Advisory: Support Portal Maintenance. Login is currently unavailable, more info available here.
We have a department who is getting their own software to cover their own encryption and need Safeguard uninstalled for just their department. In the uninstall, the SGNCleanUp.exe runs after an admin logs in the next time after the rest of the software gets uninstalled. However none of the users here are admins and there doesn't seem to be an easy way to have this fully run without manually touching all the computers which isn't really ideal.
Does anyone know what SGNCleanUp does and can it be manually done in the background by a SYSTEM account? (deleting files/registry entries)?
If more information is needed please let me know.
The SGNCleanUp application will remove any residual files, folders, etc. after an uninstall. The file is located It does require an account that has admin rights, be it a LOCAL or SYSTEM admin.
SGNCleanUp can be run manually. The file is located in the following path: C:\Program Files (x86)\Sophos\SafeGuard Enterprise\
This document from the help docs has more detail.
Please let us know if you have any further questions.
Technical Support Engineer | Sophos Support Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts | If a post solves your question use the 'This helped me' link
Thank you for your response. I was able to run a test on a computer but the SGNCleanUp.exe is restarting on it own without a login or any apparent remote console connection. This this is fine, do you happen to know if this is a new feature that has been added or just a fluke on this machine?
Did you login with the user having admin rights? On other machines as well it exe was able to run on its own?
I tested on a second machine and it happens on it as well. I even disabled all network access to make sure nothing happening in the background and the laptop still restarted with no login.
Would you please advise through which particular you uninstalled all the software regarding the Safeguard from the machine?
If that is an administrator, it means once the uninstallation is done, it is automatically starting the tool in the backend and will restart the machine.
Jasmin Community Support Engineer | Sophos Support Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts | If a post solves your question use the 'This helped me' link
I'm currently using a powershell script ran either via SCCM or locally on the test computer which uninstalls the Safeguard configuration, client and preinstall via msiexec. They are all using the "/qn /norestart /lv" flags at the end as well. I then either restart manually or let an SCCM task sequence do a restart after the script finishes.
I'm not sure if it matters but during the kick off of either the manual run or the task sequence, I am logged in as an admin on the computer initially so I can test not doing that.
If the automatic kick off of the SGNCleanUp.exe upon boot without logging in is not by design or a new feature, it may be something at in my environment that I'm not aware of as I am fairly new here and am still learning all of the settings and software at play here.
AFAIK, the tool SGNCleanup,exe from "C:\Program Files (x86)\Sophos\SafeGuard Enterprise\SGNCleanUp.exe" will be triggered when the admin account gets logged in. I would suggest you to check the account being used when you are running with via SCCM or Powershell script. Also as you suggested you can test running task sequence with another non-admin account.