Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update.exe". Cleanup unavailable. This is trickling in as alerts but at an alarming rate.
\2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/TAO_Valuetype.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/TAO_Security.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/TAO_SSLIOP.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/TAO_PortableServer.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/TAO_ObjRefTemplate.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/TAO_IORInterceptor.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/TAO_DynamicAny.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/TAO.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/ScfVerify.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/RtrEvent.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/RouterNT.exe IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/ManagementAgentNT.exe IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/MSClientLib.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/EmErr.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/EMTrace.dll IsCancelled? 0
2012-09-20 12:09:56 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/EMLibUpdateAgentNT.exe IsCancelled? 0
2012-09-20 12:09:56 : EventLog: 3758112772 1 Inserts:> "C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Working\.\Decoded-Sub0\F26F7EC0-1302-4DA7-8B6B-A5383051D41A" "SAVSCFXP" "F26F7EC0-1302-4DA7-8B6B-A5383051D41A" "RECOMMENDED" "F26F7EC0-1302-4DA7-8B6B-A5383051D41A" "Checksum error: 1f34572837d9904ed93222719dae2762x000 -> EMLibUpdateAgentNT.exe"
2012-09-20 12:09:56 : Cmd-ALL << [E4004][C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Working\.\Decoded-Sub0\F26F7EC0-1302-4DA7-8B6B-A5383051D41A][SAVSCFXP][F26F7EC0-1302-4DA7-8B6B-A5383051D41A][RECOMMENDED][F26F7EC0-1302-4DA7-8B6B-A5383051D41A][Checksum error: 1f34572837d9904ed93222719dae2762x000 -> EMLibUpdateAgentNT.exe] Decode operation failed when decoding payload 'F26F7EC0-1302-4DA7-8B6B-A5383051D41A'. Details: Checksum error: 1f34572837d9904ed93222719dae2762x000 -> EMLibUpdateAgentNT.exe
2012-09-20 12:09:56 : Cmd-ALL << [E400D][ActionDecodeEverything-Sub0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDecodeEverything-Sub0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' failed!
2012-09-20 12:09:56 : Cmd-ALL << [I1021][__MAINTENANCE_ACTION__][__MAINTENANCE_DISPATCHER__-2012-09-20T17-09-53-1] Action '__MAINTENANCE_ACTION__' with caller '__MAINTENANCE_DISPATCHER__-2012-09-20T17-09-53-1' started...
2012-09-20 12:09:56 : PurgeDecodeFolders determined folder in use: C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Working\Decoded-SDDM\A845A8B5-6532-4EF1-B19E-1DB2B3CB73D1
2012-09-20 12:09:56 : PurgeDecodeFolders determined folder in use: C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Working\Decoded-Sub0\F26F7EC0-1302-4DA7-8B6B-A5383051D41A
2012-09-20 12:09:56 : PurgeDecodeFolders determined folder in use: C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Endpoint Management\4.5\Updates\Secure\SDFs\SophosMA\7D48A012-0C64-4F21-BA27-A9CEDF442749
2012-09-20 12:09:56 : PurgeDecodeFolders determined folder in use: C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Endpoint Management\4.5\Updates\Secure\SDFs\SophosPA\2DE69C24-D975-47b2-8D2F-6BEA861A9C75
2012-09-20 12:09:56 : PurgeDecodeFolders: Working path appears to be: C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Working\
2012-09-20 12:09:56 : Cmd-ALL << [I0019] Successfully carried out maintenance operation.
2012-09-20 12:09:56 : Cmd-ALL << [I0009][__MAINTENANCE_ACTION__][__MAINTENANCE_DISPATCHER__-2012-09-20T17-09-53-1] Action '__MAINTENANCE_ACTION__' with caller '__MAINTENANCE_DISPATCHER__-2012-09-20T17-09-53-1' succeeded!
