Hi, I have trouble on installation of sophos, installation not continue because of error.
Is there any solution for this? thanks ...
Edit tags
[edited by: GlennSen at 4:42 AM (GMT -7) on 2 Apr 2024]
Hi, I have trouble on installation of sophos, installation not continue because of error.
Is there any solution for this? thanks ...
an other one on this issue?
can you please post the log file (remove your internal information first)
Sophos Installer: download error from dci.sophosupd.com - non existing host
2024-03-11T14:03:07.0952293Z INFO : Running C:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\SophosSetup-372937170\\Setup.exe 2024-03-11T14:03:07.0952293Z INFO : Stage 1 command-line options: 2024-03-11T14:03:07.0952293Z INFO : --- 2024-03-11T14:03:07.0963041Z INFO : Quiet mode on: 0 2024-03-11T14:03:07.0963041Z INFO : Bypass ownership check: 0 2024-03-11T14:03:07.0963041Z INFO : Bypass ACS check: 0 2024-03-11T14:03:07.0963041Z INFO : Automatic Proxy detection disabled: 0 2024-03-11T14:03:07.0963041Z INFO : No feedback mode on: 0 2024-03-11T14:03:07.0973012Z INFO : Dump feedback enabled: 0 2024-03-11T14:03:07.0973012Z INFO : Bypass competitor removal: 0 2024-03-11T14:03:07.0973012Z INFO : Using CRT catalog file path: -- 2024-03-11T14:03:07.0983000Z INFO : Only register endpoint with Central: 0 2024-03-11T14:03:07.0983000Z INFO : Log messages between endpoint and Central: 0 2024-03-11T14:03:07.0983000Z INFO : Log command-line passed to executables: 0 2024-03-11T14:03:07.0983000Z INFO : Using custom server that hosts the installer stage2 filename: -- 2024-03-11T14:03:07.0983000Z INFO : Using cloud group: -- 2024-03-11T14:03:07.0992960Z INFO : Overriding computer name: -- 2024-03-11T14:03:07.0992960Z INFO : Overriding computer description: -- 2024-03-11T14:03:07.0992960Z INFO : Overriding domain name: -- 2024-03-11T14:03:07.0992960Z INFO : Language will be set to: -- 2024-03-11T14:03:07.0992960Z INFO : Using message relays: -- 2024-03-11T14:03:07.1002934Z INFO : Proxy address: -- 2024-03-11T14:03:07.1002934Z INFO : Proxy user name: -- 2024-03-11T14:03:07.1002934Z INFO : Using custom customer token: -- 2024-03-11T14:03:07.1002934Z INFO : Using specified products: -- 2024-03-11T14:03:07.1002934Z INFO : Using certificates from the program data folder: 0 2024-03-11T14:03:07.1002934Z INFO : Setting non-persistent image: 0 2024-03-11T14:03:07.1012913Z INFO : Setting gold image: 0 2024-03-11T14:03:07.1012913Z INFO : MCS registration timeout for golden image: -- 2024-03-11T14:03:07.1012913Z INFO : Using custom customer ID: -- 2024-03-11T14:03:07.1012913Z INFO : Using specified user ID: -- 2024-03-11T14:03:07.1012913Z INFO : Using local install source: -- 2024-03-11T14:03:07.1022879Z INFO : Invoked as part of SEC migration: 0 2024-03-11T14:03:07.1022879Z INFO : --- 2024-03-11T14:03:07.1043116Z INFO : Detected architecture: 2 2024-03-11T14:03:07.1043116Z INFO : Using x86 program files for stage 2 2024-03-11T14:03:07.1043116Z INFO : Target path: C:\\Program Files (x86)\\Sophos\\CloudInstaller 2024-03-11T14:03:07.1537717Z INFO : About to delete: C:\\Program Files (x86)\\Sophos\\CloudInstaller 2024-03-11T14:03:07.1547684Z ERROR : Failed to remove 'C:\\Program Files (x86)\\Sophos\\CloudInstaller'. Error: remove_all: The process cannot access the file because it is being used by another process.: "C:\\Program Files (x86)\\Sophos\\CloudInstaller" 2024-03-11T14:03:07.1547684Z ERROR : Error downloading/running stage 2: remove_all: The process cannot access the file because it is being used by another process.: "C:\\Program Files (x86)\\Sophos\\CloudInstaller" 2024-03-11T14:03:10.2556988Z INFO : FindMainWindow: pid=0 2024-03-11T14:03:10.2723988Z ERROR : Exception: remove_all: The process cannot access the file because it is being used by another process.: "C:\\Program Files (x86)\\Sophos\\CloudInstaller"
that is a different problem.
The process cannot access the file because it is being used by another process
is an other (AV) software installed and actively scanning the folder?
eventually it is you having that folder open in explorer?
Sorry I send the wrong file here are the latest logs. .
2024-03-11T14:12:30.2560541Z INFO : Running C:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\SophosSetup-1630193600\\Setup.exe
2024-03-11T14:12:30.2570514Z INFO : Stage 1 command-line options:
2024-03-11T14:12:30.2570514Z INFO : ---
2024-03-11T14:12:30.2570514Z INFO : Quiet mode on: 0
2024-03-11T14:12:30.2570514Z INFO : Bypass ownership check: 0
2024-03-11T14:12:30.2580489Z INFO : Bypass ACS check: 0
2024-03-11T14:12:30.2580489Z INFO : Automatic Proxy detection disabled: 0
2024-03-11T14:12:30.2580489Z INFO : No feedback mode on: 0
2024-03-11T14:12:30.2580489Z INFO : Dump feedback enabled: 0
2024-03-11T14:12:30.2580489Z INFO : Bypass competitor removal: 0
2024-03-11T14:12:30.2590462Z INFO : Using CRT catalog file path: --
2024-03-11T14:12:30.2590462Z INFO : Only register endpoint with Central: 0
2024-03-11T14:12:30.2590462Z INFO : Log messages between endpoint and Central: 0
2024-03-11T14:12:30.2590462Z INFO : Log command-line passed to executables: 0
2024-03-11T14:12:30.2590462Z INFO : Using custom server that hosts the installer stage2 filename: --
2024-03-11T14:12:30.2590462Z INFO : Using cloud group: --
2024-03-11T14:12:30.2600437Z INFO : Overriding computer name: --
2024-03-11T14:12:30.2600437Z INFO : Overriding computer description: --
2024-03-11T14:12:30.2600437Z INFO : Overriding domain name: --
2024-03-11T14:12:30.2600437Z INFO : Language will be set to: --
2024-03-11T14:12:30.2600437Z INFO : Using message relays: --
2024-03-11T14:12:30.2600437Z INFO : Proxy address: --
2024-03-11T14:12:30.2610412Z INFO : Proxy user name: --
2024-03-11T14:12:30.2610412Z INFO : Using custom customer token: --
2024-03-11T14:12:30.2610412Z INFO : Using specified products: --
2024-03-11T14:12:30.2610412Z INFO : Using certificates from the program data folder: 0
2024-03-11T14:12:30.2610412Z INFO : Setting non-persistent image: 0
2024-03-11T14:12:30.2610412Z INFO : Setting gold image: 0
2024-03-11T14:12:30.2620385Z INFO : MCS registration timeout for golden image: --
2024-03-11T14:12:30.2620385Z INFO : Using custom customer ID: --
2024-03-11T14:12:30.2620385Z INFO : Using specified user ID: --
2024-03-11T14:12:30.2620385Z INFO : Using local install source: --
2024-03-11T14:12:30.2620385Z INFO : Invoked as part of SEC migration: 0
2024-03-11T14:12:30.2620385Z INFO : ---
2024-03-11T14:12:30.2650303Z INFO : Detected architecture: 2
2024-03-11T14:12:30.2650303Z INFO : Using x86 program files for stage 2
2024-03-11T14:12:30.2660276Z INFO : Target path: C:\\Program Files (x86)\\Sophos\\CloudInstaller
2024-03-11T14:12:30.3299624Z INFO : About to delete: C:\\Program Files (x86)\\Sophos\\CloudInstaller
2024-03-11T14:12:30.3299624Z INFO : Folder deleted
2024-03-11T14:12:30.3299624Z INFO : Running on x64, requesting x86 Stage2
2024-03-11T14:12:30.3299624Z INFO : Sending HTTP 'POST' request to: api/download/stage2-details/c66ef318-9c42-494c-8de6-9bc9e6e303ad
2024-03-11T14:12:30.3455836Z INFO : Did not discover an URL for a PAC file
2024-03-11T14:12:30.3455836Z INFO : Attempting to connect using proxy '' of type 'Empty Proxy'.
