Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 44 replies
  • Subscribers 1 subscriber
  • Views 145744 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SHH/Updater-B Fiasco Recovery Steps

chavez243

Just thought a thread for just the recovery steps would be helpful as I'm sure this is a big mess for many of my IT brethren who will be burning the midnight oil on the cleanup.

Perhaps a Sophos engineer could chime in on:

- what to do about "Software Delivery failed" in Update Manager

- what to do about ALsvc.exe and ALUpdate.exe being detected / quarantined

- other steps?

:30335


This thread was automatically locked due to age.
Parents
  • 0

    We had the "delete" option enabled and so it disabled our control center. I have been unable to repair Sophos Control Center via add/remove programs Repair option. So I decided to remove and install it from scratch, which was a big mistake, because even though the major revision is the same, apparently the one I had installed was newer, so now I can't see the Control Center at all and it cannot talk to the other components.

    If your control server is down and you have backups of it, I would recommend you manually pick out the files that were deleted from the Sophos program files folder rather than try a re-install, since we're in worse shape after the reinstall. That should work if the problem is as simple as it appears. Your deleted files should be listed n your AV log on that machine. Just make sure your backup is fresh so the versions sync.

    Edit: Another reason why I don't run antivirus on mission critical servers. Your mileage may vary.

    :30783
Reply
  • 0

    We had the "delete" option enabled and so it disabled our control center. I have been unable to repair Sophos Control Center via add/remove programs Repair option. So I decided to remove and install it from scratch, which was a big mistake, because even though the major revision is the same, apparently the one I had installed was newer, so now I can't see the Control Center at all and it cannot talk to the other components.

    If your control server is down and you have backups of it, I would recommend you manually pick out the files that were deleted from the Sophos program files folder rather than try a re-install, since we're in worse shape after the reinstall. That should work if the problem is as simple as it appears. Your deleted files should be listed n your AV log on that machine. Just make sure your backup is fresh so the versions sync.

    Edit: Another reason why I don't run antivirus on mission critical servers. Your mileage may vary.

    :30783
Children
No Data