Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 17715 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos deactivating Windows 8.1

danindub

Hi guys,

It would appear that Sophos Antivirus is detecting virus in Windows 8.1 in following files:

C:\Windows\System32\sppsvc.exe

C:\Windows\System32\sppcext.dll

As a result it's breaking Windows 8.1 activation system. We tried to exclude files from on-access scanning, but activation is breaking regardless.

Please assist.

:51820


This thread was automatically locked due to age.
  • 0
    Hello danindub,

    please always include the name of the detections - otherwise advice can only be general.
    You should "submit samples" of the files (search for the term in the knowledgebase if you don't know how to do it). Does the exclusion work - i.e. no alert - but activation still fails (and the files are still there)? If so, there's something fishy ...

    Christian
    :51822
  • 0

    i am getting the same detection of sppcext.dll for every new tablet pc i install. it comes up in the Enterprise console as Mal/FakeAV-MR. 

    is this a false reading. every windows 8.1 Tablet i install sophos on, and the tablets are brand new, are getting quarentined? 

    :54932
  • 0

    Hello Keith1213,

    if this is the same issue then danindub apparently never sent a sample.

    Please submit samples of the detected files to the Labs. First of all this is one of the best ways to assess whether they're clean or not and zeroth (forgive the pun) the only way to get a correction for a potential false positive Mal/FakeAV-MR (its Analysis lists Please send us a sample as first option) detection. 

    Christian

    :54943
  • 0

    Thats weird because I'm not getting any problem with sophos and Windows 8.1. Runnin 10.3 with latest detection. What type of configuration do you have?

    :54960
  • 0
    Hello danindub,

    We believe this issue is now resolved as both files have been marked as clean and we aren't seeing anymore detection's.

    If you are still experiencing issues with this please let us know.
Unfiltered HTML