Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 1 subscriber
  • Views 8486 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SAV installation error

msima

User tried to install Sophos 9.7 over 9.5 on a WinXP computer, but for some reason, the software appeared not to be updated (still showing 9.5).  Then uninstalled Sophos, deleted all the folders (C:\Program Files\Sophos..., C:\Windows\Temp\..., etc), and removed everything appeared to be associated with "sophos" in the registry. When tried to re-install Sophos 9.7 after restarting the computer, all the packages could be downloaded and autoupdate seemed to be installed, but the process always failed during "Starting Sophos Anti-virus for Windows 2000+ setup..." (every time when using "Update now"). So basically the AV part couldn't be installed. Any suggestions will be much appreaciated.

This is the Sophos Anti-Virus Install Log: (Sorry for the long posts; it looks there is no way to add an attachment)

2011-11-07 16:51:30 Info: Logging started: installing/upgrading Sophos Anti-Virus
2011-11-07 16:51:30 Info: InstallFromPath is: C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\
2011-11-07 16:51:30 Info: InstallToPath is:
2011-11-07 16:51:31 Info: SAV is not installed. Installing to {InstallToPath}
2011-11-07 16:51:31 Info: Installing sav only: 0
2011-11-07 16:51:31 Managed install
2011-11-07 16:51:31 Info: MSXML6 is installed
2011-11-07 16:51:31 Info: MSXML version has changed. Full update required
2011-11-07 16:51:31 Info: Performing major update of Sophos Anti-Virus using msi.
2011-11-07 16:51:31 Update is signalled.
2011-11-07 16:51:31 Info: Web scanning will be installed
2011-11-07 16:51:31 Info: MSXML6 is installed
2011-11-07 16:51:31 Info: no existing installation of Sophos Anti-Virus was found
2011-11-07 16:51:31 Restart required for Data Control (clean managed full install)
2011-11-07 16:51:31 Info: Transform file returned:
2011-11-07 16:51:31 Info: SAV Setup plugin: running MsiInstallProduct (C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\Sophos Anti-Virus.msi, INSTALLDIR="" REBOOT=ReallySuppress UPDATEDRIVERS=1 UPDATEBOOTDRIVERS=1 UPDATEKMSDRIVERS=1 UPDATECLASSFILTER=1 SAVIONLY=0 MANAGED=1 DATACONTROL=1 DEVICECONTROL=1 WEBSCANNING=1)
=== Verbose logging started: 11/7/2011  16:51:31  Build type: SHIP UNICODE 4.05.6001.00  Calling process: C:\WINDOWS\TEMP\sophos_autoupdate1.dir\alupdate.exe ===
MSI (c) (D8:90) [16:51:31:453]: Resetting cached policy values
MSI (c) (D8:90) [16:51:31:453]: Machine policy value 'Debug' is 0
MSI (c) (D8:90) [16:51:31:453]: ******* RunEngine:
           ******* Product: C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\Sophos Anti-Virus.msi
           ******* Action:
           ******* CommandLine: **********
MSI (c) (D8:90) [16:51:31:453]: Client-side and UI is none or basic: Running entire install on the server.
MSI (c) (D8:90) [16:51:31:453]: Grabbed execution mutex.
MSI (c) (D8:90) [16:51:31:531]: Cloaking enabled.
MSI (c) (D8:90) [16:51:31:531]: Attempting to enable all disabled privileges before calling Install on Server
MSI (c) (D8:90) [16:51:31:546]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (88:C8) [16:51:31:562]: Running installation inside multi-package transaction C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\Sophos Anti-Virus.msi
MSI (s) (88:C8) [16:51:31:562]: Grabbed execution mutex.
MSI (s) (88:EC) [16:51:31:562]: Resetting cached policy values
MSI (s) (88:EC) [16:51:31:562]: Machine policy value 'Debug' is 0
MSI (s) (88:EC) [16:51:31:562]: ******* RunEngine:
           ******* Product: C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\Sophos Anti-Virus.msi
           ******* Action:
           ******* CommandLine: **********
MSI (s) (88:EC) [16:51:31:562]: Machine policy value 'DisableUserInstalls' is 0
MSI (s) (88:EC) [16:51:31:656]: File will have security applied from OpCode.
MSI (s) (88:EC) [16:51:31:703]: SOFTWARE RESTRICTION POLICY: Verifying package --> 'C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\Sophos Anti-Virus.msi' against software restriction policy
MSI (s) (88:EC) [16:51:31:703]: Note: 1: 2262 2: DigitalSignature 3: -2147287038
MSI (s) (88:EC) [16:51:31:703]: SOFTWARE RESTRICTION POLICY: C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\Sophos Anti-Virus.msi is not digitally signed
MSI (s) (88:EC) [16:51:31:703]: SOFTWARE RESTRICTION POLICY: C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\Sophos Anti-Virus.msi is permitted to run because the user token authorizes execution (system or service token).
MSI (s) (88:EC) [16:51:31:703]: End dialog not enabled
MSI (s) (88:EC) [16:51:31:703]: Original package ==> C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\Sophos Anti-Virus.msi
MSI (s) (88:EC) [16:51:31:703]: Package we're running from ==> C:\WINDOWS\Installer\a43ac53.msi
MSI (s) (88:EC) [16:51:31:765]: APPCOMPAT: looking for appcompat database entry with ProductCode '{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}'.
MSI (s) (88:EC) [16:51:31:765]: APPCOMPAT: no matching ProductCode found in database.
MSI (s) (88:EC) [16:51:31:765]: MSCOREE not loaded loading copy from system32
MSI (s) (88:EC) [16:51:31:765]: Machine policy value 'TransformsSecure' is 0
MSI (s) (88:EC) [16:51:31:765]: User policy value 'TransformsAtSource' is 0
MSI (s) (88:EC) [16:51:31:765]: Machine policy value 'DisablePatch' is 0
MSI (s) (88:EC) [16:51:31:765]: Machine policy value 'AllowLockdownPatch' is 0
MSI (s) (88:EC) [16:51:31:765]: Machine policy value 'DisableLUAPatching' is 0
MSI (s) (88:EC) [16:51:31:765]: Machine policy value 'DisableFlyWeightPatching' is 0
MSI (s) (88:EC) [16:51:31:765]: APPCOMPAT: looking for appcompat database entry with ProductCode '{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}'.
MSI (s) (88:EC) [16:51:31:765]: APPCOMPAT: no matching ProductCode found in database.
MSI (s) (88:EC) [16:51:31:765]: Transforms are not secure.
MSI (s) (88:EC) [16:51:31:765]: PROPERTY CHANGE: Adding MsiLogFileLocation property. Its value is 'C:\WINDOWS\TEMP\Sophos Anti-Virus Install Log_111108_125130.txt'.
MSI (s) (88:EC) [16:51:31:765]: Command Line: INSTALLDIR= REBOOT=ReallySuppress UPDATEDRIVERS=1 UPDATEBOOTDRIVERS=1 UPDATEKMSDRIVERS=1 UPDATECLASSFILTER=1 SAVIONLY=0 MANAGED=1 DATACONTROL=1 DEVICECONTROL=1 WEBSCANNING=1 CURRENTDIRECTORY=C:\WINDOWS\system32 CLIENTUILEVEL=3 MSICLIENTUSESEXTERNALUI=1 CLIENTPROCESSID=1496
MSI (s) (88:EC) [16:51:31:765]: PROPERTY CHANGE: Adding PackageCode property. Its value is '{978F59FD-16BA-4622-B453-E731EF6D8A21}'.
MSI (s) (88:EC) [16:51:31:765]: Product Code passed to Engine.Initialize:           ''
MSI (s) (88:EC) [16:51:31:765]: Product Code from property table before transforms: '{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}'
MSI (s) (88:EC) [16:51:31:765]: Product Code from property table after transforms:  '{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}'
MSI (s) (88:EC) [16:51:31:765]: Product not registered: beginning first-time install
MSI (s) (88:EC) [16:51:31:765]: Product {9ACB414D-9347-40B6-A453-5EFB2DB59DFA} is not managed.
MSI (s) (88:EC) [16:51:31:765]: MSI_LUA: Credential prompt functionality not available on this operating system
MSI (s) (88:EC) [16:51:31:765]: PROPERTY CHANGE: Adding ProductState property. Its value is '-1'.
MSI (s) (88:EC) [16:51:31:765]: Entering CMsiConfigurationManager::SetLastUsedSource.
MSI (s) (88:EC) [16:51:31:765]: User policy value 'SearchOrder' is 'nmu'
MSI (s) (88:EC) [16:51:31:765]: Adding new sources is allowed.
MSI (s) (88:EC) [16:51:31:765]: PROPERTY CHANGE: Adding PackagecodeChanging property. Its value is '1'.
MSI (s) (88:EC) [16:51:31:765]: Package name extracted from package path: 'Sophos Anti-Virus.msi'
MSI (s) (88:EC) [16:51:31:765]: Package to be registered: 'Sophos Anti-Virus.msi'
MSI (s) (88:EC) [16:51:31:781]: Note: 1: 2262 2: AdminProperties 3: -2147287038
MSI (s) (88:EC) [16:51:31:781]: Machine policy value 'DisableMsi' is 0
MSI (s) (88:EC) [16:51:31:781]: Machine policy value 'AlwaysInstallElevated' is 0
MSI (s) (88:EC) [16:51:31:781]: User policy value 'AlwaysInstallElevated' is 0
MSI (s) (88:EC) [16:51:31:781]: Product installation will be elevated because user is admin and product is being installed per-machine.
MSI (s) (88:EC) [16:51:31:781]: Running product '{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}' with elevated privileges: Product is assigned.
MSI (s) (88:EC) [16:51:31:781]: PROPERTY CHANGE: Adding REBOOT property. Its value is 'ReallySuppress'.
MSI (s) (88:EC) [16:51:31:781]: PROPERTY CHANGE: Adding UPDATEKMSDRIVERS property. Its value is '1'.
MSI (s) (88:EC) [16:51:31:781]: PROPERTY CHANGE: Modifying UPDATECLASSFILTER property. Its current value is '0'. Its new value: '1'.
MSI (s) (88:EC) [16:51:31:781]: PROPERTY CHANGE: Modifying DATACONTROL property. Its current value is '0'. Its new value: '1'.
MSI (s) (88:EC) [16:51:31:781]: PROPERTY CHANGE: Modifying DEVICECONTROL property. Its current value is '0'. Its new value: '1'.