2024-03-11T14:12:30.3455836Z INFO : Set security protocol: 00000800
2024-03-11T14:12:30.3455836Z INFO : Opening connection to api-cloudstation-us-east-2.prod.hydra.sophos.com
2024-03-11T14:12:30.3455836Z INFO : Request content size: 30
2024-03-11T14:12:31.5773621Z INFO : Sending request
2024-03-11T14:12:31.5773621Z INFO : Request sent
2024-03-11T14:12:31.8116837Z INFO : Sending request
2024-03-11T14:12:31.8116837Z INFO : Request sent
2024-03-11T14:12:31.8116837Z INFO : Response status code: 200
2024-03-11T14:12:31.8116837Z INFO : Response data size: 303
2024-03-11T14:12:31.8116837Z INFO : trySendRequestThroughPotentialProxy returning response with status code: 200
2024-03-11T14:12:31.8116837Z INFO : Parsing message received for Stage 2 filename: '{"stage2_filename":"stage2-1.19.68.0-6f07e43ad67c5cb69a55bac88932a503df3e4236aa86350e9558f5bf428a8882.tar.gz","mcs_server":"mcs2-cloudstation-us-east-2.prod.hydra.sophos.com","downloads_server":"downloads.sophos.com","telemetry_server":"t1.sophosupd.com","diagnostics_server":"installer1.sophosupd.com"}'
2024-03-11T14:12:31.8116837Z INFO : Sending HTTP 'GET' request to: full/central/windows/business/installer/stage2-1.19.68.0-6f07e43ad67c5cb69a55bac88932a503df3e4236aa86350e9558f5bf428a8882.tar.gz
2024-03-11T14:12:31.8116837Z INFO : Did not discover an URL for a PAC file
2024-03-11T14:12:31.8116837Z INFO : Attempting to connect using proxy '' of type 'Empty Proxy'.
2024-03-11T14:12:31.8116837Z INFO : Set security protocol: 00000800
2024-03-11T14:12:31.8116837Z INFO : Opening connection to downloads.sophos.com
2024-03-11T14:12:31.8116837Z INFO : Request content size: 0
2024-03-11T14:12:33.0272170Z INFO : Sending request
2024-03-11T14:12:33.0272170Z INFO : Request sent
2024-03-11T14:12:34.0728970Z INFO : Response status code: 200
2024-03-11T14:12:34.0728970Z INFO : Response data size: 3858959
2024-03-11T14:12:34.0885181Z INFO : trySendRequestThroughPotentialProxy returning response with status code: 200
2024-03-11T14:12:34.0885181Z INFO : Extracting files:
2024-03-11T14:12:34.0885181Z INFO : integrity.dat
2024-03-11T14:12:34.0885181Z INFO : manifest.dat
2024-03-11T14:12:34.1019186Z INFO : scf.dat
2024-03-11T14:12:34.1069338Z INFO : SDDS3.dll
2024-03-11T14:12:34.1438358Z INFO : sof.dat
2024-03-11T14:12:34.1498191Z INFO : SophosACSenabledTest.exe
2024-03-11T14:12:34.1657765Z INFO : SophosSetup_Stage2.exe
2024-03-11T14:12:34.2415795Z INFO : su-setup32.exe
2024-03-11T14:12:34.2609712Z INFO : su-setup64.exe
2024-03-11T14:12:34.2922421Z INFO : SUL.dll
2024-03-11T14:12:34.3391108Z INFO : Management Certs/sophosca1.crl
2024-03-11T14:12:34.3391108Z INFO : Management Certs/sophosca1.crt
2024-03-11T14:12:34.3391108Z INFO : Management Certs/sophosca2.crl
2024-03-11T14:12:34.3391108Z INFO : Management Certs/sophosca2.crt
2024-03-11T14:12:34.3546996Z INFO : Management Certs/sophosca3.crl
2024-03-11T14:12:34.3546996Z INFO : Management Certs/sophosca3.crt
2024-03-11T14:12:34.3546996Z INFO : Management Certs/sophosca4.crl
2024-03-11T14:12:34.3546996Z INFO : Management Certs/sophosca4.crt
2024-03-11T14:12:34.3546996Z INFO : ManifestCerts/rootca.crl
2024-03-11T14:12:34.3703488Z INFO : ManifestCerts/rootca.crt
2024-03-11T14:12:34.3703488Z INFO : ManifestCerts/rootca384.crl
2024-03-11T14:12:34.3703488Z INFO : ManifestCerts/rootca384.crt
2024-03-11T14:12:34.3859434Z INFO : Checking manifest:C:\\Program Files (x86)\\Sophos\\CloudInstaller\\extract_cache\\manifest.dat
2024-03-11T14:12:34.4640583Z INFO : Running setup.
2024-03-11T14:12:34.5421566Z INFO : Stage 2 command-line options:
2024-03-11T14:12:34.5421566Z INFO : ---
2024-03-11T14:12:34.5421566Z INFO : Parent PID: 6952
2024-03-11T14:12:34.5421566Z INFO : MCS server: mcs2-cloudstation-us-east-2.prod.hydra.sophos.com
2024-03-11T14:12:34.5421566Z INFO : Telemetry server: t1.sophosupd.com
2024-03-11T14:12:34.5421566Z INFO : Diagnostics server: installer1.sophosupd.com
2024-03-11T14:12:34.5421566Z INFO : Message relays: --
2024-03-11T14:12:34.5421566Z INFO : Suppressing feedback: 0
2024-03-11T14:12:34.5421566Z INFO : Dump feedback to disk: 0
2024-03-11T14:12:34.5421566Z INFO : Setting non-persistent image: 0
2024-03-11T14:12:34.5421566Z INFO : Setting gold image: 0
2024-03-11T14:12:34.5421566Z INFO : MCS registration timeout for golden image: --
2024-03-11T14:12:34.5421566Z INFO : Register only: 0
2024-03-11T14:12:34.5421566Z INFO : Trail logging: 0
2024-03-11T14:12:34.5577781Z INFO : Command-line logging: 0
2024-03-11T14:12:34.5577781Z INFO : Bypassing competitor removal: 0
2024-03-11T14:12:34.5577781Z INFO : CRT catalog: --
2024-03-11T14:12:34.5577781Z INFO : Language: --
2024-03-11T14:12:34.5577781Z INFO : Log files: C:\\ProgramData\\Sophos\\CloudInstaller\\Logs\\SophosCloudInstaller_20240311_141230.log
2024-03-11T14:12:34.5577781Z INFO : Group: --
2024-03-11T14:12:34.5577781Z INFO : Quiet: 0
2024-03-11T14:12:34.5577781Z INFO : Bypass ownership check: 0
2024-03-11T14:12:34.5577781Z INFO : Bypass ACS check: 0
2024-03-11T14:12:34.5577781Z INFO : Virtual appliance: 0
2024-03-11T14:12:34.5577781Z INFO : Proxy address: --
2024-03-11T14:12:34.5577781Z INFO : Proxy user: --
2024-03-11T14:12:34.5577781Z INFO : Overriding computer name: --
2024-03-11T14:12:34.5577781Z INFO : Overriding computer description: --
2024-03-11T14:12:34.5577781Z INFO : Overriding domain: --
2024-03-11T14:12:34.5577781Z INFO : Disable proxy detection: 0
2024-03-11T14:12:34.5577781Z INFO : Customer Token Specified: c66ef318-9c42-494c-8de6-9bc9e6e303ad
2024-03-11T14:12:34.5577781Z INFO : Products: all
2024-03-11T14:12:34.5577781Z INFO : Pipe write handle: 2076
2024-03-11T14:12:34.5577781Z INFO : MCS Certificates Folder: 0
2024-03-11T14:12:34.5577781Z INFO : MCS Customer Id: 68cda7b3-d435-546f-a86c-1b075b638a44
2024-03-11T14:12:34.5577781Z INFO : User Id: --
2024-03-11T14:12:34.5577781Z INFO : Local install source: --
2024-03-11T14:12:34.5577781Z INFO : Partner Id: --
2024-03-11T14:12:34.5577781Z INFO : Customer Estate Id: --
2024-03-11T14:12:34.5577781Z INFO : Invoked as part of SEC migration: 0
2024-03-11T14:12:34.5577781Z INFO : ---
