2014-07-25 16:17:05 ExtractClassicConfig: Action started 2014-07-25 16:17:05 ExtractClassicConfig: Action succeeded 2014-07-25 16:17:06 PreInstallChecks: Action started 2014-07-25 16:17:06 PreInstallChecks: Action succeeded 2014-07-25 16:17:06 SetBootDriverStartupProperty: Action started 2014-07-25 16:17:06 SetBootDriverStartupProperty: Boot driver: not installed. 2014-07-25 16:17:06 SetBootDriverStartupProperty: Action succeeded 2014-07-25 16:17:06 SetClassFilterPresentProperty: Action started 2014-07-25 16:17:06 SetClassFilterPresentProperty: Setting class filter present property to: 0 2014-07-25 16:17:06 SetClassFilterPresentProperty: Action succeeded 2014-07-25 16:17:06 SetDriverProperty: Action started 2014-07-25 16:17:06 SetDriverProperty: PROCESSOR_ARCHITECTURE environment variable is: AMD64 2014-07-25 16:17:06 SetDriverProperty: Action succeeded 2014-07-25 16:17:06 SetProcessorProperties: Action started 2014-07-25 16:17:06 SetProcessorProperties: Action succeeded 2014-07-25 16:17:06 SetRestoreExcludedProcessesProperty: Action started 2014-07-25 16:17:06 SetRestoreExcludedProcessesProperty: SetRestoreExcludedProcessesProperty 2014-07-25 16:17:06 SetRestoreExcludedProcessesProperty: PROCESSOR_ARCHITECTURE environment variable is: AMD64 2014-07-25 16:17:06 SetRestoreExcludedProcessesProperty: Action succeeded 2014-07-25 16:17:13 CheckRegForNullDACLs: Action started 2014-07-25 16:17:13 CheckRegForNullDACLs: Action succeeded 2014-07-25 16:17:13 WaitForSAVService: Action started 2014-07-25 16:17:13 WaitForSAVService: WaitForSAVService: Walking system processes... 2014-07-25 16:17:13 WaitForSAVService: WaitForSAVService: Finished walking system processes. 2014-07-25 16:17:13 WaitForSAVService: Action succeeded 2014-07-25 16:17:13 CheckUninstallDrivers: Action started 2014-07-25 16:17:13 CheckUninstallDrivers: IsServiceInstalled: Unable to get a handle to requested service SAVOnAccess control. Returning false. 2014-07-25 16:17:13 CheckUninstallDrivers: IsServiceInstalled: Unable to get a handle to requested service SAVOnAccess filter. Returning false. 2014-07-25 16:17:13 CheckUninstallDrivers: Action succeeded 2014-07-25 16:17:13 DeleteIDEs: Action started 2014-07-25 16:17:13 DeleteIDEs: Action succeeded 2014-07-25 16:17:13 DeleteBDLs: Action started 2014-07-25 16:17:13 DeleteBDLs: Action succeeded 2014-07-25 16:17:13 DeleteHIPSConfig: Action started 2014-07-25 16:17:13 DeleteHIPSConfig: Action succeeded 2014-07-25 16:17:13 UpdateSavAdapterDll: Action started 2014-07-25 16:17:23 UpdateSavAdapterDll: Action succeeded 2014-07-25 16:17:23 CopyOtherFiles: Action started 2014-07-25 16:17:23 CopyOtherFiles: CopyOtherFiles custom action - Copying other driver files 2014-07-25 16:17:23 CopyOtherFiles: Copying class filter source: C:\ProgramData\Sophos\AutoUpdate\cache\savxp\classfilterdrivers\wnet_amd64\SDCFILTER.INF, target: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\ 2014-07-25 16:17:23 CopyOtherFiles: Copying kms source: C:\ProgramData\Sophos\AutoUpdate\cache\savxp\drivers\wxp_i386\SKMSCAN.INF, target: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\ 2014-07-25 16:17:23 CopyOtherFiles: GetRidOfExistingDetoured - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll does not exist, no further action. 2014-07-25 16:17:23 CopyOtherFiles: PROCESSOR_ARCHITECTURE environment variable is: AMD64 2014-07-25 16:17:23 CopyOtherFiles: GetRidOfExistingDetoured - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll detoured exists, proceeding to rename it & mark for delete. 