MSI (s) (88:EC) [16:51:31:781]: PROPERTY CHANGE: Modifying WEBSCANNING property. Its current value is '0'. Its new value: '1'.
MSI (s) (88:EC) [16:51:31:781]: PROPERTY CHANGE: Adding CURRENTDIRECTORY property. Its value is 'C:\WINDOWS\system32'.
MSI (s) (88:EC) [16:51:31:781]: PROPERTY CHANGE: Adding CLIENTUILEVEL property. Its value is '3'.
MSI (s) (88:EC) [16:51:31:781]: PROPERTY CHANGE: Adding MSICLIENTUSESEXTERNALUI property. Its value is '1'.
MSI (s) (88:EC) [16:51:31:781]: PROPERTY CHANGE: Adding CLIENTPROCESSID property. Its value is '1496'.
MSI (s) (88:EC) [16:51:31:781]: Machine policy value 'DisableAutomaticApplicationShutdown' is 0
MSI (s) (88:EC) [16:51:31:781]: MSIRESTARTMANAGERCONTROL property is ignored on this version of Windows.
MSI (s) (88:EC) [16:51:31:781]: PROPERTY CHANGE: Adding MsiSystemRebootPending property. Its value is '1'.
MSI (s) (88:EC) [16:51:31:781]: TRANSFORMS property is now:
MSI (s) (88:EC) [16:51:31:781]: PROPERTY CHANGE: Adding VersionDatabase property. Its value is '200'.
MSI (s) (88:EC) [16:51:31:781]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Application Data
MSI (s) (88:EC) [16:51:31:781]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Favorites
MSI (s) (88:EC) [16:51:31:781]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\NetHood
MSI (s) (88:EC) [16:51:31:781]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\My Documents
MSI (s) (88:EC) [16:51:31:781]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\PrintHood
MSI (s) (88:EC) [16:51:31:781]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Recent
MSI (s) (88:EC) [16:51:31:796]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\SendTo
MSI (s) (88:EC) [16:51:31:796]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Templates
MSI (s) (88:EC) [16:51:31:796]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Application Data
MSI (s) (88:EC) [16:51:31:796]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data
MSI (s) (88:EC) [16:51:31:796]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\My Documents\My Pictures
MSI (s) (88:EC) [16:51:31:796]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
MSI (s) (88:EC) [16:51:31:796]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Start Menu\Programs\Startup
MSI (s) (88:EC) [16:51:31:796]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Start Menu\Programs
MSI (s) (88:EC) [16:51:31:796]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Start Menu
MSI (s) (88:EC) [16:51:31:796]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Desktop
MSI (s) (88:EC) [16:51:31:796]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Administrative Tools
MSI (s) (88:EC) [16:51:31:812]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup
MSI (s) (88:EC) [16:51:31:812]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs
MSI (s) (88:EC) [16:51:31:812]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Start Menu
MSI (s) (88:EC) [16:51:31:812]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Desktop
MSI (s) (88:EC) [16:51:31:812]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Templates
MSI (s) (88:EC) [16:51:31:812]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\Fonts
MSI (s) (88:EC) [16:51:31:812]: Note: 1: 2898 2: MS Sans Serif 3: MS Sans Serif 4: 0 5: 16
MSI (s) (88:EC) [16:51:31:812]: PROPERTY CHANGE: Adding Privileged property. Its value is '1'.
MSI (s) (88:EC) [16:51:31:812]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\MS Setup (ACME)\User Info 3: 2
MSI (s) (88:EC) [16:51:31:812]: PROPERTY CHANGE: Adding USERNAME property. Its value is 'Guangyu'.
MSI (s) (88:EC) [16:51:31:812]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\MS Setup (ACME)\User Info 3: 2
MSI (s) (88:EC) [16:51:31:812]: PROPERTY CHANGE: Adding DATABASE property. Its value is 'C:\WINDOWS\Installer\a43ac53.msi'.
MSI (s) (88:EC) [16:51:31:812]: PROPERTY CHANGE: Adding OriginalDatabase property. Its value is 'C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\Sophos Anti-Virus.msi'.
MSI (s) (88:EC) [16:51:31:812]: Machine policy value 'MsiDisableEmbeddedUI' is 0
MSI (s) (88:EC) [16:51:31:812]: EEUI - Disabling MsiEmbeddedUI due to existing external or embedded UI
MSI (s) (88:EC) [16:51:31:812]: EEUI - Disabling MsiEmbeddedUI for service because it's not a quiet/basic install
MSI (s) (88:EC) [16:51:31:812]: Note: 1: 2262 2: PatchPackage 3: -2147287038
MSI (s) (88:EC) [16:51:31:812]: Machine policy value 'DisableRollback' is 0
MSI (s) (88:EC) [16:51:31:812]: User policy value 'DisableRollback' is 0
MSI (s) (88:EC) [16:51:31:812]: PROPERTY CHANGE: Adding UILevel property. Its value is '2'.
=== Logging started: 11/7/2011  16:51:31 ===
MSI (s) (88:EC) [16:51:31:812]: PROPERTY CHANGE: Adding ACTION property. Its value is 'INSTALL'.
MSI (s) (88:EC) [16:51:31:812]: Doing action: INSTALL
Action start 16:51:31: INSTALL.
MSI (s) (88:EC) [16:51:31:828]: Running ExecuteSequence
MSI (s) (88:EC) [16:51:31:828]: Doing action: WindowsFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E
MSI (s) (88:EC) [16:51:31:828]: PROPERTY CHANGE: Adding WindowsFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E property. Its value is 'C:\WINDOWS\'.
Action start 16:51:31: WindowsFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E.
MSI (s) (88:EC) [16:51:31:828]: Doing action: SystemFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E
Action ended 16:51:31: WindowsFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (88:EC) [16:51:31:828]: PROPERTY CHANGE: Adding SystemFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E property. Its value is 'C:\WINDOWS\system32\'.
Action start 16:51:31: SystemFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E.
MSI (s) (88:EC) [16:51:31:843]: Doing action: WindowsFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
Action ended 16:51:31: SystemFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (88:EC) [16:51:31:843]: PROPERTY CHANGE: Adding WindowsFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E property. Its value is 'C:\WINDOWS\'.
Action start 16:51:31: WindowsFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E.
MSI (s) (88:EC) [16:51:31:843]: Doing action: SystemFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
Action ended 16:51:31: WindowsFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (88:EC) [16:51:31:843]: PROPERTY CHANGE: Adding SystemFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E property. Its value is 'C:\WINDOWS\system32\'.
Action start 16:51:31: SystemFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E.
MSI (s) (88:EC) [16:51:31:843]: Doing action: WindowsFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E
Action ended 16:51:31: SystemFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (88:EC) [16:51:31:859]: PROPERTY CHANGE: Adding WindowsFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E property. Its value is 'C:\WINDOWS\'.
Action start 16:51:31: WindowsFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E.
MSI (s) (88:EC) [16:51:31:859]: Doing action: SystemFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E
Action ended 16:51:31: WindowsFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (88:EC) [16:51:31:859]: PROPERTY CHANGE: Adding SystemFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E property. Its value is 'C:\WINDOWS\system32\'.
Action start 16:51:31: SystemFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E.
MSI (s) (88:EC) [16:51:31:859]: Doing action: WindowsFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E
Action ended 16:51:31: SystemFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (88:EC) [16:51:31:859]: PROPERTY CHANGE: Adding WindowsFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E property. Its value is 'C:\WINDOWS\'.
Action start 16:51:31: WindowsFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E.
MSI (s) (88:EC) [16:51:31:859]: Doing action: SystemFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E
Action ended 16:51:31: WindowsFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (88:EC) [16:51:31:875]: PROPERTY CHANGE: Adding SystemFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E property. Its value is 'C:\WINDOWS\system32\'.
Action start 16:51:31: SystemFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E.
MSI (s) (88:EC) [16:51:31:875]: Doing action: AppSearch
Action ended 16:51:31: SystemFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (88:EC) [16:51:31:875]: Note: 1: 2262 2: AppSearch 3: -2147287038
Action start 16:51:31: AppSearch.
MSI (s) (88:EC) [16:51:31:875]: Doing action: LaunchConditions
Action ended 16:51:31: AppSearch. Return value 1.
Action start 16:51:31: LaunchConditions.
MSI (s) (88:EC) [16:51:31:875]: Skipping action: CheckUserIsSophosAdmin (condition is false)
MSI (s) (88:EC) [16:51:31:875]: Skipping action: TP_CheckRemoveAllowed (condition is false)
MSI (s) (88:EC) [16:51:31:875]: Doing action: FindRelatedProducts
Action ended 16:51:31: LaunchConditions. Return value 1.
MSI (s) (88:EC) [16:51:31:875]: Note: 1: 2262 2: Upgrade 3: -2147287038

