Thread Info
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Failed Installing Sophos Anti-Virus for Windows 2000+

Phutapong Suanyim

Dear

 

I have problem that one of computer cannot get installing Sophos antivirus for Windows 2000+ , can someone guide me how to fix it ?

I have check the Sophos Anti Virus install log found error the following:

Sophos Anti-Virus Major Install Log_171025_044105.txt

Fullscreen Sophos Anti-Virus Major CustomActions Log_171025_044105.txt Download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
2017-10-25 05:41:07 ExtractClassicConfig: Action started
2017-10-25 05:41:07 ExtractClassicConfig: Action succeeded
2017-10-25 05:41:07 PreInstallChecks: Action started
2017-10-25 05:41:07 PreInstallChecks: Action succeeded
2017-10-25 05:41:07 SetBootDriverStartupProperty: Action started
2017-10-25 05:41:07 SetBootDriverStartupProperty: Boot driver: not installed.
2017-10-25 05:41:07 SetBootDriverStartupProperty: Action succeeded
2017-10-25 05:41:07 SetClassFilterPresentProperty: Action started
2017-10-25 05:41:07 SetClassFilterPresentProperty: Setting class filter present property to: 1
2017-10-25 05:41:07 SetClassFilterPresentProperty: Action succeeded
2017-10-25 05:41:07 SetDriverProperty: Action started
2017-10-25 05:41:07 SetDriverProperty: PROCESSOR_ARCHITECTURE environment variable is: AMD64
2017-10-25 05:41:07 SetDriverProperty: Action succeeded
2017-10-25 05:41:07 SetProcessorProperties: Action started
2017-10-25 05:41:07 SetProcessorProperties: Action succeeded
2017-10-25 05:41:07 SetRestoreExcludedProcessesProperty: Action started
2017-10-25 05:41:07 SetRestoreExcludedProcessesProperty: SetRestoreExcludedProcessesProperty
2017-10-25 05:41:07 SetRestoreExcludedProcessesProperty: PROCESSOR_ARCHITECTURE environment variable is: AMD64
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX



This thread was automatically locked due to age.
  • 0

    MSI (s) (18:64) [05:41:15:012]: Executing op: ActionStart(Name=UninstallDriverFiles64OnUpdate,,)
    MSI (s) (18:64) [05:41:15:012]: Executing op: CustomActionSchedule(Action=UninstallDriverFiles64OnUpdate,ActionType=1058,Source=C:\Windows\SysWOW64\,Target="C:\Program Files (x86)\Sophos\Sophos Anti-Virus\NATIVE.EXE" /lhu "C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVONACCESSDRIV.INF",)
    MSI (s) (18:64) [05:41:15:013]: Note: 1: 1721 2: UninstallDriverFiles64OnUpdate 3: C:\Windows\SysWOW64\ 4: "C:\Program Files (x86)\Sophos\Sophos Anti-Virus\NATIVE.EXE" /lhu "C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVONACCESSDRIV.INF"
    MSI (s) (18:64) [05:41:15:013]: Product: Sophos Anti-Virus -- Error 1721.There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: UninstallDriverFiles64OnUpdate, location: C:\Windows\SysWOW64\, command: "C:\Program Files (x86)\Sophos\Sophos Anti-Virus\NATIVE.EXE" /lhu "C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVONACCESSDRIV.INF"

    MSI (s) (18:64) [05:41:15:021]: User policy value 'DisableRollback' is 0
    MSI (s) (18:64) [05:41:15:021]: Machine policy value 'DisableRollback' is 0
    Action ended 5:41:15: InstallFinalize. Return value 3.

    Is the error.  I'm a little confused given this is an install where the following line is present:

    2017-10-25 05:41:04 Info: SAV is not installed. Installing to {InstallToPath}

    It seems like it should be a fresh install so why it it uninstalling drivers?

    On the computer after the failed install has rolled back, do you have files under:
    C:\program files (x86)\sophos\sophos anti-virus\

    Was SAV once installed and ripped off in some way leaving behind some files?

    I would initially run Process Monitor while performing an install to see what is going on when the above line in the logs is thrown.  Does it fail to find Native.exe in:
    C:\program files (x86)\sophos\sophos anti-virus\ or fail to find it?  

    If so, maybe copy if from:

    C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\savxp\native\amd64

    to 
    C:\program files (x86)\sophos\sophos anti-virus\

    and try again?  Does it fail at another step?

    Maybe also it's also missing: savonaccessdriv.inf, sdcfilter.inf and SophosBootDriver.inf from C:\program files (x86)\sophos\sophos anti-virus\  These could also be copied from 

    C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\savxp\drivers\onaccess\win7_amd64\

    C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\savxp\drivers\sdcfilter\win7_amd64\

    C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\savxp\drivers\boottasks\win7_amd64

    Hope it helps.

    Regards,

    Jak

    Unfiltered HTML