Sophos Endpoint Installation won't open

Hi Janik Marius Lueck,

Thank you for reaching out to the Sophos Community Forum. This issue may be caused by leftovers from the previous installation.

If you haven't already, reboot your device and download a fresh installer. Try running it again and let us know how it goes.

Hi Gladys,

thank you for your advice.
I already restarted, I also tried Windows Safe Mode. I also deleted the cid_packager_temp in temp but without success. I also tried Sophos Zap for removal.

Janik Marius Lueck said:

cid_packager_temp

This leads me to believe you're trying to install an older version of Sophos Endpoint. Is the install package you're trying to run named "savw_108_sa_sfx.exe" or something similar? 

If the package does not open, this may indicate that your device does not have updated certificates to recognize the install package as legitimate. The following article outlines a registry key you can check to verify if automatic updating of root certificates is enabled. 
- https://support.sophos.com/support/s/article/KB-000043794?language=en_US

You can also try the following commands.

mkdir C:\digicerttemp

cd C:\digicerttemp

certutil.exe -urlcache -f https://cacerts.digicert.com/DigiCertTrustedRootG4.crt C:\digicerttemp\DigiCertTrustedRootG4.crt

certutil.exe -addstore root C:\digicerttemp\DigiCertTrustedRootG4.crt

cd \

rmdir digicerttemp /S /Q

Hi,
thanks for the suggestion. The installation file is named sophosendpoint.exe. Can't tell which version, under Details I just find a Version 16.2.0.0
Commands result see here: "Zugriff verweigert" menas Access denied

I believe the reason you are getting an Access denied here is due to the command prompt not being opened as Administrator. You can check the certificates on the installer package by looking into the properties of the exe file. 

- Go to the Digital Signatures tab
- Select "Details" on Sophos Ltd
- Select View Certificate on the new "Digital Signature Details" page that opens
- Ensure the certificate shows as valid

You can also go to the "Certification Path" tab on the "Certificate" window to see the required root cert. The commands sent previously will install the one that's required.

The name sophosendpoint.exe is a little unfamiliar to me. The installer packages you download from Sophos Central will be named "SophosSetup.exe". I suggest inquiring with your university if they have given you an installer related to Sophos Home or Sophos Central.

Ok, I believed I was logged in as Admin but it looks like I was not.
With admin rights I was able to execute the commands after telling Windows Defender that the commands are not hazardous.
But I still can't open the .exe file. Same result.
My .exe file also does not have those tabs in Details. I don't know why. Its the official version from m y university.

Hi Janik Marius Lueck,

Are you using the Sophos standalone installer? Can you please confirm where the installer was downloaded from? Thank you.

I don't know, it's a official download from the website of my university. I can send you the .exe via PM if you wish to.

I found an interesting log from the day the error occurred.

18.10.2022,16:30:16,Informationen,Process security set successfully,
18.10.2022,16:30:16,FEHLER,Installation konnte nicht gestartet werden. Der Computer wurde von Sophos Clean gesperrt. Starten Sie den Computer neu und versuchen Sie es erneut.,

and translated

18.10.2022,16:30:16,ERROR,Installation could not be started. The computer has been locked by Sophos Clean. Restart the computer and try again...,

That was on the day I found out that every element in Sophos was grayed out and I was not ablet to click anything in the UI.

Hi Janik Marius Lueck,

It appears that you're using an on-prem package. Based on the error shared, the issue looks as though it may be caused by a permissions issue trying to create Registry values.

Also, please check if there's another security software installed on the device. Thank you.