:18561


This thread was automatically locked due to age.
  • 0

    ...

    MSI (s) (88:8C) [16:51:56:812]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI4EB.tmp, Entrypoint: CheckUninstallDrivers
    MSI (s) (88:EC) [16:51:57:421]: Executing op: ActionStart(Name=CreateFolders,Description=Creating folders,Template=Folder: [1])
    MSI (s) (88:EC) [16:51:57:421]: Executing op: FolderCreate(Folder=C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\INFECTED\,Foreign=0,)
    MSI (s) (88:EC) [16:51:57:453]: Executing op: FolderCreate(Folder=C:\Program Files\Sophos\Sophos Anti-Virus\,Foreign=0,)
    MSI (s) (88:EC) [16:51:57:453]: Executing op: FolderCreate(Folder=C:\Program Files\Sophos\Sophos Anti-Virus\,Foreign=0,)
    MSI (s) (88:EC) [16:51:57:453]: Executing op: FolderCreate(Folder=C:\Program Files\Sophos\Sophos Anti-Virus\,Foreign=0,)
    MSI (s) (88:EC) [16:51:57:453]: Executing op: FolderCreate(Folder=C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\logs\,Foreign=0,)
    MSI (s) (88:EC) [16:51:57:468]: Executing op: FolderCreate(Folder=C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Data Control\logs\,Foreign=0,)
    MSI (s) (88:EC) [16:51:57:468]: Executing op: FolderCreate(Folder=C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Device Control\logs\,Foreign=0,)
    MSI (s) (88:EC) [16:51:57:484]: Executing op: FolderCreate(Folder=C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Tamper Protection\logs\,Foreign=0,)
    MSI (s) (88:EC) [16:51:57:781]: Executing op: FolderCreate(Folder=C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\Temp\,Foreign=0,)
    MSI (s) (88:EC) [16:51:57:781]: Executing op: ActionStart(Name=DeleteIDEs,,)
    MSI (s) (88:EC) [16:51:57:781]: Executing op: CustomActionSchedule(Action=DeleteIDEs,ActionType=1025,Source=BinaryData,Target=DeleteIDEs,CustomActionData=C:\Program Files\Sophos\Sophos Anti-Virus\)
    MSI (s) (88:98) [16:51:57:796]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI4EC.tmp, Entrypoint: DeleteIDEs
    MSI (s) (88:EC) [16:51:57:828]: Executing op: ActionStart(Name=DeleteBDLs,,)
    MSI (s) (88:EC) [16:51:57:828]: Executing op: CustomActionSchedule(Action=DeleteBDLs,ActionType=1025,Source=BinaryData,Target=DeleteBDLs,CustomActionData=C:\Program Files\Sophos\Sophos Anti-Virus\)
    MSI (s) (88:BC) [16:51:57:843]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI4ED.tmp, Entrypoint: DeleteBDLs
    MSI (s) (88:EC) [16:51:57:875]: Executing op: ActionStart(Name=DeleteHIPSConfig,,)
    MSI (s) (88:EC) [16:51:57:875]: Executing op: CustomActionSchedule(Action=DeleteHIPSConfig,ActionType=1025,Source=BinaryData,Target=DeleteHIPSConfig,CustomActionData=C:\Program Files\Sophos\Sophos Anti-Virus\)
    MSI (s) (88:AC) [16:51:57:890]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI4EE.tmp, Entrypoint: DeleteHIPSConfig
    MSI (s) (88:EC) [16:51:58:000]: Executing op: ActionStart(Name=RollbackForceDeleteFiles,,)
    MSI (s) (88:EC) [16:51:58:000]: Executing op: CustomActionSchedule(Action=RollbackForceDeleteFiles,ActionType=1281,Source=BinaryData,Target=ForceDeleteFiles,CustomActionData=C:\Program Files\Sophos\Sophos Anti-Virus\)
    MSI (s) (88:EC) [16:51:58:015]: Executing op: ActionStart(Name=RollbackOtherFiles,,)
    MSI (s) (88:EC) [16:51:58:015]: Executing op: CustomActionSchedule(Action=RollbackOtherFiles,ActionType=1281,Source=BinaryData,Target=DeleteOtherFiles,CustomActionData=C:\Program Files\Sophos\Sophos Anti-Virus\)
    MSI (s) (88:EC) [16:51:58:031]: Executing op: ActionStart(Name=RollbackUpdateSavAdapterDll,,)
    MSI (s) (88:EC) [16:51:58:031]: Executing op: CustomActionSchedule(Action=RollbackUpdateSavAdapterDll,ActionType=1281,Source=BinaryData,Target=RollbackUpdateSavAdapterDll,CustomActionData=C:\Program Files\Sophos\Sophos Anti-Virus\)
    MSI (s) (88:EC) [16:51:58:046]: Executing op: ActionStart(Name=UpdateSavAdapterDll,,)
    MSI (s) (88:EC) [16:51:58:046]: Executing op: CustomActionSchedule(Action=UpdateSavAdapterDll,ActionType=1025,Source=BinaryData,Target=UpdateSavAdapterDll,)
    MSI (s) (88:D0) [16:51:58:062]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI4EF.tmp, Entrypoint: UpdateSavAdapterDll
    MSI (s) (88:EC) [16:52:08:750]: Executing op: ActionStart(Name=CopyOtherFiles,,)
    MSI (s) (88:EC) [16:52:08:765]: Executing op: CustomActionSchedule(Action=CopyOtherFiles,ActionType=1025,Source=BinaryData,Target=CopyOtherFiles,CustomActionData="C:\Program Files\Sophos\Sophos Anti-Virus\""C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\""XP")
    MSI (s) (88:98) [16:52:08:781]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI4F0.tmp, Entrypoint: CopyOtherFiles
    MSI (s) (88:EC) [16:52:08:843]: Executing op: ActionStart(Name=RegisterBufferOverflowProtection,,)
    MSI (s) (88:EC) [16:52:08:843]: Executing op: CustomActionSchedule(Action=RegisterBufferOverflowProtection,ActionType=1025,Source=BinaryData,Target=RegisterBufferOverflowProtection,CustomActionData=C:\Program Files\Sophos\Sophos Anti-Virus\)
    MSI (s) (88:34) [16:52:08:859]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI4F1.tmp, Entrypoint: RegisterBufferOverflowProtection
