Installation Of Product Sophos Autoupdate Failed Module Alupdate
Posted on by admin
Hi, I just wanted to say thanks for posting this. I have been trying to uninstall the last remnants of an old MySql version for hours so that the new version would install, and getting nowhere, and this is the only thing that actually allowed me to see exactly why and where the install of a newer version was failing. ALUpdate.exe's description is 'AutoUpdate synchronisation component module' ALUpdate.exe is digitally signed by Sophos Limited. ALUpdate.exe is usually located in the 'C: ProgramData Sophos AutoUpdate cache sophosautoupdate1.dir ' folder. None of the anti-virus scanners at VirusTotal reports anything malicious about ALUpdate.exe. Can you run both Sophos and Endpoint together in an image if you install one or the other, we have MSNDAA, What I have been doing so far, is to set up SCCM 2012 to install Endpoint Protection on selected computers and then when Spiceworks complains about having 2 Anti-Virus programs installed on a computer to go in and remove Sophos.
Sophos is an antivirus program designed to prevent viruses from infecting your computer, as well as remove viruses that have already infected your computer. In order to accomplish these tasks, Sophos must be able to detect the latest viruses, which means that the program must be up to date with the latest virus identity files, or IDEs. You can configure Sophos to download the latest IDEs automatically, or download the updates manually.
Step 1
Step 2
Go to the Sophos Latest Virus Identities Web page at sophos.com/downloads/ide/. Kypipe 2018.
Step 3
Click 'Download' next to the version of Sophos that is installed on your computer. Note that you can download a 'Zip File' or a 'Self-extracting File.' A self-extracting file contains the software needed to execute the file, and thus may work better for inexperienced users.
Click 'Run' when the 'Open File' dialog box opens. Click 'Yes' if asked to confirm. The virus identity files are automatically installed.
Video of the Day
Brought to you by Techwalla
- Brand X Pictures/Brand X Pictures/Getty Images
More Articles
My sophos antivirus found the troj/virtum-gen on my computer a couple of days ago. I ran a full computer scan and it then allowed me to clean up the virus. When i restarted my computer the virus was back and after another full computer scan was run it said the cleanup was incomplete and manual removal was required. When I tried to remove the virus components they were either not where they said they would be or they would come back after i removed them. I have tried vundofix as well as virtumundobegone to get rid of the virus but when i scan for the virus they both found no infected files. I have followed the steps in You Must Read This Before Posting A Hijack This Log but my computer wouldn't allow me to download the Malwarebytes' Anti-malware and i cant get to the windows updates page (my computer wont load the page). I ran the hijackthis and here is the log:Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:38:53 PM, on 9/22/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesIntelWirelessBinEvtEng.exe
C:Program FilesIntelWirelessBinS24EvMon.exe
C:Program FilesIntelWirelessBinWLKeeper.exe
C:WINDOWSsystem32Ati2evxx.exe
C:PROGRA~1COMMON~1AOLACSAOLacsd.exe
C:Program FilesWIDCOMMBluetooth Softwarebinbtwdins.exe
C:Program FilesCommon FilesCreative Labs SharedServiceCreativeLicensing.exe
C:WINDOWSsystem32CTsvcCDA.exe
C:WINDOWSeHomeehRecvr.exe
C:WINDOWSeHomeehSched.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesDellQuickSetNICCONFIGSVC.exe
C:Program FilesIntelWirelessBinRegSrvc.exeC:Program FilesSophosSophos Anti-VirusSAVAdminService.exe
C:Program FilesSophosAutoUpdateALsvc.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesViewpointCommonViewpointService.exe
c:WINDOWSsystem32ZuneBusEnum.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesJavajre1.5.0_08binjusched.exe
C:WINDOWSstsystra.exe
C:Program FilesScanSoftPaperPortpptd40nt.exe
C:WINDOWSsystem32Rundll32.exe
C:Program FilesIntelWirelessbinZCfgSvc.exe
C:Program FilesIntelWirelessBinifrmewrk.exe
C:WINDOWSehomeehtray.exe
C:Program FilesCyberLinkPowerDVDDVDLauncher.exe
C:WINDOWSsystem32dlatfswctrl.exe
C:DOCUME~1MandaLOCALS~1Tempclclean.0001
C:Program FilesDellQuickSetquickset.exe
