Is any one else seing this alert - Shh/Updater-B False positives

Hey guys,

I don't have time to paste all the scripts at the moment but it may help some to do something like below which made our cleanup of 400+ machines fairly simple.

Setup a text file with the name of each PC on a separate line

Setup a batch file with something like below to remove the offending IDE:

for /f %%a in (pclist.txt) do del "\\%%a\c$\Program Files (x86)\Sophos\Sophos Anti-Virus\agen-xuv.ide" /f /q

Grab the vbs script a few pages back to move the files out of quarantine and back to the correct location and add a line such as

Install pstools on a server and run psexec as below

for /f %%a in (pclist.txt) do copy script.vbs \\%%a\c$\script.vbs && psexec -u DOMAIN\admin -p password cscript c:\script.vbs

and reboot each machine.

If this is useful to anyone let me know if you need more info and I will come back and post some more when I have made sure all the fires are finally out :)

Hey guys,

I don't have time to paste all the scripts at the moment but it may help some to do something like below which made our cleanup of 400+ machines fairly simple.

Setup a text file with the name of each PC on a separate line

Setup a batch file with something like below to remove the offending IDE:

for /f %%a in (pclist.txt) do del "\\%%a\c$\Program Files (x86)\Sophos\Sophos Anti-Virus\agen-xuv.ide" /f /q

Grab the vbs script a few pages back to move the files out of quarantine and back to the correct location and add a line such as

Install pstools on a server and run psexec as below

for /f %%a in (pclist.txt) do copy script.vbs \\%%a\c$\script.vbs && psexec -u DOMAIN\admin -p password cscript c:\script.vbs

and reboot each machine.

If this is useful to anyone let me know if you need more info and I will come back and post some more when I have made sure all the fires are finally out :)