2024-03-11T14:12:34.5577781Z INFO : User name: Administrator
2024-03-11T14:12:34.5577781Z INFO : NameDnsDomain: COLINASVERDES.COM\\Administrator
2024-03-11T14:12:34.5577781Z INFO : dnsDomain: COLINASVERDES.COM
2024-03-11T14:12:35.7947984Z INFO : lpProfilePath:
2024-03-11T14:12:35.8103883Z INFO : User profile loaded
2024-03-11T14:12:35.8103883Z INFO : Net API buffer freed
2024-03-11T14:12:35.8103883Z INFO : Model::messageRelays value changed to be size: 0
2024-03-11T14:12:35.8103883Z INFO : Model::group value changed to:
2024-03-11T14:12:35.8103883Z INFO : Model::parentPid value changed to: 6952
2024-03-11T14:12:35.8103883Z INFO : Model::products changed to: all
2024-03-11T14:12:35.8103883Z INFO : Model::customer token value changed to: c66ef318-9c42-494c-8de6-9bc9e6e303ad
2024-03-11T14:12:35.8103883Z INFO : MCS Crts: C:\\Program Files (x86)\\Sophos\\CloudInstaller\\Management Certs\\sophosca1.crt,C:\\Program Files (x86)\\Sophos\\CloudInstaller\\Management Certs\\sophosca2.crt,C:\\Program Files (x86)\\Sophos\\CloudInstaller\\Management Certs\\sophosca3.crt,C:\\Program Files (x86)\\Sophos\\CloudInstaller\\Management Certs\\sophosca4.crt
2024-03-11T14:12:35.8103883Z INFO : MCS CRLs: C:\\Program Files (x86)\\Sophos\\CloudInstaller\\Management Certs\\sophosca1.crl,C:\\Program Files (x86)\\Sophos\\CloudInstaller\\Management Certs\\sophosca2.crl,C:\\Program Files (x86)\\Sophos\\CloudInstaller\\Management Certs\\sophosca3.crl,C:\\Program Files (x86)\\Sophos\\CloudInstaller\\Management Certs\\sophosca4.crl
2024-03-11T14:12:35.8103883Z INFO : Model:: MCS customer id value changed to: 68cda7b3-d435-546f-a86c-1b075b638a44
2024-03-11T14:12:35.8103883Z INFO : Sophos Endpoint Defense is not installed
2024-03-11T14:12:35.8103883Z INFO : Not tamper-protected by SED
2024-03-11T14:12:35.8103883Z INFO : detectedMsiInstalledMcs.installed: 0
2024-03-11T14:12:35.8103883Z INFO : Not migrating from SEC endpoint.
2024-03-11T14:12:35.8103883Z INFO : Beginning command definition.
2024-03-11T14:12:35.8103883Z INFO : Adding command to remove Sophos 'Image File Execution Options' keys.
2024-03-11T14:12:35.8103883Z INFO : Adding command to wait for SAU update to complete.
2024-03-11T14:12:35.8103883Z INFO : Adding competitor detection command.
2024-03-11T14:12:35.8103883Z INFO : Adding command to register with Sophos cloud.
2024-03-11T14:12:35.8103883Z INFO : Adding command to download product suite.
2024-03-11T14:12:35.8103883Z INFO : Adding command to uninstall existing products.
2024-03-11T14:12:35.8103883Z INFO : Trying to get uninstall path for: '{FA203C29-393F-4247-A69D-6C93E6D685EB}'
2024-03-11T14:12:35.8103883Z INFO : Key 'SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{FA203C29-393F-4247-A69D-6C93E6D685EB}' does not exist.
2024-03-11T14:12:35.8103883Z INFO : Trying to get uninstall path for: '{FA203C29-393F-4247-A69D-6C93E6D685EB}'
2024-03-11T14:12:35.8103883Z INFO : Key 'SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{FA203C29-393F-4247-A69D-6C93E6D685EB}' does not exist in redirection hive.
2024-03-11T14:12:35.8103883Z INFO : Adding command to uninstall Sophos AutoUpdate MSI
2024-03-11T14:12:35.8103883Z INFO : Adding command to remove existing installation of Sophos AutoUpdate
2024-03-11T14:12:35.8103883Z INFO : Adding command to allow tamper protected reinstalls.
2024-03-11T14:12:35.8103883Z INFO : Adding commands to uninstall remaining existing products.
2024-03-11T14:12:35.8103883Z INFO : Adding command to remove existing installation of Sophos System Protection
2024-03-11T14:12:35.8103883Z INFO : Adding command to remove existing installation of Sophos Heartbeat
2024-03-11T14:12:35.8103883Z INFO : Adding command to remove existing installation of Sophos Network Access Control
2024-03-11T14:12:35.8103883Z INFO : Adding command to remove existing installation of Sophos Client Firewall
2024-03-11T14:12:35.8103883Z INFO : Adding command to remove existing installation of Sophos Patch
2024-03-11T14:12:35.8103883Z INFO : Adding command to remove existing installation of Sophos Clean
2024-03-11T14:12:35.8103883Z INFO : Adding command to uninstall orphaned products.
2024-03-11T14:12:35.8103883Z INFO : Adding command to prepare for installation.
2024-03-11T14:12:35.8103883Z INFO : Adding command to install Sophos agent.
2024-03-11T14:12:35.8103883Z INFO : Command definition complete.
2024-03-11T14:12:35.8260096Z INFO : Stage 1 version:1.19.68.0
2024-03-11T14:12:35.8260096Z INFO : Stage 2 version:1.19.68.0
2024-03-11T14:12:35.8260096Z INFO : OS version: 10.0.19045.
2024-03-11T14:12:35.8260096Z INFO : Service pack: 0.0.
2024-03-11T14:12:35.8260096Z INFO : System Language: 1033.
2024-03-11T14:12:35.8260096Z INFO : User Language: 1033.
2024-03-11T14:12:35.8260096Z INFO : 64 bit: yes.
2024-03-11T14:12:35.8260096Z INFO : FindMainWindow: pid=6952
2024-03-11T14:12:35.8260096Z INFO : Window is main control window of process
2024-03-11T14:12:35.8260096Z INFO : ::EnumWindows stopped early; window found
2024-03-11T14:12:35.8260096Z INFO : _bestHandle=00080852
2024-03-11T14:12:36.0447350Z INFO : Running System Property Check: VerifyTrust ...
2024-03-11T14:12:36.0925300Z INFO : System Property Check: VerifyTrust - PASSED
2024-03-11T14:12:36.1542984Z INFO : Running System Property Check: RequiredPrivilegesHeld ...
2024-03-11T14:12:36.1552900Z INFO : All required privileges could be enabled
2024-03-11T14:12:36.1552900Z INFO : System Property Check: RequiredPrivilegesHeld - PASSED
2024-03-11T14:12:36.2171523Z INFO : Running System Property Check: TrustedHmpaFolder ...
2024-03-11T14:12:36.2171523Z INFO : HMPA folder is trusted
2024-03-11T14:12:36.2171523Z INFO : System Property Check: TrustedHmpaFolder - PASSED
2024-03-11T14:12:36.2802037Z INFO : Running System Property Check: HostnameLength ...
2024-03-11T14:12:36.2802037Z INFO : Initialized Winsock subsystem
2024-03-11T14:12:36.2802037Z INFO : Valid hostname length
2024-03-11T14:12:36.2802037Z INFO : System Property Check: HostnameLength - PASSED
2024-03-11T14:12:36.3426895Z INFO : Running System Property Check: GroupNameLength ...