C:Program FilesCreativeSBAudigySurround MixerCTSysVol.exe
C:Program FilesViewpointViewpoint ManagerViewMgr.exe
C:Program FilesBrotherBrmfcmonBrMfcWnd.exe
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:Program FilesSpybot - Search & DestroyTeaTimer.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesBrotherBrmfcmonBrMfcmon.exe
C:WINDOWSsystem32dllhost.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSeHomeehmsas.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesNetWaitingnetWaiting.exe
C:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe
C:Program FilesCreativeMediaSourceDetectorCTDetect.exe
C:PROGRA~1IntelWirelessBinDot1XCfg.exe
C:Program FilesAIM6aim6.exe
C:Program FilesSophosAutoUpdateALMon.exe
C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe
C:Program FilesDigital Line DetectDLG.exe
C:Program FilesCommon FilesAOLLoaderaolload.exe
C:PROGRA~1WIDCOMMBLUETO~1BTSTAC~1.EXE
C:WINDOWSsystem32rundll32.exe
C:WINDOWSsystem32rundll32.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesATI TechnologiesATI.ACEcli.exe
Installation Of Product Sophos Autoupdate Failed Module Alupdate Download
C:Program FilesAIM6aolsoftware.exe
C:Program FilesJavajre1.5.0_08binjucheck.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesDellSupportDSAgnt.exe
C:WINDOWSexplorer.exe
C:Program FilesSophosSophos Anti-VirusSavMain.exe
C:WINDOWSsystem32msiexec.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:WINDOWSTEMPsophos_autoupdate1.diralupdate.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://brockport.edu/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.dell.com
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft..k/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.dell.com
R1 - HKLMSoftwareMicrosoftInternet ExplorerSearch,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM.Run: [UpdReg] C:WINDOWSUpdReg.EXE
O4 - HKLM.Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 - HKLM.Run: [SunJavaUpdateSched] 'C:Program FilesJavajre1.5.0_08binjusched.exe'
O4 - HKLM.Run: [SSBkgdUpdate] 'C:Program FilesCommon FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe' -Embedding -boot
O4 - HKLM.Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM.Run: [QuickTime Task] 'C:Program FilesQuickTimeqttask.exe' -atboottime
O4 - HKLM.Run: [pccguide.exe] 'C:Program FilesTrend MicroInternet Security 12pccguide.exe'
O4 - HKLM.Run: [PaperPort PTD] C:Program FilesScanSoftPaperPortpptd40nt.exe
O4 - HKLM.Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM.Run: [ISUSScheduler] 'C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe' -start
O4 - HKLM.Run: [ISUSPM Startup] 'C:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe' -startup
O4 - HKLM.Run: [IntelZeroConfig] 'C:Program FilesIntelWirelessbinZCfgSvc.exe'
O4 - HKLM.Run: [IntelWireless] 'C:Program FilesIntelWirelessBinifrmewrk.exe' /tf Intel PROSet/Wireless
O4 - HKLM.Run: [IndexSearch] C:Program FilesScanSoftPaperPortIndexSearch.exe
O4 - HKLM.Run: [Google Desktop Search] 'C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe' /startup
O4 - HKLM.Run: [ehTray] C:WINDOWSehomeehtray.exe
O4 - HKLM.Run: [DVDLauncher] 'C:Program FilesCyberLinkPowerDVDDVDLauncher.exe'
O4 - HKLM.Run: [dla] C:WINDOWSsystem32dlatfswctrl.exe
O4 - HKLM.Run: [Dell QuickSet] C:Program FilesDellQuickSetquickset.exe
O4 - HKLM.Run: [CTSysVol] C:Program FilesCreativeSBAudigySurround MixerCTSysVol.exe /r
O4 - HKLM.Run: [BuildBU] c:dellbldbubg.exe
O4 - HKLM.Run: [BrMfcWnd] C:Program FilesBrotherBrmfcmonBrMfcWnd.exe /AUTORUN
O4 - HKLM.Run: [ATICCC] 'C:Program FilesATI TechnologiesATI.ACEcli.exe' runtime -Delay
O4 - HKLM.Run: [BMef074f97] Rundll32.exe 'C:WINDOWSsystem32mbbyqtxh.dll',s
O4 - HKCU.Run: [SpybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe
O4 - HKCU.Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU.Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU.Run: [OE_OEM] 'C:Program FilesTrend MicroInternet Security 12TMAS_OETMAS_OEMon.exe'
O4 - HKCU.Run: [MSMSGS] 'C:Program FilesMessengermsmsgs.exe' /background
O4 - HKCU.Run: [ModemOnHold] C:Program FilesNetWaitingnetWaiting.exe
O4 - HKCU.Run: [ISUSPM] 'C:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe' -scheduler
O4 - HKCU.Run: [Creative Detector] 'C:Program FilesCreativeMediaSourceDetectorCTDetect.exe' /R
O4 - HKCU.Run: [Aim6] 'C:Program FilesAIM6aim6.exe' /d locale=en-US ee://aol/imApp