2014-07-25 16:17:23 CopyOtherFiles: Action succeeded 2014-07-25 16:17:23 RegisterBufferOverflowProtection: Action started 2014-07-25 16:17:23 RegisterBufferOverflowProtection: BopsUnregister: could not get short path to DLL. It will not be unregistered. 2014-07-25 16:17:23 RegisterBufferOverflowProtection: GetRidOfExistingDetoured - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\detoured.dll does not exist, no further action. 2014-07-25 16:17:23 RegisterBufferOverflowProtection: BOPS path already exists 2014-07-25 16:17:23 RegisterBufferOverflowProtection: PROCESSOR_ARCHITECTURE environment variable is: AMD64 2014-07-25 16:17:23 RegisterBufferOverflowProtection: BOPS path already exists 2014-07-25 16:17:23 RegisterBufferOverflowProtection: Action succeeded 2014-07-25 16:17:23 RestoreExcludedProcesses: Action started 2014-07-25 16:17:23 RestoreExcludedProcesses: RestoreExcludedProcesses 2014-07-25 16:17:23 RestoreExcludedProcesses: Empty excluded processes property. Nothing to be done. 2014-07-25 16:17:23 RestoreExcludedProcesses: Action succeeded 2014-07-25 16:17:26 StartDriverServices: Action started 2014-07-25 16:17:26 StartDriverServices: IsServiceRunning: Unable to get a handle to requested service skmscan. Returning false. 2014-07-25 16:17:26 StartDriverServices: Unable to get a handle to kms service - service will not be started until next reboot 2014-07-25 16:17:26 StartDriverServices: Action succeeded 2014-07-25 16:17:28 CreateUserGroups: Action started 2014-07-25 16:17:29 CreateUserGroups: Local name of well-known group Administrators is Administratoren 2014-07-25 16:17:29 CreateUserGroups: Local name of well-known group PowerUsers is Hauptbenutzer 2014-07-25 16:17:29 CreateUserGroups: Local name of well-known group Users is Benutzer 2014-07-25 16:17:30 CreateUserGroups: Failed to add the members of group PowerUsers to SophosPowerUser group 2014-07-25 16:17:30 CreateUserGroups: Adding LOCAL SYSTEM to the SophosAdministrator role in the machine file 2014-07-25 16:17:30 CreateUserGroups: Unable to get a handle to the MA Service inside CreateUserGroups (0x80070424). The Sophos Agent service will not be re-started until next reboot. 2014-07-25 16:17:30 CreateUserGroups: Action succeeded 2014-07-25 16:17:30 AddDomainGroups: Action started 2014-07-25 16:17:30 AddDomainGroups: Action succeeded 2014-07-25 16:17:39 SetSAVAdminUpdateBegin: Action started 2014-07-25 16:17:39 SetSAVAdminUpdateBegin: Action succeeded 2014-07-25 16:17:39 UpdateSAVI: Action started 2014-07-25 16:17:39 UpdateSAVI: About to wait for event Global\!$_SAVI_!$$!_EVENT_$!__ReadyForUpdate 2014-07-25 16:17:39 UpdateSAVI: WaitForSAVIEvent: Could not open memory mapped file Global\!$_SAVI_!$$!_MMMF_$!__ 2014-07-25 16:17:39 UpdateSAVI: Successfully waited for event Global\!$_SAVI_!$$!_EVENT_$!__ReadyForUpdate 2014-07-25 16:17:39 UpdateSAVI: UpdateRequest signalled 2014-07-25 16:17:39 UpdateSAVI: About to wait for event Global\!$_SAVI_!$$!_EVENT_$!__Suspended 2014-07-25 16:17:39 UpdateSAVI: WaitForSAVIEvent: Could not open memory mapped file Global\!$_SAVI_!$$!_MMMF_$!__ 2014-07-25 16:17:39 UpdateSAVI: Successfully waited for event Global\!$_SAVI_!$$!_EVENT_$!