2012-09-20 12:09:56 : Cmd-ALL << [S000A][__MAINTENANCE_DISPATCHER__-2012-09-20T17-09-53-1] Event with dispatcher ID '__MAINTENANCE_DISPATCHER__-2012-09-20T17-09-53-1' completed successfully.
2012-09-20 12:09:56 : Cmd-ALL << [I1020][__MAINTENANCE_DISPATCHER__-2012-09-20T17-09-53-1] All events with dispatcher ID '__MAINTENANCE_DISPATCHER__-2012-09-20T17-09-53-1' complete.
2012-09-20 12:09:56 : Cmd-ALL << [I1021][ActionGenerateCid-Sub0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionGenerateCid-Sub0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' started...
2012-09-20 12:09:56 : Cmd-ALL << [I1017][ActionGenerateCid-Sub0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionGenerateCid-Sub0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' could not execute.
2012-09-20 12:09:56 : Cmd-ALL << [I1021][ActionDeployCids-Sub0-0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDeployCids-Sub0-0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' started...
2012-09-20 12:09:56 : Cmd-ALL << [I1017][ActionDeployCids-Sub0-0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDeployCids-Sub0-0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' could not execute.
2012-09-20 12:09:56 : Cmd-ALL << [I1021][ActionGatherCurrencyData-Sub1][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionGatherCurrencyData-Sub1' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' started...
2012-09-20 12:09:56 : GatherCurrencyData: Considering payload Payload-Sub1...
2012-09-20 12:09:56 : GatherCurrencyData: Payload version information has changed, proceeding.
2012-09-20 12:09:56 : GatherCurrencyData: Obtaining currency data...
2012-09-20 12:09:56 : GatherCurrencyData: ReleaseHasRole(EPS) threw an exception, returning false. Details: Attribute not found.
2012-09-20 12:09:56 : GatherCurrencyData: No relevant attributes found for this payload.
2012-09-20 12:09:56 : Cmd-ALL << [I0009][ActionGatherCurrencyData-Sub1][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionGatherCurrencyData-Sub1' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' succeeded!
2012-09-20 12:09:56 : Cmd-ALL << [I1021][ActionDeploySDF-Sub1-0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDeploySDF-Sub1-0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' started...
2012-09-20 12:09:57 : Cmd-ALL << [S0015][C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Endpoint Management\4.5\Updates\Secure\SDFs\SophosMA][sec][7D48A012-0C64-4F21-BA27-A9CEDF442749][0.0.0] The SDF deployment operation was successful, and no new data files were decoded.
2012-09-20 12:09:57 : Cmd-ALL << [S0013][C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Endpoint Management\4.5\Updates\Secure\SDFs\SophosMA] The decode operation was successful, and no new data files were decoded.
2012-09-20 12:09:57 : Cmd-ALL << [I0009][ActionDeploySDF-Sub1-0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDeploySDF-Sub1-0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' succeeded!
2012-09-20 12:09:57 : Cmd-ALL << [I1021][ActionGatherCurrencyData-Sub2][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionGatherCurrencyData-Sub2' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' started...
2012-09-20 12:09:57 : GatherCurrencyData: Considering payload Payload-Sub2...
2012-09-20 12:09:57 : GatherCurrencyData: Payload version information has changed, proceeding.
2012-09-20 12:09:57 : GatherCurrencyData: Obtaining currency data...
2012-09-20 12:09:57 : GatherCurrencyData: ReleaseHasRole(EPS) threw an exception, returning false. Details: Attribute not found.
2012-09-20 12:09:57 : GatherCurrencyData: No relevant attributes found for this payload.
2012-09-20 12:09:57 : Cmd-ALL << [I0009][ActionGatherCurrencyData-Sub2][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionGatherCurrencyData-Sub2' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' succeeded!
2012-09-20 12:09:57 : Cmd-ALL << [I1021][ActionDeploySDF-Sub2-0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDeploySDF-Sub2-0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' started...
2012-09-20 12:09:57 : Creating file package source...
2012-09-20 12:09:57 : Decoding the product...