2024-03-11T14:12:36.3426895Z INFO : System Property Check: GroupNameLength - PASSED
2024-03-11T14:12:36.4051718Z INFO : Running System Property Check: JunctionPointsCheck ...
2024-03-11T14:12:36.4051718Z INFO : Scanned 106 Sophos paths for junction points
2024-03-11T14:12:36.4051718Z INFO : System Property Check: JunctionPointsCheck - PASSED
2024-03-11T14:12:36.4676531Z INFO : Running System Property Check: PendingReboots ...
2024-03-11T14:12:36.4676531Z INFO : Found pending file rename operations in the registry
2024-03-11T14:12:36.4676531Z WARNING : System Property Check: PendingReboots recommended - FAILED
2024-03-11T14:12:36.5301388Z INFO : Running System Property Check: PrimaryDriveSpace ...
2024-03-11T14:12:36.5301388Z INFO : Enough space: 431602 Mb
2024-03-11T14:12:36.5301388Z INFO : System Property Check: PrimaryDriveSpace - PASSED
2024-03-11T14:12:36.5926290Z INFO : Running System Property Check: MsXml ...
2024-03-11T14:12:36.5926290Z INFO : System Property Check: MsXml - PASSED
2024-03-11T14:12:36.6550817Z INFO : Running System Property Check: NotFirewall ...
2024-03-11T14:12:36.6550817Z INFO : System Property Check: NotFirewall - PASSED
2024-03-11T14:12:36.7175998Z INFO : Running System Property Check: NotHitmanProAlertIncompatible ...
2024-03-11T14:12:36.7175998Z INFO : No HitmanPro.Alert Installed
2024-03-11T14:12:36.7175998Z INFO : System Property Check: NotHitmanProAlertIncompatible - PASSED
2024-03-11T14:12:36.7800814Z INFO : Running System Property Check: NotInvincea ...
2024-03-11T14:12:36.7800814Z INFO : System Property Check: NotInvincea - PASSED
2024-03-11T14:12:36.8425661Z INFO : Running System Property Check: NotMessageRelay ...
2024-03-11T14:12:36.8425661Z INFO : RMS is not installed on the endpoint
2024-03-11T14:12:36.8425661Z INFO : System Property Check: NotMessageRelay - PASSED
2024-03-11T14:12:36.9050243Z INFO : Running System Property Check: NotNac ...
2024-03-11T14:12:36.9050243Z INFO : System Property Check: NotNac - PASSED
2024-03-11T14:12:36.9675428Z INFO : Running System Property Check: NotPatch ...
2024-03-11T14:12:36.9675428Z INFO : System Property Check: NotPatch - PASSED
2024-03-11T14:12:37.0300295Z INFO : Running System Property Check: NotPureMessageDomino ...
2024-03-11T14:12:37.0300295Z INFO : System Property Check: NotPureMessageDomino - PASSED
2024-03-11T14:12:37.0925137Z INFO : Running System Property Check: NotPureMessageExchangeWithAntiSpam ...
2024-03-11T14:12:37.0925137Z INFO : System Property Check: NotPureMessageExchangeWithAntiSpam - PASSED
2024-03-11T14:12:37.1547987Z INFO : Running System Property Check: NotSharePoint ...
2024-03-11T14:12:37.1547987Z INFO : System Property Check: NotSharePoint - PASSED
2024-03-11T14:12:37.2176587Z INFO : Running System Property Check: NotSecServer ...
2024-03-11T14:12:37.2176587Z INFO : System Property Check: NotSecServer - PASSED
2024-03-11T14:12:37.2828988Z INFO : Running System Property Check: NotSum ...
2024-03-11T14:12:37.2828988Z INFO : System Property Check: NotSum - PASSED
2024-03-11T14:12:37.3453889Z INFO : Running System Property Check: NotBlockedByTamperProtection ...
2024-03-11T14:12:37.3453889Z INFO : Not tamper protected
2024-03-11T14:12:37.3453889Z INFO : System Property Check: NotBlockedByTamperProtection - PASSED
2024-03-11T14:12:37.4078672Z INFO : Running System Property Check: RAMSize ...
2024-03-11T14:12:37.4078672Z INFO : System Property Check: RAMSize - PASSED
2024-03-11T14:12:37.4703550Z INFO : Running System Property Check: CpuCoreCount ...
2024-03-11T14:12:37.4703550Z INFO : Logical processor core count: 4
2024-03-11T14:12:37.4703550Z INFO : System Property Check: CpuCoreCount - PASSED
2024-03-11T14:12:37.5328391Z INFO : Running System Property Check: SupportedArchitecture ...
2024-03-11T14:12:37.5328391Z INFO : Running on x64
2024-03-11T14:12:37.5328391Z INFO : System Property Check: SupportedArchitecture - PASSED
2024-03-11T14:12:37.5953242Z INFO : Running System Property Check: SupportedOS ...
2024-03-11T14:12:37.5953242Z INFO : Running on workstation.
2024-03-11T14:12:37.5953242Z INFO : System Property Check: SupportedOS - PASSED
2024-03-11T14:12:37.6578099Z INFO : Running System Property Check: SupportedPatches ...
2024-03-11T14:12:37.6578099Z INFO : System Property Check: SupportedPatches - PASSED
2024-03-11T14:12:37.7203033Z INFO : Running System Property Check: AzureCodeSigning ...
2024-03-11T14:12:37.7358907Z INFO : ACS supported
2024-03-11T14:12:37.7358907Z INFO : System Property Check: AzureCodeSigning - PASSED
2024-03-11T14:12:37.7984029Z INFO : Running System Property Check: DotNetFramework ...
2024-03-11T14:12:37.7984029Z INFO : Supported .NET version is present
2024-03-11T14:12:37.7984029Z INFO : System Property Check: DotNetFramework - PASSED
2024-03-11T14:12:37.8608929Z INFO : Running System Property Check: ValidTempDirectory ...
2024-03-11T14:12:37.8608929Z INFO : Temp folder exists.
2024-03-11T14:12:37.8608929Z INFO : System Property Check: ValidTempDirectory - PASSED
2024-03-11T14:12:37.9233792Z INFO : Running System Property Check: ValidLocalInstallSourceDirectory ...
2024-03-11T14:12:37.9233792Z INFO : No local install source folder to validate.
2024-03-11T14:12:37.9233792Z INFO : System Property Check: ValidLocalInstallSourceDirectory - PASSED
2024-03-11T14:12:37.9858584Z INFO : Running System Property Check: ValidServer ...
2024-03-11T14:12:37.9858584Z INFO : System Property Check: ValidServer - PASSED
2024-03-11T14:12:38.0483172Z INFO : Running System Property Check: ValidDeploymentInfo ...
2024-03-11T14:12:38.0483172Z INFO : Current Time: 2024-03-11T14:12:38.048000
2024-03-11T14:12:38.0483172Z INFO : This computer is part of the domain COLINASVERDES
2024-03-11T14:12:38.0483172Z INFO : Domain Name: COLINASVERDES
2024-03-11T14:12:38.0483172Z INFO : Computer Name: NUCMED-SOPHOS
2024-03-11T14:12:38.0483172Z INFO : Computer Description is not available.
2024-03-11T14:12:38.0483172Z INFO : Operating system friendly name: Windows 10 Pro
2024-03-11T14:12:38.0483172Z INFO : Operating system for status: WIN10
2024-03-11T14:12:38.0483172Z INFO : ProductType: 48
2024-03-11T14:12:38.0483172Z INFO : Session user: COLINASVERDES\\Administrator
2024-03-11T14:12:38.0483172Z INFO : Last logged on user: COLINASVERDES\\Administrator
2024-03-11T14:12:38.0483172Z INFO : User principal name: Administrator@COLINASVERDES.COM
2024-03-11T14:12:38.0483172Z INFO : Fully Qualified Domain Name: NUCMED-SOPHOS.colinasverdes.com
2024-03-11T14:12:38.0483172Z INFO : Processor architecture: x64
2024-03-11T14:12:38.0483172Z INFO : OS Major Version: 10 and OS Minor Version: 0
2024-03-11T14:12:38.0483172Z INFO : Friendly OS Name: WIN10
2024-03-11T14:12:38.0483172Z INFO : Is server?: 0
2024-03-11T14:12:38.0483172Z INFO : Sending HTTP 'POST' request to: sophos/management/ep/install/deployment-info/3
2024-03-11T14:12:38.0483172Z INFO : Did not discover an URL for a PAC file
2024-03-11T14:12:38.0483172Z INFO : Attempting to connect using proxy '' of type 'Empty Proxy'.
