For some weeks now we have some machines not updating correctly and some freezing during a scheduled scan. At first we thought this was related to some Defective Windows Updates. But this should be cleared by now. The problem on these systems do still persist.
Symptoms:
- System freezes on full scan (scheduled). This is not every time but once in a while....
- Sophos doesn't update and hangs on the update "SEC mentions: Installation caught error [0x0000006a]
In my attempts to solve the issue we have done the following:
- reboot the system: Sophos seems to install this time, but surely it fails again at the next SEC update.
- if the system freezes a reboot is the only solution, no way to get the system running again.
Looking into this I found the following registry and .dll which are mentioned in the system log:
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
AppInit_DLLs Value C:\Windows\system32\SophosAV\SOPHOS~1.DLL
The file is named sophos_detoured_x64.dll
I can not find any refrence to this file being in this location on the Sophos website. Should this file be there? It's seems a legit file from Sophos Ltd.
- The installations seem to crash after:
2019-08-08 07:39:39 Info: Logging started: performing minor update to Sophos Anti-Virus.
2019-08-08 07:39:39 Info: Beginning Shared Custom Actions. Logging will appear in Custom Action log.
2019-08-08 07:39:39 Info: Running Set Update Begin shared custom action.
I can not find where this goes wrong?
Some systems have both problems some have one or the other. (and others are just fine :-) )
This thread was automatically locked due to age.