2012-09-20 12:09:58 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/sophos.plk IsCancelled? 0
2012-09-20 12:09:58 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/manifest.dat IsCancelled? 0
2012-09-20 12:09:58 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/cabarc.exe IsCancelled? 0
2012-09-20 12:09:58 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/PatchImport64.exe IsCancelled? 0
2012-09-20 12:09:58 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/PatchImport32.exe IsCancelled? 0
2012-09-20 12:09:58 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/PatchConfig.xml IsCancelled? 0
2012-09-20 12:09:58 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/MCEScan.exe IsCancelled? 0
2012-09-20 12:09:59 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/x64/envprep.exe IsCancelled? 0
2012-09-20 12:09:59 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/PDATA/VendorAllowList.xml IsCancelled? 0
2012-09-20 12:09:59 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/PDATA/PatchFeed.xml IsCancelled? 0
2012-09-20 12:09:59 : Decoding complete.
2012-09-20 12:09:59 : Cmd-ALL << [S0014][C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Endpoint Management\4.5\Updates\Secure\SDFs\SophosPA][PSRVR][2DE69C24-D975-47b2-8D2F-6BEA861A9C75][RECOMMENDED] The SDF deployment operation was successful.
2012-09-20 12:09:59 : Cmd-ALL << [S0004][C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Endpoint Management\4.5\Updates\Secure\SDFs\SophosPA] The decode operation was successful.
2012-09-20 12:09:59 : Cmd-ALL << [I0009][ActionDeploySDF-Sub2-0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDeploySDF-Sub2-0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' succeeded!
2012-09-20 12:09:59 : Cmd-ALL << [I1021][ActionGatherCurrencyData-SDDM][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionGatherCurrencyData-SDDM' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' started...
2012-09-20 12:09:59 : GatherCurrencyData: Considering payload Payload-SDDM...
2012-09-20 12:09:59 : GatherCurrencyData: Payload version information has changed, proceeding.
2012-09-20 12:09:59 : GatherCurrencyData: Obtaining currency data...
2012-09-20 12:09:59 : GatherCurrencyData: ReleaseHasRole(EPS) threw an exception, returning false. Details: Attribute not found.
2012-09-20 12:09:59 : GatherCurrencyData: No relevant attributes found for this payload.
2012-09-20 12:09:59 : Cmd-ALL << [I0009][ActionGatherCurrencyData-SDDM][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionGatherCurrencyData-SDDM' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' succeeded!
2012-09-20 12:09:59 : Cmd-ALL << [I1021][ActionDecodeEverything-SDDM][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDecodeEverything-SDDM' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' started...
2012-09-20 12:10:00 : Cmd-ALL << [S001A][C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Working\.\Decoded-SDDM\A845A8B5-6532-4EF1-B19E-1DB2B3CB73D1][sum][A845A8B5-6532-4EF1-B19E-1DB2B3CB73D1][RECOMMENDED] The decode operation was successful (and NULL).
2012-09-20 12:10:00 : Cmd-ALL << [S0013][C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Working\.\Decoded-SDDM] The decode operation was successful, and no new data files were decoded.
2012-09-20 12:10:00 : Cmd-ALL << [I0009][ActionDecodeEverything-SDDM][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDecodeEverything-SDDM' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' succeeded!
2012-09-20 12:10:00 : Cmd-ALL << [E400E][DispatcherSupplements-2012-09-20T17-09-10-1] Event with dispatcher ID 'DispatcherSupplements-2012-09-20T17-09-10-1' failed to execute.
2012-09-20 12:10:00 : Cmd-ALL << [I1020][DispatcherSupplements-2012-09-20T17-09-10-1] All events with dispatcher ID 'DispatcherSupplements-2012-09-20T17-09-10-1' complete.