O4 - Startup: Memeo AutoSync Launcher.lnk = C:Program FilesMemeoAutoSyncMemeoLauncher.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: AutoUpdate Monitor.lnk = C:Program FilesSophosAutoUpdateALMon.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: Send to &Bluetooth Device.. - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_08binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_08binssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSsystem32Shdocvw.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:Documents and SettingsMandaStart MenuProgramsIMVURun IMVU.lnk (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O12 - Plugin for .csm: C:Program FilesInternet ExplorerPluginsnpchime.dll
O12 - Plugin for .csml: C:Program FilesInternet ExplorerPluginsnpchime.dll
O12 - Plugin for .cub: C:Program FilesInternet ExplorerPluginsnpchime.dll
O12 - Plugin for .cube: C:Program FilesInternet ExplorerPluginsnpchime.dll
O12 - Plugin for .dx: C:Program FilesInternet ExplorerPluginsnpchime.dll
O12 - Plugin for .emb: C:Program FilesInternet ExplorerPluginsnpchime.dll
O12 - Plugin for .embl: C:Program FilesInternet ExplorerPluginsnpchime.dll
O12 - Plugin for .gau: C:Program FilesInternet ExplorerPluginsnpchime.dll
O12 - Plugin for .jdx: C:Program FilesInternet ExplorerPluginsnpchime.dll
O12 - Plugin for .mol: C:Program FilesInternet ExplorerPluginsnpchime.dll
O12 - Plugin for .mop: C:Program FilesInternet ExplorerPluginsnpchime.dll
O12 - Plugin for .pdb: C:Program FilesInternet ExplorerPluginsnpchime.dll
O12 - Plugin for .rxn: C:Program FilesInternet ExplorerPluginsnpchime.dll
O12 - Plugin for .scr: C:Program FilesInternet ExplorerPluginsnpchime.dll
O12 - Plugin for .skc: C:Program FilesInternet ExplorerPluginsnpchime.dll
O12 - Plugin for .spt: C:Program FilesInternet ExplorerPluginsnpchime.dll
O12 - Plugin for .tgf: C:Program FilesInternet ExplorerPluginsnpchime.dll
O12 - Plugin for .xyz: C:Program FilesInternet ExplorerPluginsnpchime.dll
O16 - DPF: {3527C5BD-4A46-4362-94B6-12341D087A4B} (Echospin Proxy Control) - http://echospin.com/..es/esWizard.cab
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} (TTestGenXInstallObject) - http://asp.mathxl.co..GenXInstall.cab
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - http://mail.baypath.edu/iNotes6.cab
O16 - DPF: {4FE89055-5300-469E-AFAD-DEB3181EDE76} (PearsonAsstX Control) - http://asp.mathxl.co..InstallAsst.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros..b?1157046608906
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m..ent/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.popcap.co..aploader_v6.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - http://mail.baypath.edu/dwa7W.cab
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) - http://asp.mathxl.co../MathPlayer.cab
O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~1GOEC62~1.DLL,C:PROGRA~1SophosSOPHOS~1SOPHOS~1.DLL vcrwyz.dll opbhcv.dll eqwgfu.dll jlmuti.dll oxpwdo.dll uvhzkf.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:PROGRA~1COMMON~1AOLACSAOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:Program FilesWIDCOMMBluetooth Softwarebinbtwdins.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:Program FilesCommon FilesCreative Labs SharedServiceCreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSsystem32CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:Program FilesDellSupportbrkrsvc.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:Program FilesIntelWirelessBinEvtEng.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:Program FilesDellQuickSetNICCONFIGSVC.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:Program FilesIntelWirelessBinRegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:Program FilesIntelWirelessBinS24EvMon.exe
O23 - Service: Sophos Anti-Virus status reporter (SAVAdminService) - Sophos Plc - C:Program FilesSophosSophos Anti-VirusSAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Plc - C:Program FilesSophosSophos Anti-VirusSavService.exe
O23 - Service: Sophos AutoUpdate Service - Sophos Plc - C:Program FilesSophosAutoUpdateALsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:Program FilesViewpointCommonViewpointService.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:Program FilesIntelWirelessBinWLKeeper.exe
--
End of file - 12925 bytes
Thanks in advance for any help you can give me.