    MSI (s) (88:EC) [16:52:09:359]: User policy value 'DisableRollback' is 0
    MSI (s) (88:EC) [16:52:09:359]: Machine policy value 'DisableRollback' is 0
    Action ended 16:52:09: InstallFinalize. Return value 3.
    MSI (s) (88:EC) [16:52:09:390]: Executing op: Header(Signature=1397708873,Version=405,Timestamp=1063749243,LangId=1033,Platform=0,ScriptType=2,ScriptMajorVersion=21,ScriptMinorVersion=4,ScriptAttributes=1)
    MSI (s) (88:EC) [16:52:09:390]: Executing op: DialogInfo(Type=0,Argument=1033)
    MSI (s) (88:EC) [16:52:09:390]: Executing op: DialogInfo(Type=1,Argument=Sophos Anti-Virus)
    MSI (s) (88:EC) [16:52:09:390]: Executing op: RollbackInfo(,RollbackAction=Rollback,RollbackDescription=Rolling back action:,RollbackTemplate=[1],CleanupAction=RollbackCleanup,CleanupDescription=Removing backup files,CleanupTemplate=File: [1])
    MSI (s) (88:EC) [16:52:09:390]: Executing op: ActionStart(Name=RegisterBufferOverflowProtection,,)
    MSI (s) (88:EC) [16:52:09:390]: Executing op: ProductInfo(ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},ProductName=Sophos Anti-Virus,PackageName=Sophos Anti-Virus.msi,Language=1033,Version=151453702,Assignment=1,ObsoleteArg=0,ProductIcon=ARPPRODUCTICON.exe,,PackageCode={978F59FD-16BA-4622-B453-E731EF6D8A21},,,InstanceType=0,LUASetting=0,RemoteURTInstalls=0,ProductDeploymentFlags=3)
    MSI (s) (88:EC) [16:52:09:390]: Executing op: ActionStart(Name=CopyOtherFiles,,)
    MSI (s) (88:EC) [16:52:09:390]: Executing op: ActionStart(Name=UpdateSavAdapterDll,,)
    MSI (s) (88:EC) [16:52:09:390]: Executing op: ActionStart(Name=RollbackUpdateSavAdapterDll,,)
    MSI (s) (88:EC) [16:52:09:390]: Executing op: CustomActionRollback(Action=RollbackUpdateSavAdapterDll,ActionType=1281,Source=BinaryData,Target=RollbackUpdateSavAdapterDll,CustomActionData=C:\Program Files\Sophos\Sophos Anti-Virus\)
    MSI (s) (88:C8) [16:52:09:406]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI4F2.tmp, Entrypoint: RollbackUpdateSavAdapterDll
    MSI (s) (88:EC) [16:52:10:265]: Executing op: ActionStart(Name=RollbackOtherFiles,,)
    MSI (s) (88:EC) [16:52:10:281]: Executing op: CustomActionRollback(Action=RollbackOtherFiles,ActionType=1281,Source=BinaryData,Target=DeleteOtherFiles,CustomActionData=C:\Program Files\Sophos\Sophos Anti-Virus\)
    MSI (s) (88:64) [16:52:10:296]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI4F3.tmp, Entrypoint: DeleteOtherFiles
    MSI (s) (88:EC) [16:52:10:359]: Executing op: ActionStart(Name=RollbackForceDeleteFiles,,)
    MSI (s) (88:EC) [16:52:10:359]: Executing op: CustomActionRollback(Action=RollbackForceDeleteFiles,ActionType=1281,Source=BinaryData,Target=ForceDeleteFiles,CustomActionData=C:\Program Files\Sophos\Sophos Anti-Virus\)
    MSI (s) (88:64) [16:52:10:375]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI4F4.tmp, Entrypoint: ForceDeleteFiles
    MSI (s) (88:EC) [16:52:10:546]: Executing op: ActionStart(Name=DeleteHIPSConfig,,)
    MSI (s) (88:EC) [16:52:10:546]: Executing op: ActionStart(Name=DeleteBDLs,,)
    MSI (s) (88:EC) [16:52:10:546]: Executing op: ActionStart(Name=DeleteIDEs,,)
    MSI (s) (88:EC) [16:52:10:546]: Executing op: ActionStart(Name=CreateFolders,Description=Creating folders,Template=Folder: [1])
    MSI (s) (88:EC) [16:52:10:546]: Executing op: FolderRemove(Folder=C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\Temp\,Foreign=0)
    MSI (s) (88:EC) [16:52:10:562]: Executing op: FolderRemove(Folder=C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Tamper Protection\logs\,Foreign=0)
    MSI (s) (88:EC) [16:52:10:859]: Executing op: FolderRemove(Folder=C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Device Control\logs\,Foreign=0)
    MSI (s) (88:EC) [16:52:10:875]: Executing op: FolderRemove(Folder=C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Data Control\logs\,Foreign=0)
    MSI (s) (88:EC) [16:52:10:921]: Executing op: FolderRemove(Folder=C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\logs\,Foreign=0)
    MSI (s) (88:EC) [16:52:10:921]: Executing op: FolderRemove(Folder=C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\INFECTED\,Foreign=0)
    MSI (s) (88:EC) [16:52:10:968]: Executing op: ActionStart(Name=CheckUninstallDrivers,,)
    MSI (s) (88:EC) [16:52:10:968]: Executing op: ActionStart(Name=RemoveODBC,Description=Removing ODBC components,)
    MSI (s) (88:EC) [16:52:10:968]: Executing op: ActionStart(Name=DeleteServices,Description=Deleting services,Template=Service: [1])
    MSI (s) (88:EC) [16:52:10:968]: Executing op: ActionStart(Name=WaitForSAVService,,)
    MSI (s) (88:EC) [16:52:10:968]: Executing op: ActionStart(Name=StopServices,Description=Stopping services,Template=Service: [1])
    MSI (s) (88:EC) [16:52:10:968]: Executing op: ActionStart(Name=ProcessComponents,Description=Updating component registration,)
    MSI (s) (88:EC) [16:52:10:968]: Executing op: ComponentUnregister(ComponentId={62922683-34EB-46E1-8AF4-E9D59E61833E},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)

    ...