\2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/TAO_Valuetype.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/TAO_Security.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/TAO_SSLIOP.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/TAO_PortableServer.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/TAO_ObjRefTemplate.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/TAO_IORInterceptor.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/TAO_DynamicAny.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/TAO.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/ScfVerify.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/RtrEvent.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/RouterNT.exe IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/ManagementAgentNT.exe IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/MSClientLib.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/EmErr.dll IsCancelled? 0
2012-09-20 12:09:55 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/EMTrace.dll IsCancelled? 0
2012-09-20 12:09:56 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Update Manager/Working/Decoded-Sub0/F26F7EC0-1302-4DA7-8B6B-A5383051D41A/rms/program files/Sophos/Remote Management System/EMLibUpdateAgentNT.exe IsCancelled? 0
2012-09-20 12:09:56 : EventLog: 3758112772 1 Inserts:> "C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Working\.\Decoded-Sub0\F26F7EC0-1302-4DA7-8B6B-A5383051D41A" "SAVSCFXP" "F26F7EC0-1302-4DA7-8B6B-A5383051D41A" "RECOMMENDED" "F26F7EC0-1302-4DA7-8B6B-A5383051D41A" "Checksum error: 1f34572837d9904ed93222719dae2762x000 -> EMLibUpdateAgentNT.exe"
2012-09-20 12:09:56 : Cmd-ALL << [E4004][C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Working\.\Decoded-Sub0\F26F7EC0-1302-4DA7-8B6B-A5383051D41A][SAVSCFXP][F26F7EC0-1302-4DA7-8B6B-A5383051D41A][RECOMMENDED][F26F7EC0-1302-4DA7-8B6B-A5383051D41A][Checksum error: 1f34572837d9904ed93222719dae2762x000 -> EMLibUpdateAgentNT.exe] Decode operation failed when decoding payload 'F26F7EC0-1302-4DA7-8B6B-A5383051D41A'. Details: Checksum error: 1f34572837d9904ed93222719dae2762x000 -> EMLibUpdateAgentNT.exe
2012-09-20 12:09:56 : Cmd-ALL << [E400D][ActionDecodeEverything-Sub0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDecodeEverything-Sub0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' failed!
2012-09-20 12:09:56 : Cmd-ALL << [I1021][__MAINTENANCE_ACTION__][__MAINTENANCE_DISPATCHER__-2012-09-20T17-09-53-1] Action '__MAINTENANCE_ACTION__' with caller '__MAINTENANCE_DISPATCHER__-2012-09-20T17-09-53-1' started...
2012-09-20 12:09:56 : PurgeDecodeFolders determined folder in use: C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Working\Decoded-SDDM\A845A8B5-6532-4EF1-B19E-1DB2B3CB73D1
2012-09-20 12:09:56 : PurgeDecodeFolders determined folder in use: C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Working\Decoded-Sub0\F26F7EC0-1302-4DA7-8B6B-A5383051D41A
2012-09-20 12:09:56 : PurgeDecodeFolders determined folder in use: C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Endpoint Management\4.5\Updates\Secure\SDFs\SophosMA\7D48A012-0C64-4F21-BA27-A9CEDF442749
2012-09-20 12:09:56 : PurgeDecodeFolders determined folder in use: C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Endpoint Management\4.5\Updates\Secure\SDFs\SophosPA\2DE69C24-D975-47b2-8D2F-6BEA861A9C75
2012-09-20 12:09:56 : PurgeDecodeFolders: Working path appears to be: C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Working\
2012-09-20 12:09:56 : Cmd-ALL << [I0019] Successfully carried out maintenance operation.
2012-09-20 12:09:56 : Cmd-ALL << [I0009][__MAINTENANCE_ACTION__][__MAINTENANCE_DISPATCHER__-2012-09-20T17-09-53-1] Action '__MAINTENANCE_ACTION__' with caller '__MAINTENANCE_DISPATCHER__-2012-09-20T17-09-53-1' succeeded!
2012-09-20 12:09:56 : Cmd-ALL << [S000A][__MAINTENANCE_DISPATCHER__-2012-09-20T17-09-53-1] Event with dispatcher ID '__MAINTENANCE_DISPATCHER__-2012-09-20T17-09-53-1' completed successfully.