2024-03-11T14:12:38.0483172Z INFO : Set security protocol: 00000800
2024-03-11T14:12:38.0483172Z INFO : Opening connection to mcs2-cloudstation-us-east-2.prod.hydra.sophos.com
2024-03-11T14:12:38.0483172Z INFO : Sending request for connection confirmation through potential proxy
2024-03-11T14:12:38.0483172Z INFO : Request content size: 0
2024-03-11T14:12:38.8633308Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2024-03-11T14:12:38.8633308Z INFO : Subject certificate failed validation against root CA: SophosCA1
2024-03-11T14:12:38.8633308Z INFO : Subject certificate failed validation against root CA: SophosCA2
2024-03-11T14:12:38.8633308Z INFO : Certificate check succeeded
2024-03-11T14:12:38.8633308Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2024-03-11T14:12:39.1040399Z INFO : Response status code: 200
2024-03-11T14:12:39.1050029Z INFO : Response data size: 168
2024-03-11T14:12:39.1050029Z INFO : trySendRequestThroughPotentialProxy returning response with status code: 200
2024-03-11T14:12:39.1050029Z INFO : Request content size: 1403
2024-03-11T14:12:39.1060022Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2024-03-11T14:12:39.1069992Z INFO : Subject certificate failed validation against root CA: SophosCA1
2024-03-11T14:12:39.1080277Z INFO : Subject certificate failed validation against root CA: SophosCA2
2024-03-11T14:12:39.1120148Z INFO : Certificate check succeeded
2024-03-11T14:12:39.1120148Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2024-03-11T14:12:39.3492080Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2024-03-11T14:12:39.3492080Z INFO : Subject certificate failed validation against root CA: SophosCA1
2024-03-11T14:12:39.3492080Z INFO : Subject certificate failed validation against root CA: SophosCA2
2024-03-11T14:12:39.3492080Z INFO : Certificate check succeeded
2024-03-11T14:12:39.3492080Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2024-03-11T14:12:39.3492080Z INFO : Response status code: 200
2024-03-11T14:12:39.3492080Z INFO : Response data size: 217
2024-03-11T14:12:39.3647953Z INFO : Parsing message received for deployment token: {"dciFileName":"41aea06e7cf0d70e17fc260874fb911c","registrationToken":"d8f09d53484960470d2d631fac08a6c01a6d9de9d32d33847d2e77daf7343c23","products":[{"product":"INTERCEPT_ADVANCED_MDR","supported":true,"reasons":[]}]}
2024-03-11T14:12:39.3647953Z INFO : Model::token value changed to: d8f09d53484960470d2d631fac08a6c01a6d9de9d32d33847d2e77daf7343c23
2024-03-11T14:12:39.3647953Z INFO : Licenses available: INTERCEPT_ADVANCED_MDR
2024-03-11T14:12:39.5522871Z INFO : Running System Property Check: InstallationInProgress ...
2024-03-11T14:12:39.5522871Z INFO : System Property Check: InstallationInProgress - PASSED
2024-03-11T14:12:39.6147375Z INFO : Running System Property Check: SafeGuardEncryption ...
2024-03-11T14:12:39.6147375Z INFO : Entered installedProductCode, upgradeCode={BA2F47D3-1C17-40E7-8DE7-1CD733442B6C}
2024-03-11T14:12:39.6147375Z INFO : Product is not installed
2024-03-11T14:12:39.6147375Z INFO : licensesContainFeature(DEVICE_ENCRYPTION): false
2024-03-11T14:12:39.6147375Z INFO : System Property Check: SafeGuardEncryption - PASSED
2024-03-11T14:12:46.5728044Z INFO : Starting installation process.
2024-03-11T14:12:46.5728044Z INFO : About to execute command: CleanSophosIfeoKeysCommand
2024-03-11T14:12:46.5728044Z INFO : Command 'CleanSophosIfeoKeysCommand' completed with success with reboot code '0' and error message ''.
2024-03-11T14:12:46.5728044Z INFO : About to execute command: WaitForSauUpdateCommand
2024-03-11T14:12:46.5728044Z INFO : Waiting for operation to succeed within 900000ms.
2024-03-11T14:12:46.5728044Z INFO : AutoUpdate folder: C:\\Program Files (x86)\\Sophos\\AutoUpdate
2024-03-11T14:12:46.5728044Z INFO : Cache folder: C:\\ProgramData\\Sophos\\AutoUpdate\\cache
2024-03-11T14:12:46.5728044Z INFO : Cache folder: C:\\ProgramData\\Sophos\\AutoUpdate\\cache
2024-03-11T14:12:46.5728044Z INFO : SAU not updating - continuing with installation
2024-03-11T14:12:46.5728044Z INFO : Data folder: C:\\ProgramData\\Sophos\\AutoUpdate\\data
2024-03-11T14:12:46.5728044Z INFO : Command 'WaitForSauUpdateCommand' completed with success with reboot code '0' and error message ''.
2024-03-11T14:12:46.5728044Z INFO : About to execute command: CompetitorDetector
2024-03-11T14:12:46.6040472Z INFO : Command 'CompetitorDetector' completed with success with reboot code '0' and error message ''.
2024-03-11T14:12:46.6040472Z INFO : About to execute command: Register
2024-03-11T14:12:46.6040472Z INFO : Ensuring any MCS client service is stopped to prevent race for policy retrieval
2024-03-11T14:12:46.6040472Z INFO : Sending HTTP 'POST' request to: sophos/management/ep/install/register
2024-03-11T14:12:46.6040472Z INFO : Did not discover an URL for a PAC file
2024-03-11T14:12:46.6040472Z INFO : Attempting to connect using proxy '' of type 'Empty Proxy'.
