This article describes how to deploy the FixIssues.exe tool mentioned here in our Fixing Sophos AutoUpdate after required files were deleted or moved by Sophos Anti-Virus due to a false positive article if using PsExec.
Known to apply to the following Sophos product(s) and version(s)
Sophos Anti-Virus for Windows 2000+
What To Do
How to run FixIssues.exe using PsExec
Note: You may need to authorize PsExec to run if you have Potentially Unwanted Appllications enabled, see article 25866 for details. If PsExec is not listed as a known PUA, then select New Entry and type in
PsExec.exe at step 5 in article 25866.
- On your Sophos Management server download PsExec and extract to
- Copy the file
FpWithoutFix.txt that contains a list of affected computers as created in article 118324 to
- Edit the
FpWithoutFix.txt file and delete all Domain\ entries leaving the computer names. For example:
Note: This can be done in Notepad by choosing Edit | Replace (or Ctrl + H) and typing
DomainA\ in the 'Find what:' field and clicking Replace All
- Contact support and request FixIssues.exe and select 'Save link as...' (wording may vary according to which browser you are using). Save the file to the Desktop of your server.
FixIssues.exe to the SophosUpdate share
- Open a command prompt with elevated permissions:
- For Windows Vista, Windows 2008 and Windows 7:
Start | All Programs | Accessories | Right-click on Command Prompt | Select 'Run as Administrator'.
- For Windows XP: ensure you are logged in as a user with administrative rights.
- Change directory to
- Run the command:
psexec @FpWithoutFix.txt -u domain\username -p password -h -d \\SERVER\SophosUpdate\FixIssues.exe -q
- For Workgroup networks, the following command line should be used, the specified credentials must have Administrator equivalent rights over the endpoints:
psexec @FpWithoutFix.txt -u username -p password -h -d -c \\SERVER\SophosUpdate\FixIssues.exe -q
- The above command requires a domain username and password to login to the remote system.
- The input file 'FpWithoutFix.txt' as generated by 'fpc.bat' (available from article 118324) contains both 'connected' (turned on) and 'disconnected' (turned off) clients. To ensure that PsExec does not attempt to connect to a large number of endpoints that are turned off, the line in the 'fpc.bat' file:
@sqlcmd -E -S %instanceName% -b -d %databaseName% -h-1 -W -Q "SET NOCOUNT ON; SELECT DomainName + N'\' + Name AS Computer FROM dbo.Computers WHERE IDEList LIKE N'%%agen-xuv%%' AND IDEList NOT LIKE N'%%javab-jd%%' ORDER BY DomainName, Name;" Could be updated to be:
@sqlcmd -E -S %instanceName% -b -d %databaseName% -h-1 -W -Q "SET NOCOUNT ON; SELECT DomainName + N'\' + Name AS Computer FROM dbo.Computers WHERE IDEList LIKE N'%%agen-xuv%%' AND IDEList NOT LIKE N'%%javab-jd%%' AND Connected=1 ORDER BY DomainName, Name;"
- The cscript command is that tested as part of the Fixing Sophos AutoUpdate after required files were deleted or moved by Sophos Anti-Virus due to a false positive article so will need altering accordingly
Other methods for deploying the script to resolve your workstations are available. You may wish to consider:
- Active Directory Group Policy (GPO) see article 118338.
- Enterprise Console see article 118351.