Hi,I had an issue with my endpoint client and deinstalled the software because on access was disabled and i was not able to click anything in the UI.But now I can't install sophos again. I have a download from my university. When I try to open the exit file sophosendpoint.exe (32bit) pops up in the task manager but it immediately closes. No window opens, no logs are created. My system is a 64bit system but I think theres just one download and its for both 32 and 64bit.Thanks in advance
Hi Janik Marius Lueck,
Thank you for reaching out to the Sophos Community Forum. This issue may be caused by leftovers from the previous installation.
If you haven't already, reboot your device and download a fresh installer. Try running it again and let us know how it goes.
Hi Gladys,thank you for your advice.I already restarted, I also tried Windows Safe Mode. I also deleted the cid_packager_temp in temp but without success. I also tried Sophos Zap for removal.
Janik Marius Lueck said:cid_packager_temp
This leads me to believe you're trying to install an older version of Sophos Endpoint. Is the install package you're trying to run named "savw_108_sa_sfx.exe" or something similar?
If the package does not open, this may indicate that your device does not have updated certificates to recognize the install package as legitimate. The following article outlines a registry key you can check to verify if automatic updating of root certificates is enabled. - https://support.sophos.com/support/s/article/KB-000043794?language=en_US
You can also try the following commands.
certutil.exe -urlcache -f https://cacerts.digicert.com/DigiCertTrustedRootG4.crt C:\digicerttemp\DigiCertTrustedRootG4.crt
certutil.exe -addstore root C:\digicerttemp\DigiCertTrustedRootG4.crt
rmdir digicerttemp /S /Q
Hi,thanks for the suggestion. The installation file is named sophosendpoint.exe. Can't tell which version, under Details I just find a Version 220.127.116.11Commands result see here: "Zugriff verweigert" menas Access denied
I believe the reason you are getting an Access denied here is due to the command prompt not being opened as Administrator. You can check the certificates on the installer package by looking into the properties of the exe file.
- Go to the Digital Signatures tab- Select "Details" on Sophos Ltd- Select View Certificate on the new "Digital Signature Details" page that opens- Ensure the certificate shows as valid
You can also go to the "Certification Path" tab on the "Certificate" window to see the required root cert. The commands sent previously will install the one that's required.
The name sophosendpoint.exe is a little unfamiliar to me. The installer packages you download from Sophos Central will be named "SophosSetup.exe". I suggest inquiring with your university if they have given you an installer related to Sophos Home or Sophos Central.
Ok, I believed I was logged in as Admin but it looks like I was not.With admin rights I was able to execute the commands after telling Windows Defender that the commands are not hazardous.But I still can't open the .exe file. Same result. My .exe file also does not have those tabs in Details. I don't know why. Its the official version from m y university.
Hi Janik Marius Lueck,Are you using the Sophos standalone installer? Can you please confirm where the installer was downloaded from? Thank you.
I don't know, it's a official download from the website of my university. I can send you the .exe via PM if you wish to.
I found an interesting log from the day the error occurred.
18.10.2022,16:30:16,Informationen,Process security set successfully,
18.10.2022,16:30:16,FEHLER,Installation konnte nicht gestartet werden. Der Computer wurde von Sophos Clean gesperrt. Starten Sie den Computer neu und versuchen Sie es erneut.,
18.10.2022,16:30:16,ERROR,Installation could not be started. The computer has been locked by Sophos Clean. Restart the computer and try again...,
That was on the day I found out that every element in Sophos was grayed out and I was not ablet to click anything in the UI.
It appears that you're using an on-prem package. Based on the error shared, the issue looks as though it may be caused by a permissions issue trying to create Registry values.
Also, please check if there's another security software installed on the device. Thank you.