2012-09-20 12:09:56 : Cmd-ALL << [I1020][__MAINTENANCE_DISPATCHER__-2012-09-20T17-09-53-1] All events with dispatcher ID '__MAINTENANCE_DISPATCHER__-2012-09-20T17-09-53-1' complete.
2012-09-20 12:09:56 : Cmd-ALL << [I1021][ActionGenerateCid-Sub0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionGenerateCid-Sub0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' started...
2012-09-20 12:09:56 : Cmd-ALL << [I1017][ActionGenerateCid-Sub0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionGenerateCid-Sub0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' could not execute.
2012-09-20 12:09:56 : Cmd-ALL << [I1021][ActionDeployCids-Sub0-0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDeployCids-Sub0-0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' started...
2012-09-20 12:09:56 : Cmd-ALL << [I1017][ActionDeployCids-Sub0-0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDeployCids-Sub0-0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' could not execute.
2012-09-20 12:09:56 : Cmd-ALL << [I1021][ActionGatherCurrencyData-Sub1][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionGatherCurrencyData-Sub1' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' started...
2012-09-20 12:09:56 : GatherCurrencyData: Considering payload Payload-Sub1...
2012-09-20 12:09:56 : GatherCurrencyData: Payload version information has changed, proceeding.
2012-09-20 12:09:56 : GatherCurrencyData: Obtaining currency data...
2012-09-20 12:09:56 : GatherCurrencyData: ReleaseHasRole(EPS) threw an exception, returning false. Details: Attribute not found.
2012-09-20 12:09:56 : GatherCurrencyData: No relevant attributes found for this payload.
2012-09-20 12:09:56 : Cmd-ALL << [I0009][ActionGatherCurrencyData-Sub1][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionGatherCurrencyData-Sub1' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' succeeded!
2012-09-20 12:09:56 : Cmd-ALL << [I1021][ActionDeploySDF-Sub1-0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDeploySDF-Sub1-0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' started...
2012-09-20 12:09:57 : Cmd-ALL << [S0015][C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Endpoint Management\4.5\Updates\Secure\SDFs\SophosMA][sec][7D48A012-0C64-4F21-BA27-A9CEDF442749][0.0.0] The SDF deployment operation was successful, and no new data files were decoded.
2012-09-20 12:09:57 : Cmd-ALL << [S0013][C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Endpoint Management\4.5\Updates\Secure\SDFs\SophosMA] The decode operation was successful, and no new data files were decoded.
2012-09-20 12:09:57 : Cmd-ALL << [I0009][ActionDeploySDF-Sub1-0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDeploySDF-Sub1-0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' succeeded!
2012-09-20 12:09:57 : Cmd-ALL << [I1021][ActionGatherCurrencyData-Sub2][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionGatherCurrencyData-Sub2' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' started...
2012-09-20 12:09:57 : GatherCurrencyData: Considering payload Payload-Sub2...
2012-09-20 12:09:57 : GatherCurrencyData: Payload version information has changed, proceeding.
2012-09-20 12:09:57 : GatherCurrencyData: Obtaining currency data...
2012-09-20 12:09:57 : GatherCurrencyData: ReleaseHasRole(EPS) threw an exception, returning false. Details: Attribute not found.
2012-09-20 12:09:57 : GatherCurrencyData: No relevant attributes found for this payload.
2012-09-20 12:09:57 : Cmd-ALL << [I0009][ActionGatherCurrencyData-Sub2][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionGatherCurrencyData-Sub2' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' succeeded!
2012-09-20 12:09:57 : Cmd-ALL << [I1021][ActionDeploySDF-Sub2-0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDeploySDF-Sub2-0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' started...
2012-09-20 12:09:57 : Creating file package source...
2012-09-20 12:09:57 : Decoding the product...