2024-03-11T14:12:46.6040472Z INFO : Set security protocol: 00000800
2024-03-11T14:12:46.6040472Z INFO : Opening connection to mcs2-cloudstation-us-east-2.prod.hydra.sophos.com
2024-03-11T14:12:46.6040472Z INFO : Sending request for connection confirmation through potential proxy
2024-03-11T14:12:46.6040472Z INFO : Request content size: 0
2024-03-11T14:12:46.6040472Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2024-03-11T14:12:46.6196723Z INFO : Subject certificate failed validation against root CA: SophosCA1
2024-03-11T14:12:46.6196723Z INFO : Subject certificate failed validation against root CA: SophosCA2
2024-03-11T14:12:46.6196723Z INFO : Certificate check succeeded
2024-03-11T14:12:46.6196723Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2024-03-11T14:12:46.8383682Z INFO : Response status code: 200
2024-03-11T14:12:46.8383682Z INFO : Response data size: 168
2024-03-11T14:12:46.8383682Z INFO : trySendRequestThroughPotentialProxy returning response with status code: 200
2024-03-11T14:12:46.8383682Z INFO : Request content size: 1403
2024-03-11T14:12:46.8383682Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2024-03-11T14:12:46.8383682Z INFO : Subject certificate failed validation against root CA: SophosCA1
2024-03-11T14:12:46.8383682Z INFO : Subject certificate failed validation against root CA: SophosCA2
2024-03-11T14:12:46.8383682Z INFO : Certificate check succeeded
2024-03-11T14:12:46.8383682Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2024-03-11T14:12:47.2347901Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2024-03-11T14:12:47.2357869Z INFO : Subject certificate failed validation against root CA: SophosCA1
2024-03-11T14:12:47.2367849Z INFO : Subject certificate failed validation against root CA: SophosCA2
2024-03-11T14:12:47.2387787Z INFO : Certificate check succeeded
2024-03-11T14:12:47.2397760Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2024-03-11T14:12:47.2397760Z INFO : Response status code: 200
2024-03-11T14:12:47.2397760Z INFO : Response data size: 72
2024-03-11T14:12:47.2397760Z INFO : Retrieved endpoint id: ccf79b16-353e-e4e9-c8fd-ca5712b222e8
2024-03-11T14:12:48.2416310Z INFO : Sending HTTP 'POST' request to: sophos/management/ep/install/authenticate/endpoint/ccf79b16-353e-e4e9-c8fd-ca5712b222e8/role/endpoint
2024-03-11T14:12:48.2416310Z INFO : Request content size: 0
2024-03-11T14:12:48.2426340Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2024-03-11T14:12:48.2733176Z INFO : Subject certificate failed validation against root CA: SophosCA1
2024-03-11T14:12:48.2733176Z INFO : Subject certificate failed validation against root CA: SophosCA2
2024-03-11T14:12:48.2733176Z INFO : Certificate check succeeded
2024-03-11T14:12:48.2733176Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2024-03-11T14:12:48.7107172Z INFO : Response status code: 200
2024-03-11T14:12:48.7107172Z INFO : Response data size: 1371
2024-03-11T14:12:48.7107172Z INFO : Retrieved mcs auth: tenant_id=86dc7a3b-4d53-45f6-8ac6-b170b536a844 device_id=cc7fb961-53e3-4e9e-8cdf-ac75212b228e
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_endpoint_updating
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_xpd
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_dlp
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_devctl
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_on_demand_rca
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_livequery
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_ntp_xg
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_av
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_stac
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_forensic_snapshot
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_ntp_adv
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_file_submission_l3
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_mdr
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_isolation
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_web
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_ml
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_efw
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_scheduledquery
2024-03-11T14:12:48.7107172Z INFO : MCS Auth token features: f_ep_appctl
2024-03-11T14:12:48.7107172Z INFO : Sending HTTP 'GET' request to: sophos/management/ep/install/flags/endpoint/ccf79b16-353e-e4e9-c8fd-ca5712b222e8
2024-03-11T14:12:48.7107172Z INFO : Request content size: 0
2024-03-11T14:12:48.7107172Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2024-03-11T14:12:48.7107172Z INFO : Subject certificate failed validation against root CA: SophosCA1
2024-03-11T14:12:48.7107172Z INFO : Subject certificate failed validation against root CA: SophosCA2
2024-03-11T14:12:48.7107172Z INFO : Certificate check succeeded
2024-03-11T14:12:48.7107172Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2024-03-11T14:12:48.9606601Z INFO : Response status code: 200
2024-03-11T14:12:48.9606601Z INFO : Response data size: 5186
2024-03-11T14:12:48.9606601Z INFO : Loaded 141 endpoint flags
2024-03-11T14:12:48.9606601Z INFO : Using SDDS3: Enabled in Central AND SED is not installed
2024-03-11T14:12:48.9606601Z INFO : Setting sdds3 download to: true
2024-03-11T14:12:48.9606601Z INFO : Sending HTTP 'PUT' request to: sophos/management/ep/install/statuses/endpoint/ccf79b16-353e-e4e9-c8fd-ca5712b222e8
2024-03-11T14:12:48.9606601Z INFO : Request content size: 990
2024-03-11T14:12:48.9606601Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2024-03-11T14:12:48.9606601Z INFO : Subject certificate failed validation against root CA: SophosCA1
2024-03-11T14:12:48.9606601Z INFO : Subject certificate failed validation against root CA: SophosCA2
2024-03-11T14:12:48.9606601Z INFO : Certificate check succeeded
2024-03-11T14:12:48.9606601Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2024-03-11T14:12:49.2423254Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2024-03-11T14:12:49.2432896Z INFO : Subject certificate failed validation against root CA: SophosCA1
2024-03-11T14:12:49.2442870Z INFO : Subject certificate failed validation against root CA: SophosCA2
2024-03-11T14:12:49.2472788Z INFO : Certificate check succeeded
2024-03-11T14:12:49.2472788Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2024-03-11T14:12:49.2472788Z INFO : Response status code: 200
2024-03-11T14:12:49.2472788Z INFO : Response data size: 0
2024-03-11T14:12:49.2472788Z INFO : Attempt to retrieve policy.
2024-03-11T14:12:49.2482764Z INFO : Sending HTTP 'GET' request to: sophos/management/ep/install/commands/applications/APPSPROXY;ALC/endpoint/ccf79b16-353e-e4e9-c8fd-ca5712b222e8
2024-03-11T14:12:49.2482764Z INFO : Request content size: 0
2024-03-11T14:12:49.2492845Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2024-03-11T14:12:49.2502711Z INFO : Subject certificate failed validation against root CA: SophosCA1
2024-03-11T14:12:49.2502711Z INFO : Subject certificate failed validation against root CA: SophosCA2
2024-03-11T14:12:49.2532688Z INFO : Certificate check succeeded
2024-03-11T14:12:49.2532688Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2024-03-11T14:12:49.4637569Z INFO : Response status code: 200
2024-03-11T14:12:49.4637569Z INFO : Response data size: 790
2024-03-11T14:12:49.4793453Z INFO : Successfully retrieved policy with policyId='31ef28993b78897faa72d5d1443d92695f125d339eb8d0d4f32e14384f5aaa4e'.
2024-03-11T14:12:49.4793453Z INFO : Sending HTTP 'DELETE' request to: sophos/management/ep/install/commands/endpoint/ccf79b16-353e-e4e9-c8fd-ca5712b222e8/36
2024-03-11T14:12:49.4793453Z INFO : Request content size: 0
2024-03-11T14:12:49.4793453Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2024-03-11T14:12:49.4793453Z INFO : Subject certificate failed validation against root CA: SophosCA1
2024-03-11T14:12:49.4793453Z INFO : Subject certificate failed validation against root CA: SophosCA2
2024-03-11T14:12:49.4793453Z INFO : Certificate check succeeded
2024-03-11T14:12:49.4793453Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2024-03-11T14:12:49.7136982Z INFO : Response status code: 200
2024-03-11T14:12:49.7136982Z INFO : Response data size: 0
