Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1178 replies
  • Subscribers 1 subscriber
  • Views 3261622 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is any one else seing this alert - Shh/Updater-B False positives

leftout

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update.exe". Cleanup unavailable. This is trickling in as alerts but at an alarming rate.

:29723


This thread was automatically locked due to age.
Parents
  • 0

    “psexec @FpWithoutFix.txt -u domain\username -p password -h -d \\SERVER\SophosUpdate\FixIssues.exe -q"

    Just to check, if you are not using the -u domain\username -p password strings and it is running, it will use the logged on user rights, so you will need to ensure that the -u [YourDomain]\[DomainAdminUsername] -p [DomainAdminPassword] is correct, It may be worth checking that the Remote Registry Service has started on a test endpoint you can test this script against before running it via a GPO.

    :33145
Reply
  • 0

    “psexec @FpWithoutFix.txt -u domain\username -p password -h -d \\SERVER\SophosUpdate\FixIssues.exe -q"

    Just to check, if you are not using the -u domain\username -p password strings and it is running, it will use the logged on user rights, so you will need to ensure that the -u [YourDomain]\[DomainAdminUsername] -p [DomainAdminPassword] is correct, It may be worth checking that the Remote Registry Service has started on a test endpoint you can test this script against before running it via a GPO.

    :33145
Children
No Data