This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SophosClean not installed on Protected endpoint.

SEC 5.5.1; endpoint is running W10 LTSB.

Endpoint is a member of a AD-connected policied group; all other endpoint components were installed when the system was protected, and all other services are running. The C:\Program Files\Sophos\Clean folder was missing, and there were no \clean* or \hmpa* folders in C:\ProgramData\Sophos\AutoUpdate\Cache

This is a mystery. I have tried setting compliance with all policies; the system shows itself as updating successfully when updates are pushed to it, but the component never installs. There is no C:\Windows\temp install log file for it either. This is the only Windows endpoint that I have this problem with.

I tried pulling the install files manually from the SEC server, but wasn't able to find any guidelines for installing this beyond sophosclean.exe /uninstallsophos and sophosclean.exe /installsophos - anyone able to help with this?

Thanks,

Trece



This thread was automatically locked due to age.
Parents
  • Hello Trece,

    when updates are pushed to it  - forgive my pedantry, ,at best the instruction to check for updates is pushed to the endpoint, it's the endpoint that pulls the updates Slight smile

    How was the system protected? It sounds like the endpoint hasn't been told to install EXP (either by checking it when using Protect from the console or by using the -hmpa switch with setup.exe). The absence of the mentioned folders from the cache suggests this.

    Christian..

  • Hi Christian:

    Thanks for the quick feedback. No pedantry at all; I used pushed as I had used the right-click Update Computers Now from the SEC console. Smiley

    From the console, I did confirm that Protect did have EXP selected, so I ended up running the manual setup.exe -hmpa as you described. For anyone wondering, this is in an elevated command prompt to \\<Sophos Enterprise Console server>\SophosUpdate\CIDs\S000\SAVSCFXP\setup.exe -hmpa

    I had to run it twice; the first time it looked like it cleared references to \clean and \hmpa, and then the second time it reinstalled everything that was missing. Took a reboot to restart EXP, and after that everything is happy again. One caveat - the reinstall process is NOT fast. On the system I was working with, it took about 15 minutes before everything was finished, so patience is important.

    Christian, thanks again for the quick help. Greatly appreciated.

    Trece

Reply
  • Hi Christian:

    Thanks for the quick feedback. No pedantry at all; I used pushed as I had used the right-click Update Computers Now from the SEC console. Smiley

    From the console, I did confirm that Protect did have EXP selected, so I ended up running the manual setup.exe -hmpa as you described. For anyone wondering, this is in an elevated command prompt to \\<Sophos Enterprise Console server>\SophosUpdate\CIDs\S000\SAVSCFXP\setup.exe -hmpa

    I had to run it twice; the first time it looked like it cleared references to \clean and \hmpa, and then the second time it reinstalled everything that was missing. Took a reboot to restart EXP, and after that everything is happy again. One caveat - the reinstall process is NOT fast. On the system I was working with, it took about 15 minutes before everything was finished, so patience is important.

    Christian, thanks again for the quick help. Greatly appreciated.

    Trece

Children
No Data