    :18563
  • 0

    ...

    MSI (s) (88:EC) [16:52:11:312]: Executing op: ComponentRegister(ComponentId={A074188E-B992-457A-A6FB-B674A1D71791},KeyPath=C:\Program Files\Common Files\Cisco Systems\CiscoTrustAgent\Plugins\Install\,State=3,ProductKey={00000000-0000-0000-0000-000000000000},,SharedDllRefCount=0,BinaryType=0)
    MSI (s) (88:EC) [16:52:11:312]: Executing op: ComponentUnregister(ComponentId={A074188E-B992-457A-A6FB-B674A1D71791},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:312]: Executing op: ComponentUnregister(ComponentId={C5E5F1CE-2724-447B-A7E2-3B4B4BE9E801},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:312]: Executing op: ComponentUnregister(ComponentId={B46DA52C-6057-4314-B5BE-670483AB08D1},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:312]: Executing op: ComponentUnregister(ComponentId={1601B2AC-3E23-4EA6-861E-17F52F42AAA4},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:328]: Executing op: ComponentUnregister(ComponentId={C0E2EF20-B6D0-44A7-88AD-DAFAA4A325BF},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:328]: Executing op: ComponentUnregister(ComponentId={E3FAD286-FF50-4A29-93F2-FA93F9E5E897},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:328]: Executing op: ComponentUnregister(ComponentId={49A894EE-FF4F-4862-B9B8-A4EBBEA0A77E},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:328]: Executing op: ComponentUnregister(ComponentId={B763A398-206E-43BF-9810-E482FC158A74},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:328]: Executing op: ComponentUnregister(ComponentId={F85BB204-89AC-441C-8589-F6F0D7F329B4},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:328]: Executing op: ComponentUnregister(ComponentId={DC99F7C0-7CFB-413C-8E6F-D16EE6F7AB8E},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:328]: Executing op: ComponentUnregister(ComponentId={E6BD712F-CD98-4C7F-BD6D-5DA9EF297869},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:328]: Executing op: ComponentUnregister(ComponentId={8704CBD6-DCC6-4BE1-90C4-6E4E802D30D0},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:328]: Executing op: ComponentUnregister(ComponentId={B7EF36A2-B450-43CD-9919-427EAE165995},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:328]: Executing op: ComponentUnregister(ComponentId={63284722-D09A-447D-861D-CFEBE89D28F4},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:343]: Executing op: ComponentUnregister(ComponentId={A891B002-2209-413D-896C-A999F157D57A},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:343]: Executing op: ComponentUnregister(ComponentId={7ED7F039-CC97-4CF5-8CCB-8CB15DF14759},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:343]: Executing op: ComponentUnregister(ComponentId={D3E72F8E-081F-44F9-B67C-95456E21A5CF},ProductKey={00000000-0000-0000-0000-000000000000},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:343]: Executing op: ComponentUnregister(ComponentId={D3E72F8E-081F-44F9-B67C-95456E21A5CF},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:343]: Executing op: ComponentUnregister(ComponentId={6DEE3B23-340D-4E95-9F03-A14651369222},ProductKey={00000000-0000-0000-0000-000000000000},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:343]: Executing op: ComponentUnregister(ComponentId={6DEE3B23-340D-4E95-9F03-A14651369222},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:343]: Executing op: ComponentUnregister(ComponentId={177335D9-9D47-4E12-A841-7884DB0B65FE},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:343]: Executing op: ComponentUnregister(ComponentId={4AEE9519-9D9B-44CE-9852-434F0BB544E3},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:343]: Executing op: ComponentUnregister(ComponentId={CCFFD125-B6F4-4E85-B42F-EEDE0E647001},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:359]: Executing op: ComponentUnregister(ComponentId={A4D31E85-0B09-4E42-96C3-DE5DE60EB97F},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:359]: Executing op: ComponentUnregister(ComponentId={3CFF4AE8-C6ED-41A6-9AC0-6E0B51B84C41},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:359]: Executing op: ComponentUnregister(ComponentId={281E6E5C-C737-447B-8485-B222D277746B},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:359]: Executing op: ComponentUnregister(ComponentId={A94755DD-6057-4746-8C39-B06D97E39D54},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:359]: Executing op: ComponentUnregister(ComponentId={0A8056D0-75A3-466F-95CE-FDE62CFF9C1A},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:359]: Executing op: ComponentUnregister(ComponentId={E20E745B-4391-4D1D-ABAD-A54342783573},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:359]: Executing op: ComponentUnregister(ComponentId={484E3E44-1A83-4137-BAA1-B984E5636086},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:359]: Executing op: ComponentUnregister(ComponentId={FE613E3D-0469-40F8-9A0F-635D16097928},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:359]: Executing op: ComponentUnregister(ComponentId={3276B786-D941-4ABD-810D-5AE5E3106F02},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:375]: Executing op: ComponentUnregister(ComponentId={F4E436FD-FE28-4278-86D5-E3412859F5E5},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:375]: Executing op: ComponentUnregister(ComponentId={A153DC07-D119-4900-B5D1-F671EC25C7EB},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:375]: Executing op: ComponentUnregister(ComponentId={D0457C5C-2602-48AF-9F0D-F73C1A499E8E},ProductKey={9ACB414D-9347-40B6-A453-5EFB2DB59DFA},BinaryType=0,)
    MSI (s) (88:EC) [16:52:11:375]: Executing op: ActionStart(Name=RunErrorScript,,)
    MSI (s) (88:EC) [16:52:11:375]: Executing op: CustomActionRollback(Action=RunErrorScript,ActionType=1345,Source=BinaryData,Target=RunErrorScripts,CustomActionData="C:\Program Files\Sophos\Sophos Anti-Virus\""C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\""9.7.6")
