Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 3 subscribers
  • Views 8135 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Anti-virus missing from computers

allisonh

We have 100+ machines (out of 3000+) that are missing the Sophos anti-virus component, but once had it. They all seemed to have randomly uninstalled at the same time frame (July 31, 2017 according to reports), the computers have all the other Sophos components/services. We are running Sophos Enterprise Console 5.5.0. I had opened a ticket with support, but they told me how to reinstall it again. I know how to install it, my question is has anyone else experienced this? How did this happen to some computers, and not all? Will creating a custom installation script work, versus manually installing it on each PC?

 

Thanks in advance!



This thread was automatically locked due to age.
Parents
  • 0

    Hello,

    If there is a major update of SAV, E.g.: 10.3.15.to 10.6.3 for example, then the current install of Sophos Anti-Virus will be removed before the new version is installed.

    I suppose there is a chance that the uninstall completed, the install went on to fail.  It will not re-install the previous version at this point.

    The various types of install logs of SAV are kept under \windows\temp\.  Do you see an uninstall log for SAV that ties in with this?  The install logs also references the uninstall being called.

    Regards,

    Jak

Reply
  • 0

    Hello,

    If there is a major update of SAV, E.g.: 10.3.15.to 10.6.3 for example, then the current install of Sophos Anti-Virus will be removed before the new version is installed.

    I suppose there is a chance that the uninstall completed, the install went on to fail.  It will not re-install the previous version at this point.

    The various types of install logs of SAV are kept under \windows\temp\.  Do you see an uninstall log for SAV that ties in with this?  The install logs also references the uninstall being called.

    Regards,

    Jak

Children
  • 0 in reply to jak

    That makes sense now that you say that, I went back and looked at an endpoint and they have an uninstall log from around that date, but no recent install log. I also noticed Sophos AutoUpdate service was missing, are they related installs?

  • 0 in reply to allisonh

    There is a chance that both versions were released at the same time and both were updated at the same time.

    If you look in the SAV install log from that time, you will see it have called the uninstall of the previous version, I assume that must have worked but then the install of the next failed.  Do you have the MSI log of the failed install?  I wonder if there was something that required a restart during the uninstall which prevented the install.  The MSI will prove this.

    You may also want to look at the AutoUpdate msi log from around this time to see what happened to the AutoUpdate service.  

    Regards,

    Jak

Unfiltered HTML