This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos AV still detected after removal on Windows Servers

Hi guys,

I have searched these forums for a solution but didn't find anything specific to my issue so I decided to make a new post for it. 

I had a trial of Sophos Cloud AV and liked what I saw, but it is a few motnhs until I get access to next years budget so I have had to uninstall and reinstall my old AV until then.  One the PC's this worked fine, but on 3 servers I was testing on I am having issues being able to install my old AV (GFI) as it reports Sophos is still installed. 

What I have done so far:

1. Ensured Tamper Protection was off, which is was prior to uninstalling

2. I followed the correct procedure to remove it via add/remove programs

3. Rebooted server post install

4. Reinstall of old AV reported Sophos AV was still installed

5. Check services and processes and no trace of Sophos is there

6. Checked registry uninstall location and no trace of Sophos

7. Ran batch script as per this article (https://sophos.com/kb/122126), rebooted and tried to reinstall old AV but got same message about Sophos AV still be installed.

8. I now have a ticket open with Sophos support but they just referenced me back to the article above and have not come back with anything else after I informed them it didn't work

I am happy to give them a little more time but at the moment I cannot install AV on 3 of my servers which is becoming a security concern.  Has anyone else had this issue with Sophos Cloud AV on servers?

Thanks in advance,

Ben

:57292


This thread was automatically locked due to age.
Parents
  • Hello Ben,

    normally a vendor's (pre-)installer should log why it thinks that a competitor product is installed. SDU (Sophos' diagnostic utility) doesn't collect third-party logs thus Support doesn't have access to this information. The uninstall might leave a few bits behind in the file system and perhaps the registry (preserve them for a potential reinstall) but these shouldn't be misinterpreted as indicator that Sophos is installed.

    Christian

    :57294
Reply
  • Hello Ben,

    normally a vendor's (pre-)installer should log why it thinks that a competitor product is installed. SDU (Sophos' diagnostic utility) doesn't collect third-party logs thus Support doesn't have access to this information. The uninstall might leave a few bits behind in the file system and perhaps the registry (preserve them for a potential reinstall) but these shouldn't be misinterpreted as indicator that Sophos is installed.

    Christian

    :57294
Children
No Data