    MSI (s) (88:30) [16:52:11:390]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI4F5.tmp, Entrypoint: RunErrorScripts
    MSI (s) (88:EC) [16:52:11:437]: Executing op: ActionStart(Name=CheckRegForNullDACLs,,)
    MSI (s) (88:EC) [16:52:11:437]: Executing op: ActionStart(Name=RestoreMovedFiles,,)
    MSI (s) (88:EC) [16:52:11:437]: Executing op: CustomActionRollback(Action=RestoreMovedFiles,ActionType=1281,Source=BinaryData,Target=RestoreMovedFiles,CustomActionData=C:\Program Files\Sophos\Sophos Anti-Virus\)
    MSI (s) (88:AC) [16:52:11:453]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI4F6.tmp, Entrypoint: RestoreMovedFiles
    MSI (s) (88:EC) [16:52:11:500]: Executing op: ActionStart(Name=SetUpdateFailed,,)
    MSI (s) (88:EC) [16:52:11:515]: Executing op: CustomActionRollback(Action=SetUpdateFailed,ActionType=1281,Source=BinaryData,Target=SetUpdateFailed,)
    MSI (s) (88:F8) [16:52:11:531]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI4F7.tmp, Entrypoint: SetUpdateFailed
    MSI (s) (88:EC) [16:52:11:609]: Executing op: End(Checksum=0,ProgressTotalHDWord=0,ProgressTotalLDWord=0)
    MSI (s) (88:EC) [16:52:11:609]: Error in rollback skipped. Return: 5
    MSI (s) (88:EC) [16:52:11:640]: No System Restore sequence number for this installation.
    MSI (s) (88:EC) [16:52:11:640]: Unlocking Server
    MSI (s) (88:EC) [16:52:12:062]: PROPERTY CHANGE: Deleting UpdateStarted property. Its current value is '1'.
    Action ended 16:52:12: INSTALL. Return value 3.
    Property(S): DiskPrompt = [1]
    Property(S): Registration = No
    Property(S): UpgradeCode = {597B239E-3032-491A-A322-817737925E8A}
    Property(S): BootDriverStartup = 0
    Property(S): ConfigureSAV = "C:\Program Files\Sophos\Sophos Anti-Virus\""0"
    Property(S): CopyOtherFiles = "C:\Program Files\Sophos\Sophos Anti-Virus\""C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\""XP"
    Property(S): CopySAVSyncFile = "C:\Program Files\Sophos\Sophos Anti-Virus\""C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\"
    Property(S): CreateUserGroups = C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\Config
    Property(S): DeleteBDLs = C:\Program Files\Sophos\Sophos Anti-Virus\
    Property(S): DeleteDriverKeys = 0
    Property(S): DeleteHIPSConfig = C:\Program Files\Sophos\Sophos Anti-Virus\
    Property(S): DeleteIDEs = C:\Program Files\Sophos\Sophos Anti-Virus\
    Property(S): DeleteOtherFiles = C:\Program Files\Sophos\Sophos Anti-Virus\
    Property(S): DisableSxlLookups = C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\Config
    Property(S): DisableWebProtection = C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\Config
    Property(S): ForceDeleteFiles = C:\Program Files\Sophos\Sophos Anti-Virus\
    Property(S): InstallBootDriverVista = C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\WinLH_i386\SOPHOSBOOTDRIVER.INF
    Property(S): InstallClassFilterVista = C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\ClassFilterDrivers\i386\sdcfilter.inf
    Property(S): InstallDeviceControl = "C:\Program Files\Sophos\Sophos Anti-Virus\""C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\"
    Property(S): InstallDriverFilesVista = C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\WinLH_i386\SAVONACCESSDRIV.INF
    Property(S): InstallKMSDriver = C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\drivers\i386\skmscan.inf
    Property(S): InstallUnsignedBootDriver = "C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\""XP"
    Property(S): InstallUnsignedDrivers = "C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\""XP"
    Property(S): MoveLockedFiles = C:\Program Files\Sophos\Sophos Anti-Virus\|
    Property(S): RegisterBufferOverflowProtection = C:\Program Files\Sophos\Sophos Anti-Virus\
    Property(S): RemoveFilesOnUpgrade = C:\Program Files\Sophos\Sophos Anti-Virus\
    Property(S): RemoveSAVI = C:\Program Files\Sophos\Sophos Anti-Virus\
    Property(S): RestoreFirstInstallTime = 0
    Property(S): RestoreMovedFiles = C:\Program Files\Sophos\Sophos Anti-Virus\
    Property(S): RollbackBootDriverVista = C:\Program Files\Sophos\Sophos Anti-Virus\SOPHOSBOOTDRIVER.INF
    Property(S): RollbackClassFilterVista = C:\Program Files\Sophos\Sophos Anti-Virus\sdcfilter.inf
    Property(S): RollbackDriverFilesVista = C:\Program Files\Sophos\Sophos Anti-Virus\SAVONACCESSDRIV.INF
    Property(S): RollbackForceDeleteFiles = C:\Program Files\Sophos\Sophos Anti-Virus\
    Property(S): RollbackKMSDriverVista = C:\Program Files\Sophos\Sophos Anti-Virus\skmscan.inf
    Property(S): RollbackOtherFiles = C:\Program Files\Sophos\Sophos Anti-Virus\
    Property(S): RollbackSavi = C:\Program Files\Sophos\Sophos Anti-Virus\
    Property(S): RollbackUpdateSavAdapterDll = C:\Program Files\Sophos\Sophos Anti-Virus\
    Property(S): RunAfterScript = "C:\Program Files\Sophos\Sophos Anti-Virus\""C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\""9.7.6"
    Property(S): RunErrorScript = "C:\Program Files\Sophos\Sophos Anti-Virus\""C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\""9.7.6"
    Property(S): RunPreLaunchScript = "C:\Program Files\Sophos\Sophos Anti-Virus\""C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\""9.7.6"
    Property(S): SetAdminGroupDescription = SophosAdministrators may run Sophos Anti-Virus with complete access
    Property(S): SetFolderPermissions = C:\Program Files\Sophos\Sophos Anti-Virus\
    Property(S): SetOnAccessGroupDescription = Contains accounts used by Sophos Anti-Virus when it performs threat scanning and cleanup functions
    Property(S): SetPowerGroupDescription = SophosPowerUsers may run Sophos Anti-Virus with the access that SophosUsers have, plus greater access to cleanup
    ...