2012-09-20 12:09:58 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/sophos.plk IsCancelled? 0
2012-09-20 12:09:58 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/manifest.dat IsCancelled? 0
2012-09-20 12:09:58 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/cabarc.exe IsCancelled? 0
2012-09-20 12:09:58 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/PatchImport64.exe IsCancelled? 0
2012-09-20 12:09:58 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/PatchImport32.exe IsCancelled? 0
2012-09-20 12:09:58 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/PatchConfig.xml IsCancelled? 0
2012-09-20 12:09:58 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/MCEScan.exe IsCancelled? 0
2012-09-20 12:09:59 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/x64/envprep.exe IsCancelled? 0
2012-09-20 12:09:59 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/PDATA/VendorAllowList.xml IsCancelled? 0
2012-09-20 12:09:59 : Starting to decode C:/Documents and Settings/All Users/Application Data/Sophos/Sophos Endpoint Management/4.5/Updates/Secure/SDFs/SophosPA/PSRVR/PDATA/PatchFeed.xml IsCancelled? 0
2012-09-20 12:09:59 : Decoding complete.
2012-09-20 12:09:59 : Cmd-ALL << [S0014][C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Endpoint Management\4.5\Updates\Secure\SDFs\SophosPA][PSRVR][2DE69C24-D975-47b2-8D2F-6BEA861A9C75][RECOMMENDED] The SDF deployment operation was successful.
2012-09-20 12:09:59 : Cmd-ALL << [S0004][C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Endpoint Management\4.5\Updates\Secure\SDFs\SophosPA] The decode operation was successful.
2012-09-20 12:09:59 : Cmd-ALL << [I0009][ActionDeploySDF-Sub2-0][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDeploySDF-Sub2-0' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' succeeded!
2012-09-20 12:09:59 : Cmd-ALL << [I1021][ActionGatherCurrencyData-SDDM][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionGatherCurrencyData-SDDM' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' started...
2012-09-20 12:09:59 : GatherCurrencyData: Considering payload Payload-SDDM...
2012-09-20 12:09:59 : GatherCurrencyData: Payload version information has changed, proceeding.
2012-09-20 12:09:59 : GatherCurrencyData: Obtaining currency data...
2012-09-20 12:09:59 : GatherCurrencyData: ReleaseHasRole(EPS) threw an exception, returning false. Details: Attribute not found.
2012-09-20 12:09:59 : GatherCurrencyData: No relevant attributes found for this payload.
2012-09-20 12:09:59 : Cmd-ALL << [I0009][ActionGatherCurrencyData-SDDM][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionGatherCurrencyData-SDDM' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' succeeded!
2012-09-20 12:09:59 : Cmd-ALL << [I1021][ActionDecodeEverything-SDDM][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDecodeEverything-SDDM' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' started...
2012-09-20 12:10:00 : Cmd-ALL << [S001A][C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Working\.\Decoded-SDDM\A845A8B5-6532-4EF1-B19E-1DB2B3CB73D1][sum][A845A8B5-6532-4EF1-B19E-1DB2B3CB73D1][RECOMMENDED] The decode operation was successful (and NULL).
2012-09-20 12:10:00 : Cmd-ALL << [S0013][C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Working\.\Decoded-SDDM] The decode operation was successful, and no new data files were decoded.
2012-09-20 12:10:00 : Cmd-ALL << [I0009][ActionDecodeEverything-SDDM][DispatcherSupplements-2012-09-20T17-09-10-1] Action 'ActionDecodeEverything-SDDM' with caller 'DispatcherSupplements-2012-09-20T17-09-10-1' succeeded!
2012-09-20 12:10:00 : Cmd-ALL << [E400E][DispatcherSupplements-2012-09-20T17-09-10-1] Event with dispatcher ID 'DispatcherSupplements-2012-09-20T17-09-10-1' failed to execute.
2012-09-20 12:10:00 : Cmd-ALL << [I1020][DispatcherSupplements-2012-09-20T17-09-10-1] All events with dispatcher ID 'DispatcherSupplements-2012-09-20T17-09-10-1' complete.