2024-03-11T14:12:49.7136982Z INFO : Sending HTTP 'GET' request to: sophos/management/ep/install/policy/application/ALC/31ef28993b78897faa72d5d1443d92695f125d339eb8d0d4f32e14384f5aaa4e
2024-03-11T14:12:49.7136982Z INFO : Request content size: 0
2024-03-11T14:12:49.7136982Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2024-03-11T14:12:49.7136982Z INFO : Subject certificate failed validation against root CA: SophosCA1
2024-03-11T14:12:49.7136982Z INFO : Subject certificate failed validation against root CA: SophosCA2
2024-03-11T14:12:49.7136982Z INFO : Certificate check succeeded
2024-03-11T14:12:49.7136982Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2024-03-11T14:12:49.9792539Z INFO : Response status code: 200
2024-03-11T14:12:49.9792539Z INFO : Response data size: 9775
2024-03-11T14:12:49.9792539Z INFO : Assume obfuscated SAU password
2024-03-11T14:12:50.2526756Z INFO : Updating proxy configuration created with address: oscanent.colinasverdes.com:80, username: colinasverdes.com\\administrator
2024-03-11T14:12:50.2526756Z INFO : Subscription id: Base, rigidname: WindowsCloudNextGen, baseversion: 11, tag: RECOMMENDED, fixedversion:
2024-03-11T14:12:50.2536740Z INFO : Subscription id: Clean, rigidname: WindowsCloudClean, baseversion: 1, tag: RECOMMENDED, fixedversion:
2024-03-11T14:12:50.2536740Z INFO : Subscription id: CloudAV, rigidname: WindowsCloudAV, baseversion: 11, tag: RECOMMENDED, fixedversion:
2024-03-11T14:12:50.2536740Z INFO : Subscription id: HitmanProAlert, rigidname: WindowsCloudHitmanProAlert, baseversion: 1, tag: RECOMMENDED, fixedversion:
2024-03-11T14:12:50.2536740Z INFO : Subscription id: MDR, rigidname: WindowsCloudMDR, baseversion: , tag: RECOMMENDED, fixedversion:
2024-03-11T14:12:50.2536740Z INFO : Fixed version token is not used
2024-03-11T14:12:50.2546707Z INFO : Feature: APPCNTRL
2024-03-11T14:12:50.2549227Z INFO : Feature: AV
2024-03-11T14:12:50.2549227Z INFO : Feature: CLEAN
2024-03-11T14:12:50.2549227Z INFO : Feature: CORE
2024-03-11T14:12:50.2549227Z INFO : Feature: DLP
2024-03-11T14:12:50.2549227Z INFO : Feature: DVCCNTRL
2024-03-11T14:12:50.2549227Z INFO : Feature: EFW
2024-03-11T14:12:50.2549227Z INFO : Feature: HBT
2024-03-11T14:12:50.2549227Z INFO : Feature: LIVEQUERY
2024-03-11T14:12:50.2549227Z INFO : Feature: LIVETERMINAL
2024-03-11T14:12:50.2549227Z INFO : Feature: MDR
2024-03-11T14:12:50.2549227Z INFO : Feature: NTP
2024-03-11T14:12:50.2549227Z INFO : Feature: SAV
2024-03-11T14:12:50.2549227Z INFO : Feature: SDU
2024-03-11T14:12:50.2549227Z INFO : Feature: WEBCNTRL
2024-03-11T14:12:50.2549227Z INFO : Feature: XPD
2024-03-11T14:12:50.2549227Z INFO : Setting https download to: true
2024-03-11T14:12:50.2549227Z INFO : Updating credentials created with username: PRD8L73E4H
2024-03-11T14:12:50.2549227Z INFO : Server for 'sus': sus.sophosupd.com
2024-03-11T14:12:50.2549227Z INFO : Server for 'content_server': sdds3.sophosupd.com
2024-03-11T14:12:50.2549227Z INFO : Server for 'content_server': sdds3.sophosupd.net
2024-03-11T14:12:50.2549227Z INFO : Server for 'telemetry': t1.sophosupd.com
2024-03-11T14:12:50.2549227Z INFO : Server for 'feedback': sdu-feedback.sophos.com
2024-03-11T14:12:50.2549227Z INFO : Server for 'repairkit': sdu-auto-upload.sophosupd.com
2024-03-11T14:12:50.2549227Z INFO : Restarting MCS Client service if stopped
2024-03-11T14:12:50.2549227Z INFO : Command 'Register' completed with success with reboot code '0' and error message ''.
2024-03-11T14:12:50.2549227Z INFO : About to execute command: Download
2024-03-11T14:12:50.2549227Z INFO : Update Cache Cert Path folder: C:\\ProgramData\\Sophos\\Certificates\\AutoUpdate\\Cache
2024-03-11T14:12:50.2549227Z INFO : Writing cert: C:\\ProgramData\\Sophos\\Certificates\\AutoUpdate\\Cache\\1fd8c3a5a904d9e628476d8519873aa128c3fea1.crt
2024-03-11T14:12:50.2549227Z INFO : Writing cert: C:\\ProgramData\\Sophos\\Certificates\\AutoUpdate\\Cache\\27343835cecf0c17aeff4a0235862a69ecbc15e5.crt
2024-03-11T14:12:50.2549227Z INFO : Writing cert: C:\\ProgramData\\Sophos\\Certificates\\AutoUpdate\\Cache\\7b51d3b18ebebe6ee083085f080c5f6a80803a6f.crt
2024-03-11T14:12:50.2549227Z INFO : CRT required: adding 'CRT' feature
2024-03-11T14:12:50.3174090Z INFO : SDDS3 delta versioning enabled: 0
2024-03-11T14:12:50.3174090Z INFO : Manually configured proxy: oscanent.colinasverdes.com:80
2024-03-11T14:12:50.3174090Z INFO : Trying update service url https://sus.sophosupd.com/v3/86dc7a3b-4d53-45f6-8ac6-b170b536a844/cc7fb961-53e3-4e9e-8cdf-ac75212b228e with proxy: oscanent.colinasverdes.com:80
2024-03-11T14:13:11.3502646Z WARNING : Error from https://sus.sophosupd.com/v3/86dc7a3b-4d53-45f6-8ac6-b170b536a844/cc7fb961-53e3-4e9e-8cdf-ac75212b228e with proxy: oscanent.colinasverdes.com:80: WinHttpSendRequest failed: The operation timed out (12002)
2024-03-11T14:13:11.6156780Z INFO : Trying update service url https://sus.sophosupd.com/v3/86dc7a3b-4d53-45f6-8ac6-b170b536a844/cc7fb961-53e3-4e9e-8cdf-ac75212b228e with proxy: oscanent.colinasverdes.com:80 (try 2 of 5)
2024-03-11T14:13:32.6669155Z WARNING : Error from https://sus.sophosupd.com/v3/86dc7a3b-4d53-45f6-8ac6-b170b536a844/cc7fb961-53e3-4e9e-8cdf-ac75212b228e with proxy: oscanent.colinasverdes.com:80: WinHttpSendRequest failed: The operation timed out (12002)
2024-03-11T14:13:33.6683744Z INFO : Trying update service url https://sus.sophosupd.com/v3/86dc7a3b-4d53-45f6-8ac6-b170b536a844/cc7fb961-53e3-4e9e-8cdf-ac75212b228e with proxy: oscanent.colinasverdes.com:80 (try 3 of 5)
2024-03-11T14:13:54.6982294Z WARNING : Error from https://sus.sophosupd.com/v3/86dc7a3b-4d53-45f6-8ac6-b170b536a844/cc7fb961-53e3-4e9e-8cdf-ac75212b228e with proxy: oscanent.colinasverdes.com:80: WinHttpSendRequest failed: The operation timed out (12002)
2024-03-11T14:13:59.7103634Z INFO : Trying update service url https://sus.sophosupd.com/v3/86dc7a3b-4d53-45f6-8ac6-b170b536a844/cc7fb961-53e3-4e9e-8cdf-ac75212b228e with proxy: oscanent.colinasverdes.com:80 (try 4 of 5)
2024-03-11T14:14:20.7448724Z WARNING : Error from https://sus.sophosupd.com/v3/86dc7a3b-4d53-45f6-8ac6-b170b536a844/cc7fb961-53e3-4e9e-8cdf-ac75212b228e with proxy: oscanent.colinasverdes.com:80: WinHttpSendRequest failed: The operation timed out (12002)
2024-03-11T14:14:50.7480396Z INFO : Trying update service url https://sus.sophosupd.com/v3/86dc7a3b-4d53-45f6-8ac6-b170b536a844/cc7fb961-53e3-4e9e-8cdf-ac75212b228e with proxy: oscanent.colinasverdes.com:80 (try 5 of 5)
2024-03-11T14:15:11.7790358Z WARNING : Error from https://sus.sophosupd.com/v3/86dc7a3b-4d53-45f6-8ac6-b170b536a844/cc7fb961-53e3-4e9e-8cdf-ac75212b228e with proxy: oscanent.colinasverdes.com:80: WinHttpSendRequest failed: The operation timed out (12002)
2024-03-11T14:15:11.7790358Z INFO : WinHttp default proxy not set
2024-03-11T14:15:11.7790358Z INFO : WinHttp discovered proxies not found
2024-03-11T14:15:11.7790358Z INFO : Trying update service url https://sus.sophosupd.com/v3/86dc7a3b-4d53-45f6-8ac6-b170b536a844/cc7fb961-53e3-4e9e-8cdf-ac75212b228e with proxy: <direct; no proxy>
2024-03-11T14:15:12.8242174Z INFO : 200 from https://sus.sophosupd.com/v3/86dc7a3b-4d53-45f6-8ac6-b170b536a844/cc7fb961-53e3-4e9e-8cdf-ac75212b228e with proxy: <direct; no proxy> (peer address 52.212.99.152)
2024-03-11T14:15:12.8398787Z INFO : Sophos Update Service response: error='' reason='' code=''
2024-03-11T14:15:12.8398787Z INFO : Analyzing whether to update from Sophos CDN or update cache
2024-03-11T14:15:12.8710745Z INFO : Successfully connected to cache: https://prtg1.colinasverdes.com:8191/v3/suite
2024-03-11T14:15:12.8710745Z INFO : Analysis complete - Using update cache: prtg1.colinasverdes.com:8191
2024-03-11T14:15:12.8710745Z INFO : Syncing from: https://prtg1.colinasverdes.com:8191/v3
2024-03-11T14:15:12.9492131Z INFO : Syncing supplement sdds3.CIXFLAGS.dat
2024-03-11T14:15:12.9492131Z ERROR : GET https://prtg1.colinasverdes.com:8191/v3/supplement/sdds3.CIXFLAGS.dat: 404 (not found)
2024-03-11T14:15:12.9492131Z ERROR : Error: Error syncing https://prtg1.colinasverdes.com:8191/v3/supplement/sdds3.CIXFLAGS.dat: 404
2024-03-11T14:15:12.9492131Z ERROR : DownloadCommand::onRun() failed with std::exception: SDDS3 sync failed
2024-03-11T14:15:12.9492131Z INFO : Command 'Download' completed with failure with reboot code '0' and error message 'Could not download software'.