    :18565
  • 0

    ...

    Property(S): payload.8.0.50727.4053.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E = C:\WINDOWS\winsxs\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_2a9a3690\
    Property(S): SWIDIR.11DACB83_28A7_4FA6_AF5B_C006E340C101 = C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\
    Property(S): ApplicationUsers = AllUsers
    Property(S): AgreeToLicense = No
    Property(S): _IsMaintenance = Change
    Property(S): IS_SQLSERVER_USERNAME = sa
    Property(S): IS_SQLSERVER_AUTHENTICATION = 0
    Property(S): SetupType = Typical
    Property(S): _IsSetupTypeMin = Typical
    Property(S): Display_IsBitmapDlg = 1
    Property(S): EventType = BEGIN_SYSTEM_CHANGE
    Property(S): UPDATEDRIVERS = 0
    Property(S): AFTERREBOOT = 0
    Property(S): APPLYCLASSICCONFIG = 0
    Property(S): ARPCOMMENTS = Protects your computer and network from threats
    Property(S): ARPCONTACT = Sophos Technical Support
    Property(S): ARPHELPLINK = http://www.sophos.com/support
    Property(S): ARPHELPTELEPHONE = 
    Property(S): ARPNOMODIFY = 1
    Property(S): ARPNOREPAIR = 1
    Property(S): ARPPRODUCTICON = ARPPRODUCTICON.exe
    Property(S): ARPURLINFOABOUT = http://www.sophos.com
    Property(S): ARPURLUPDATEINFO = http://www.sophos.com/support/updates
    Property(S): BOOTDRIVERSIGNED = 1
    Property(S): CHECKFORCOMPETITORS = 1
    Property(S): CHECKFORSCF = 1
    Property(S): CLASSFILTERPRESENT = 0
    Property(S): CopyBDLs = 0
    Property(S): CopyIDEs = 0
    Property(S): DATACONTROL = 1
    Property(S): DEVICECONTROL = 1
    Property(S): DISABLEONACCESS = 0
    Property(S): DRIVERVERSION = XP
    Property(S): DWUSINTERVAL = 30
    Property(S): DWUSLINK = CEFB20B8799BE0FF99ACA7283EEC978FC9CBA08F698BB7F8CE8B5788D9ECA0BFBE3C07EF89AC
    Property(S): DefaultUIFont = Tahoma8
    Property(S): DialogCaption = InstallShield for Windows Installer
    Property(S): DisplayNameCustom = Custom
    Property(S): DisplayNameMinimal = Minimal
    Property(S): DisplayNameTypical = Typical
    Property(S): ErrorDialog = SetupError
    Property(S): FIRST_INSTALL_DATE = 0
    Property(S): IDEONLY = 0
    Property(S): INSTALLLEVEL = 100
    Property(S): ISVROOT_PORT_NO = 0
    Property(S): IS_COMPLUS_PROGRESSTEXT_COST = Costing COM+ application: [1]
    Property(S): IS_COMPLUS_PROGRESSTEXT_INSTALL = Installing COM+ application: [1]
    Property(S): IS_COMPLUS_PROGRESSTEXT_UNINSTALL = Uninstalling COM+ application: [1]
    Property(S): IS_PROGMSG_XML_COSTING = Costing XML files...
    Property(S): IS_PROGMSG_XML_CREATE_FILE = Creating XML file %s...
    Property(S): IS_PROGMSG_XML_FILES = Performing XML file changes...
    Property(S): IS_PROGMSG_XML_REMOVE_FILE = Removing XML file %s...
    Property(S): IS_PROGMSG_XML_ROLLBACK_FILES = Rolling back XML file changes...
    Property(S): IS_PROGMSG_XML_UPDATE_FILE = Updating XML file %s...
    Property(S): InstallChoice = AR
    Property(S): MAJORUPGRADE = 0
    Property(S): MANAGED = 1
    Property(S): MSIRESTARTMANAGERCONTROL = Disable
    Property(S): Manufacturer = Sophos Limited
    Property(S): NEEDREBOOT = 0
    Property(S): PIDTemplate = 12345<###-%%%%%%%>@@@@@
    Property(S): PROCESSOR_NX_ENABLED = 0
    Property(S): PROGMSG_IIS_CREATEAPPPOOL = Creating application pool %s
    Property(S): PROGMSG_IIS_CREATEAPPPOOLS = Creating application Pools...
    Property(S): PROGMSG_IIS_CREATEVROOT = Creating IIS virtual directory %s
    Property(S): PROGMSG_IIS_CREATEVROOTS = Creating IIS virtual directories...
    Property(S): PROGMSG_IIS_CREATEWEBSERVICEEXTENSION = Creating web service extension
    Property(S): PROGMSG_IIS_CREATEWEBSERVICEEXTENSIONS = Creating web service extensions...
    Property(S): PROGMSG_IIS_EXTRACT = Extracting information for IIS virtual directories...
    Property(S): PROGMSG_IIS_EXTRACTDONE = Extracted information for IIS virtual directories...
    Property(S): PROGMSG_IIS_REMOVEAPPPOOL = Removing application pool
    Property(S): PROGMSG_IIS_REMOVEAPPPOOLS = Removing application pools...
    Property(S): PROGMSG_IIS_REMOVESITE = Removing web site at port %d
    Property(S): PROGMSG_IIS_REMOVEVROOT = Removing IIS virtual directory %s
    Property(S): PROGMSG_IIS_REMOVEVROOTS = Removing IIS virtual directories...
    Property(S): PROGMSG_IIS_REMOVEWEBSERVICEEXTENSION = Removing web service extension
    Property(S): PROGMSG_IIS_REMOVEWEBSERVICEEXTENSIONS = Removing web service extensions...
    Property(S): PROGMSG_IIS_ROLLBACKAPPPOOLS = Rolling back application pools...
    Property(S): PROGMSG_IIS_ROLLBACKVROOTS = Rolling back virtual directory and web site changes...
    Property(S): PROGMSG_IIS_ROLLBACKWEBSERVICEEXTENSIONS = Rolling back web service extensions...
    Property(S): ProductCode = {9ACB414D-9347-40B6-A453-5EFB2DB59DFA}
    Property(S): ProductID = none
    Property(S): ProductLanguage = 1033
    Property(S): ProductName = Sophos Anti-Virus
    Property(S): ProductVersion = 9.7.6
    Property(S): ProgressType0 = install
    Property(S): ProgressType1 = Installing
    Property(S): ProgressType2 = installed
    Property(S): ProgressType3 = installs
    Property(S): RebootYesNo = Yes
    Property(S): ReinstallModeText = omus
    Property(S): SAVIONLY = 0
    Property(S): SCRIPTDIR = [SOURCEDIR]
    Property(S): SequenceNumber = 0
    Property(S): UNINSTALLBOOTDRIVERS = 1
    Property(S): UNINSTALLCLASSFILTER = 1
    Property(S): UNINSTALLDRIVERS = 1
    Property(S): UNINSTALLERROR = An older version of Sophos Anti-Virus has not been fully removed from your machine. Please reboot your machine before attempting to install Sophos Anti-Virus.
    Property(S): UNINSTALLKMSDRIVERS = 1
    Property(S): UPDATEBOOTDRIVERS = 1
    Property(S): UPDATECLASSFILTER = 1
    Property(S): VIRUSDATAUPDATE = 0
    Property(S): WEBSCANNING = 1
    Property(S): ISReleaseFlags = SAV
    Property(S): RollBackInstallDeviceControl = C:\Program Files\Sophos\Sophos Anti-Virus\
    Property(S): ROOTDRIVE = C:\
    Property(S): AdminUser = 1
    Property(S): ACTION = INSTALL
    Property(S): UILevel = 2
    Property(S): OriginalDatabase = C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\Sophos Anti-Virus.msi
    Property(S): DATABASE = C:\WINDOWS\Installer\a43ac53.msi
    Property(S): Privileged = 1
    Property(S): RedirectedDllSupport = 2
    Property(S): MsiWin32AssemblySupport = 5.1.2600.5512
    Property(S): InstallShieldTempProp = 0
    Property(S): MsiNetAssemblySupport = 2.0.50727.3053
    Property(S): Date = 11/7/2011
    Property(S): Time = 16:52:12
    Property(S): TTCSupport = 1
    Property(S): ColorBits = 32
    Property(S): TextInternalLeading = 3
    Property(S): TextHeight = 16
    Property(S): BorderSide = 1
    Property(S): BorderTop = 1
    Property(S): CaptionHeight = 30
    Property(S): ScreenY = 900
    Property(S): ScreenX = 1600
    Property(S): SystemLanguageID = 1033
    Property(S): ComputerName = ZJ
    Property(S): UserLanguageID = 1033
    Property(S): UserSID = S-1-5-18
    Property(S): LogonUser = SYSTEM
    Property(S): VirtualMemory = 828
    Property(S): USERNAME = Guangyu
    Property(S): PhysicalMemory = 1023
    Property(S): Intel = 15
    Property(S): ShellAdvtSupport = 1
    Property(S): OLEAdvtSupport = 1
    Property(S): GPTSupport = 1
    Property(S): MyPicturesFolder = C:\WINDOWS\system32\config\systemprofile\My Documents\My Pictures\
    Property(S): RecentFolder = C:\WINDOWS\system32\config\systemprofile\Recent\
    Property(S): PrintHoodFolder = C:\WINDOWS\system32\config\systemprofile\PrintHood\
    Property(S): PersonalFolder = C:\WINDOWS\system32\config\systemprofile\My Documents\
    Property(S): NetHoodFolder = C:\WINDOWS\system32\config\systemprofile\NetHood\
    Property(S): AppDataFolder = C:\WINDOWS\system32\config\systemprofile\Application Data\
    Property(S): RemoteAdminTS = 1
    Property(S): MsiNTProductType = 1
    Property(S): ServicePackLevelMinor = 0
    Property(S): ServicePackLevel = 3
    Property(S): WindowsBuild = 2600
    Property(S): VersionMsi = 4.05
    Property(S): VersionDatabase = 200
    Property(S): MsiSystemRebootPending = 1
    Property(S): CLIENTPROCESSID = 1496
    Property(S): MSICLIENTUSESEXTERNALUI = 1
    Property(S): CLIENTUILEVEL = 3
    Property(S): CURRENTDIRECTORY = C:\WINDOWS\system32
    Property(S): UPDATEKMSDRIVERS = 1
    Property(S): REBOOT = ReallySuppress
    Property(S): PackagecodeChanging = 1
    Property(S): ProductState = -1
    Property(S): PackageCode = {978F59FD-16BA-4622-B453-E731EF6D8A21}
    Property(S): MsiLogFileLocation = C:\WINDOWS\TEMP\Sophos Anti-Virus Install Log_111108_125130.txt
    Property(S): CostingComplete = 1
    Property(S): OutOfDiskSpace = 0
    Property(S): OutOfNoRbDiskSpace = 0
    Property(S): PrimaryVolumeSpaceAvailable = 0
    Property(S): PrimaryVolumeSpaceRequired = 0
    Property(S): PrimaryVolumeSpaceRemaining = 0
    Property(S): SOURCEDIR = C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320713470\
    Property(S): SourcedirProduct = {9ACB414D-9347-40B6-A453-5EFB2DB59DFA}
    Property(S): ProductToBeRegistered = 1
    MSI (s) (88:EC) [16:52:12:375]: Note: 1: 1708
    MSI (s) (88:EC) [16:52:12:375]: Product: Sophos Anti-Virus -- Installation operation failed.

