a VB script that can extract the files/paths of the files in question from the sav.txt log, then copy just those files form the infected folder back to the original source. Or use PSEXEC to run a batch file across all affected systems to restore the files that were moved.
:30641
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Nathan over 13 years ago

ktremain wrote:
I have an MSP platform that was set to MOVE non-cleanable files.
How do i get all the REMOTE clients fixed now?
I have repaired the SEC and SUM servers, so the updates are waiting to go out, but the clients updaters are MOVED, so they are not pulling fixed files.
Unfortunately, you'll first need to restore the files that were moved. Perhaps a VB script that can extract the files/paths of the files in question from the sav.txt log, then copy just those files form the infected folder back to the original source. Or use PSEXEC to run a batch file across all affected systems to restore the files that were moved.
:30641
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data