This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Windows 10 CD/DVD-ROM issue

Hello all,

I believe I may have discovered an issue relating to Windows 10 and the Sophos endpoint agent.  I upgraded to Windows 10 yesterday and checked device manager to find that my DVD-RW was not functioning properly.  If I uninstall the device, rescan for hardware changes and let it automatically reinstall, it functions properly again.  Upon rebooting, the DVD-RW stops functioning again until I repeat the aforementioned steps.  I have noticed that after rebooting, a second driver is added for the DVD-RW from Sophos: sdcfilter.sys.  Presumably this is needed for the endpoint agent to perform device control functions such as blocking writable drivers which we do utilize in our environment.  I'm not positive this is causing the issue, but that evidence suggests that.  I am going to report this to Sophos support in hopes that it might be a bug that could be corrected in the upcoming 10.6 release for all those early adopters but I thought I'd post it on the forums as well in case anyone had a similar experience.  I've attached two screenshots to support my post.

J

:58206


This thread was automatically locked due to age.
Parents
  • Has there been any progress on fixing this automatically? I have about 40 computers now without functional DVDROM drives due to Sophos Antivirus. The manual fix described in this thread works, but no way I'm going to each system to preform it. I need Sophos to automate the fix.

     

    FYI final year of my Sophos contract, so customer retention is on the line here.

  • Hi Sophos,

    I'll leave this message here, but will also forward it to my Sophos partner since I doubt anyone from corporate actually reads these forums.

    I have removed Sophos AV from all of my Windows 10 computers. More Windows 10 computers are coming next month. They will not be receiving the Sophps product. 

    I will not be renewing my 100+ license subscription this summer and going with a solution that doesn't constantly prevent my users from getting work done. My DVD drives work just fine without the Sophos product installed, so I don't understand how you can blame Microsoft.

    Kind Regards,

    Gordon McLellan

    Network Administrator, County of Manistee

  • I get it!  This took WAY too long for Sophos to fix.  Ridiculous.

     

    Here is what Sophos told me a few days ago, but I do not have any machines that need a build upgrade so I can't test it

     

    Hi Sean,



    My Global escalations team has gotten back to me and we released version 10.7.6 for the anti-virus component which has the fix for the dvd drive issue.



    Just wondering if you are still seeing this issue and if you are we would need a new set of logs.



    To confirm what version you are running you could open Sophos on the endpoint, click on "about" in the bottom right hand corner, click on "Run diagnostic tool", then click on "installed components" and you should see for the anti-virus as 10.7.6.117

  • Hi Sean,

    I just had my last Windows 10 machine have it's DVD drive disabled by Sophos ... under Central I see this:

    Agent Update Status10.7.6 VE3.70.2 Update Successful

    I hope you have better luck fighting this issue, I've given up.

    Regards,

    Gordon

  • Hi Gordon McLellan1 & others,

    I am really sorry to hear that you had this issue with our product. The reported issue was fixed in the following releases:

    • Sophos Endpoint Security and Control 10.7.6
    • Sophos Central Endpoint Standard/Advanced 10.8.1
    • UTM Managed Endpoint 11.0.12

    Please confirm if you still facing the issue even after the update. To Confirm if the update is rolled to the client, please check the Major install log (Sophos Anti-Virus Major Install Log_<datetime>) for the link <Datetime>info:SetupPlugin: updateProps.m_MajorUpdate = 1 . If the Value is 0 the update didn't run. 

    Regards,

    Gowtham Mani
    Community Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

  • This issue has not been fixed, and is easy to recreate. I'm not sure why Sophos is having such a hard time recreating it internally. Using the latest endpoint client as of May 25, the optical is still rendered useless by Sophos after a Windows update.

     

    Steps to reproduce:

    Install Windows 10 Enterprise build 1703 in a virtual machine.

    Install Sophos Endpoint using the latest installer downloaded from Sophos Central.

    Let the Endpoint update itself, reboot a few times to confirm.

    Go into Windows Update and install the April feature update (Build 1803), reboot

    Boom, the optical drive is now non-functional.

     

    I have repeated this on three different virtual machines, and a physical laptop.

     

    Ticket is open with Global Escalations #8067291 

     

    At this point resolution is purely an academic exercise for me, I'm curious to see the result. I have moved my enterprise to another endpoint solution, Sophos dropped the ball on this one a long time ago.

  • Gowtham Mani said:

    Hi Gordon McLellan1 & others,

    I am really sorry to hear that you had this issue with our product. The reported issue was fixed in the following releases:

    • Sophos Endpoint Security and Control 10.7.6
    • Sophos Central Endpoint Standard/Advanced 10.8.1
    • UTM Managed Endpoint 11.0.12

    Core agent 2.0.3

    Endpoint Standard 10.8.1.2

    no interceptx no encryption

    Fortunately we have the sdcfilter.inf workaround to use after any Windows major update

  • So my ticket got kicked back to the helpdesk, Global Escalations still claims the resolution for this issue is to manually reinstall scdfilter on every workstation after every Windows feature update. It is clear Sophos is not interested in resolving the issue properly.

  • The problems as been 'fixed' for me, in a way.  The CDROM breaks when my computers upgrade to 1803, but a reboot fixes it (until the next feature update, I assume).

Reply Children
  • On the next ide update (or any update requiring an actual update not just a check) post OS upgrade the SAV installer will recognise it is not a complete install and switch to a major install which will add the sdcfilter service back.  Microsoft does not migrate the driver as it's not PnP but it should be re-instated in a couple of hours depending on when the next ide update is released.