    MSI (s) (88:EC) [16:52:12:375]: Windows Installer installed the product. Product Name: Sophos Anti-Virus. Product Version: 9.7.6. Product Language: 1033. Installation success or error status: 1603.

    MSI (s) (88:EC) [16:52:12:406]: Cleaning up uninstalled install packages, if any exist
    MSI (s) (88:EC) [16:52:12:406]: MainEngineThread is returning 1603
    MSI (s) (88:C8) [16:52:12:406]: No System Restore sequence number for this installation.
    === Logging stopped: 11/7/2011  16:52:12 ===
    MSI (s) (88:C8) [16:52:12:406]: User policy value 'DisableRollback' is 0
    MSI (s) (88:C8) [16:52:12:406]: Machine policy value 'DisableRollback' is 0
    MSI (s) (88:C8) [16:52:12:406]: Incrementing counter to disable shutdown. Counter after increment: 0
    MSI (s) (88:C8) [16:52:12:406]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts 3: 2
    MSI (s) (88:C8) [16:52:12:406]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts 3: 2
    MSI (s) (88:C8) [16:52:12:406]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied.  Counter after decrement: -1
    MSI (s) (88:C8) [16:52:12:406]: Restoring environment variables
    MSI (c) (D8:90) [16:52:12:406]: Decrementing counter to disable shutdown. If counter >= 0, shutdown will be denied.  Counter after decrement: -1
    MSI (c) (D8:90) [16:52:12:406]: MainEngineThread is returning 1603
    === Verbose logging stopped: 11/7/2011  16:52:12 ===

    Please let me know if you need the omitted parts or anything else. Thanks a lot again in advance.

    :18567
  • 0

    Hello msima,

    looks like RegisterBufferOverflowProtection failed. There should be a corresponding Sophos Anti-Virus CustomActions Log_ <timestamp>.txt file which probably contains some details.

    Christian

    :18569
  • 0

    Thanks for your kind reply. Here is one Sophos Anti-Virus CustomActions Log: 

    2011-11-08 07:02:48 Starting competitor detection...
    2011-11-08 07:02:48 Enumerating competitor uninstall keys...
    2011-11-08 07:02:48 PROCESSOR_ARCHITECTURE environment variable is: x86
    2011-11-08 07:02:57 Boot driver: not installed.
    2011-11-08 07:03:07 Setting class filter present property to: 0
    2011-11-08 07:03:07 PROCESSOR_ARCHITECTURE environment variable is: x86
    2011-11-08 07:03:14 WaitForSAVService: Walking system processes...
    2011-11-08 07:03:15 WaitForSAVService: Finished walking system processes.
    2011-11-08 07:03:15 IsServiceInstalled: Unable to get a handle to requested service SAVOnAccess control. Returning false.
    2011-11-08 07:03:15 IsServiceInstalled: Unable to get a handle to requested service SAVOnAccess filter. Returning false.
    2011-11-08 07:03:26 CopyOtherFiles custom action - Copying other driver files
    2011-11-08 07:03:26 Copying class filter source: C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320764549\classfilterdrivers\i386\SDCFILTER.INF, target: C:\Program Files\Sophos\Sophos Anti-Virus\
    2011-11-08 07:03:26 Copying kms source: C:\WINDOWS\TEMP\sophos_autoupdate1.dir\1320764549\drivers\i386\SKMSCAN.INF, target: C:\Program Files\Sophos\Sophos Anti-Virus\
    2011-11-08 07:03:26 GetRidOfExistingDetoured - C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll does not exist, no further action.
    2011-11-08 07:03:26 PROCESSOR_ARCHITECTURE environment variable is: x86
    2011-11-08 07:03:26 Error opening Windows key
    2011-11-08 07:03:26 GetRidOfExistingDetoured - C:\Program Files\Sophos\Sophos Anti-Virus\detoured.dll does not exist, no further action.
    2011-11-08 07:03:26 Failed to open the AppInit_DLLs key
    2011-11-08 07:03:28 GetRidOfExistingDetoured - C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll detoured exists, proceeding to rename it & mark for delete.
    2011-11-08 07:03:28 PROCESSOR_ARCHITECTURE environment variable is: x86
    2011-11-08 07:03:28 GetRidOfExistingDetoured - C:\Program Files\Sophos\Sophos Anti-Virus\detoured.dll does not exist, no further action.
    2011-11-08 07:03:28 Deleting config file folder
    2011-11-08 07:03:28 Failed to delete config folder, 2
    2011-11-08 07:03:28 Error deleting DesktopMessaging registry key. Returned error was: The system cannot find the file specified.

    2011-11-08 07:03:29 Unable to create an instance of ComponentManager - SystemInformation cannot be informed of end of update

    :18625
  • 0
    Probably the remains of a failed install. Check the permissions in the registry, especially the AppInit_DLLs or its parents. Very likely that permissions are corrupt.

    Christian
    :18631
  • 0

    You are right. It looks the system might be tampered with. The owership/full control of Administrators and/or SYSTEM to the AppInit_DLLs key and HKLM/Software/Classes in the registry was removed. After restoring all these, the SAV was successfully re-installed. Thanks.

    :18763
  • 0

    Hello msima,

    It looks the system might be tampered with

    not necessarily - I've never investigated in detail but I think it's "just" an effect of an interrupted installer (msiexec) run (and not only seen in conjunction with Sophos). Good it worked though (and please mark the solution - it might help others).

    Christian

    :18789
  • 0
    I had this exact problem on one pc and tried multiple suggestions found around the web, but it was: http://www.sophos.com/en-us/support/knowledgebase/57500.aspx which proved to move my focus onto the actual cause and.. my fix. It referenced the following registry keys: 32 Bit operating systems: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows 64 bit operating systems HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\WindowsNT\CurrentVersion\Windows I noticed on the pc that was giving me the trouble that the 'Windows' key was missing on the pc that was having the problem with installing the Sophos Anti-Virus, so I created it and ensured Administrators and System had full control on the key. Then simply did an 'update now' using the sophos system tray shield (after it not working before to install), and the update ran through flawlessly. One fully up to date pc with the sophos antivirus now working. Hope this helps others as it had me >.< this close to an operating system rebuild to cure. J
    :41649
  • 0
    TLDR version: Use reg edit and browse to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion and then create a key inside 'CurrentVersion' called 'Windows' (without the ' ) For 64 bit operating systems HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows &/or HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\WindowsNT\CurrentVersion\Windows are the keys you may need to create. Sure fixed my problem, hope it helps others who've found this issue. First time i'd come across it, and only found the problem while fixing another fault on the same pc.
    :41651
Unfiltered HTML