Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1178 replies
  • Subscribers 1 subscriber
  • Views 3261265 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is any one else seing this alert - Shh/Updater-B False positives

leftout

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update.exe". Cleanup unavailable. This is trickling in as alerts but at an alarming rate.

:29723


This thread was automatically locked due to age.
Parents
  • 0
    Longun wrote:

    Anyone know if its possible to extract the PC's showing in the out of date computers list in the SEC?

    For connected computers:

    exec dbo.ComputerListOutOfDateGet '2011-08-30 10:30:00:000',1

    For disconnected computers:

    exec dbo.ComputerListOutOfDateGet '2011-08-30 10:30:00:000',0

    You'll need to adjust the date/time as needed. I _beleive_ the time is GMT. Execute against the SOPHOS50 db if you are on SEC50, SOPHOS51 db if on SEC5.1. I haven't checked to see if the stored procedure is present on older versions of SEC, but SOPHOS47 and SOPHOS45 would be the older dbs if you wanted to try it.

    Edit: I think this just gives the computer ID. You could pass that list to a select statement to find the Name. Or if you're on SEC5+, set your filter to Out Of Date Computers, highlight the listed computers, CTRL+C, paste into notepad.

    :31735
Reply
  • 0
    Longun wrote:

    Anyone know if its possible to extract the PC's showing in the out of date computers list in the SEC?

    For connected computers:

    exec dbo.ComputerListOutOfDateGet '2011-08-30 10:30:00:000',1

    For disconnected computers:

    exec dbo.ComputerListOutOfDateGet '2011-08-30 10:30:00:000',0

    You'll need to adjust the date/time as needed. I _beleive_ the time is GMT. Execute against the SOPHOS50 db if you are on SEC50, SOPHOS51 db if on SEC5.1. I haven't checked to see if the stored procedure is present on older versions of SEC, but SOPHOS47 and SOPHOS45 would be the older dbs if you wanted to try it.

    Edit: I think this just gives the computer ID. You could pass that list to a select statement to find the Name. Or if you're on SEC5+, set your filter to Out Of Date Computers, highlight the listed computers, CTRL+C, paste into notepad.

    :31735
Children
No Data