2024-03-11T14:15:12.9492131Z ERROR : Installation failed.
2024-03-11T14:15:12.9492131Z INFO : Sending HTTP 'POST' request to: sophos/management/ep/install/events/endpoint/ccf79b16-353e-e4e9-c8fd-ca5712b222e8
2024-03-11T14:15:12.9492131Z INFO : Did not discover an URL for a PAC file
2024-03-11T14:15:12.9492131Z INFO : Attempting to connect using proxy 'oscanent.colinasverdes.com:80' of type 'Customer'.
2024-03-11T14:15:12.9492131Z INFO : Set security protocol: 00000800
2024-03-11T14:15:12.9492131Z INFO : Opening connection to mcs2-cloudstation-us-east-2.prod.hydra.sophos.com
2024-03-11T14:15:12.9492131Z INFO : Sending request for connection confirmation through potential proxy
2024-03-11T14:15:12.9492131Z INFO : Request content size: 0
2024-03-11T14:15:33.9889001Z ERROR : WinHttpSendRequest failed with error 12002
2024-03-11T14:15:33.9889001Z INFO : Failed to connect using proxy 'oscanent.colinasverdes.com:80' with error: WinHttpSendRequest failed
2024-03-11T14:15:33.9889001Z INFO : Attempting to connect using proxy '' of type 'Empty Proxy'.
2024-03-11T14:15:33.9889001Z INFO : Set security protocol: 00000800
2024-03-11T14:15:33.9889001Z INFO : Opening connection to mcs2-cloudstation-us-east-2.prod.hydra.sophos.com
2024-03-11T14:15:33.9889001Z INFO : Sending request for connection confirmation through potential proxy
2024-03-11T14:15:33.9889001Z INFO : Request content size: 0
2024-03-11T14:15:34.6754959Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2024-03-11T14:15:34.6754959Z INFO : Subject certificate failed validation against root CA: SophosCA1
2024-03-11T14:15:34.6754959Z INFO : Subject certificate failed validation against root CA: SophosCA2
2024-03-11T14:15:34.6754959Z INFO : Certificate check succeeded
2024-03-11T14:15:34.6754959Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2024-03-11T14:15:34.8943672Z INFO : Response status code: 200
2024-03-11T14:15:34.9098137Z INFO : Response data size: 168
2024-03-11T14:15:34.9098137Z INFO : trySendRequestThroughPotentialProxy returning response with status code: 200
2024-03-11T14:15:34.9098137Z INFO : Request content size: 973
2024-03-11T14:15:34.9098137Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2024-03-11T14:15:34.9098137Z INFO : Subject certificate failed validation against root CA: SophosCA1
2024-03-11T14:15:34.9098137Z INFO : Subject certificate failed validation against root CA: SophosCA2
2024-03-11T14:15:34.9098137Z INFO : Certificate check succeeded
2024-03-11T14:15:34.9098137Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2024-03-11T14:15:35.1728917Z INFO : ValidateFileCertificateCheck: Validate certificate against file on WINHTTP_CALLBACK_STATUS_SENDING_REQUEST
2024-03-11T14:15:35.1759387Z INFO : Subject certificate failed validation against root CA: SophosCA1
2024-03-11T14:15:35.1778882Z INFO : Subject certificate failed validation against root CA: SophosCA2
2024-03-11T14:15:35.1809066Z INFO : Certificate check succeeded
2024-03-11T14:15:35.1809066Z INFO : ValidateFileCertificateCheck: Ignore WINHTTP_CALLBACK_STATUS_REQUEST_SENT
2024-03-11T14:15:35.1809066Z INFO : Response status code: 200
2024-03-11T14:15:35.1809066Z INFO : Response data size: 0
2024-03-11T14:19:04.2384596Z INFO : Data folder: C:\\ProgramData\\Sophos\\AutoUpdate\\data
2024-03-11T14:19:04.2434468Z INFO : Sending HTTP 'PUT' request to: prod/2024-03-11T14:19:04Z-2024-03-11T14:19:04Z-857d51e9-2376-5daa-91dc-1fcd1f3af8c8.json
2024-03-11T14:19:04.2474441Z INFO : Did not discover an URL for a PAC file
2024-03-11T14:19:04.2484331Z INFO : Attempting to connect using proxy '' of type 'Empty Proxy'.
2024-03-11T14:19:04.2494345Z INFO : Set security protocol: 00000800
2024-03-11T14:19:04.2494345Z INFO : Opening connection to t1.sophosupd.com
2024-03-11T14:19:04.2504328Z INFO : Request content size: 4079
2024-03-11T14:19:05.0068989Z INFO : Sending request
2024-03-11T14:19:05.0068989Z INFO : Request sent
2024-03-11T14:19:05.5322183Z INFO : Sending request
2024-03-11T14:19:05.5322183Z INFO : Request sent
2024-03-11T14:19:05.5322183Z INFO : Response status code: 200
2024-03-11T14:19:05.5322183Z INFO : Response data size: 0
2024-03-11T14:19:05.5322183Z INFO : trySendRequestThroughPotentialProxy returning response with status code: 200
2024-03-11T14:19:05.5322183Z INFO : Telemetry Response:
2024-03-11T14:19:05.5322183Z INFO : Install result: Failed
2024-03-11T14:19:05.5478374Z INFO : User profile unloaded
2024-03-11T14:19:05.5634564Z INFO : Cleaning up extracted files
2024-03-11T14:19:05.5634564Z ERROR : Error downloading/running stage 2: Setup program failed with code: 1
2024-03-11T14:19:05.5634564Z ERROR : Exception: Setup program failed with code: 1
something is definitely not correct here.
2024-03-11T14:15:12.9492131Z ERROR : GET prtg1.colinasverdes.com:8191/.../sdds3.CIXFLAGS.dat: 404 (not found)
2024-03-11T14:15:12.9492131Z ERROR : Error: Error syncing prtg1.colinasverdes.com:8191/.../sdds3.CIXFLAGS.dat: 404
2024-03-11T14:15:12.9492131Z ERROR : DownloadCommand::onRun() failed with std::exception: SDDS3 sync failed
2024-03-11T14:15:12.9492131Z INFO : Command 'Download' completed with failure with reboot code '0' and error message 'Could not download software'.
2024-03-11T14:15:12.9492131Z ERROR : Installation failed.
do you own that domain used?
yes that's our domain server .
If the log has not been too badly manipulated using search and replace before uploading it I'd think there is something rewriting the Sophos URL
Where am i gonna check that ?
do you use update cache? does it work correctly?
the port number used matches to update cache
try not to use the cache to see if that fixes.
2024-03-11T14:15:12.8710745Z INFO : Successfully connected to cache: prtg1.colinasverdes.com:8191/.../suite
2024-03-11T14:15:12.8710745Z INFO : Analysis complete - Using update cache: prtg1.colinasverdes.com:8191