__Suspended 2014-07-25 16:17:39 UpdateSAVI: MSCM version orig: new: 0.3.0.90 2014-07-25 16:17:39 UpdateSAVI: Copying MSCM from: C:\ProgramData\Sophos\AutoUpdate\cache\savxp\savmscm.dll to: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\savmscm.dll 2014-07-25 16:17:39 UpdateSAVI: Registered MSCM 2014-07-25 16:17:43 UpdateSAVI: SAVI dll was installed successfully 2014-07-25 16:17:43 UpdateSAVI: Action succeeded 2014-07-25 16:17:43 SetFolderPermissions: Action started 2014-07-25 16:17:43 SetFolderPermissions: We are running on XP or higher - adding LocalService to permissions on config files 2014-07-25 16:17:43 SetFolderPermissions: We are running on XP or higher - adding LocalService to permissions on config files 2014-07-25 16:17:44 SetFolderPermissions: Action succeeded 2014-07-25 16:17:45 SetServiceXP: Action started 2014-07-25 16:17:45 SetServiceXP: Action succeeded 2014-07-25 16:17:45 SetServiceSecurity: Action started 2014-07-25 16:17:46 SetServiceSecurity: Adding SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP to SavService launch permissions 2014-07-25 16:17:46 SetServiceSecurity: Adding SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP to SavService launch permissions 2014-07-25 16:17:46 SetServiceSecurity: Action succeeded 2014-07-25 16:17:46 SetServiceRecoveryActions: Action started 2014-07-25 16:17:47 SetServiceRecoveryActions: Action succeeded 2014-07-25 16:17:47 InstallDeviceControl: Action started 2014-07-25 16:17:47 InstallDeviceControl: PROCESSOR_ARCHITECTURE environment variable is: AMD64 2014-07-25 16:17:47 InstallDeviceControl: Action succeeded 2014-07-25 16:17:47 SetAdminGroupDescription: Action started 2014-07-25 16:17:47 SetAdminGroupDescription: Action succeeded 2014-07-25 16:17:47 SetPowerGroupDescription: Action started 2014-07-25 16:17:47 SetPowerGroupDescription: Action succeeded 2014-07-25 16:17:47 SetUserGroupDescription: Action started 2014-07-25 16:17:47 SetUserGroupDescription: Action succeeded 2014-07-25 16:17:47 SetOnAccessGroupDescription: Action started 2014-07-25 16:17:47 SetOnAccessGroupDescription: Action succeeded 2014-07-25 16:17:47 DeleteExpiredCaches: Action started 2014-07-25 16:17:47 DeleteExpiredCaches: Action succeeded 2014-07-25 16:17:47 EnableJournals: Action started 2014-07-25 16:17:47 EnableJournals: Checking journal for active volumes. 2014-07-25 16:17:48 EnableJournals: Journaling already enabled for on \\?\Volume{5b5aedfe-f336-11e0-8c48-806e6f6e6963}\ 2014-07-25 16:17:48 EnableJournals: Journaling already enabled for on \\?\Volume{5b5aedff-f336-11e0-8c48-806e6f6e6963}\ 2014-07-25 16:17:48 EnableJournals: Action succeeded 2014-07-25 16:17:48 CheckSNMPDLLPresence: Action started 2014-07-25 16:17:48 CheckSNMPDLLPresence: Action succeeded 2014-07-25 16:17:48 UpdateSXLServerList: Action started 2014-07-25 16:17:48 UpdateSXLServerList: LoadSophtainerData: GetSophtainerSection(C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SXLConfig.dat) returned 0. (132 bytes returned) 2014-07-25 16:17:48 UpdateSXLServerList: Action succeeded 2014-07-25 16:17:48 GenerateSavMachineId: Action started 2014-07-25 16:17:48 GenerateSavMachineId: Sav machine id = 253D8EF6-9D56-4EF7-9722-3C6A14065613 2014-07-25 16:17:48 GenerateSavMachineId: Action succeeded 2014-07-25 16:17:48 SetSAVAdminUpdateComplete: Action started 2014-07-25 16:17:48 SetSAVAdminUpdateComplete: Action succeeded 2014-07-25 16:17:48 RunPreLaunchScripts: Action started 2014-07-25 16:17:48 RunPreLaunchScripts: RunPreLaunchScripts: No entries. 2014-07-25 16:17:48 RunPreLaunchScripts: Action succeeded 2014-07-25 16:17:49 BootDriverStartup: Action started 2014-07-25 16:17:49 BootDriverStartup: Boot driver restored: disabled 2014-07-25 16:17:49 BootDriverStartup: Action succeeded 2014-07-25 16:17:49 RegisterDCIfEnabled: Action started 2014-07-25 16:17:49 RegisterDCIfEnabled: isDCEnabled: node not found: /configuration/components/DeviceControlManager/settings/enabled 2014-07-25 16:17:49 RegisterDCIfEnabled: Action succeeded 2014-07-25 16:17:49 StartSAVServices: Action started 2014-07-25 16:17:49 StartSAVServices: Failed to start the Sophos Anti-Virus service. 2014-07-25 16:17:49 StartSAVServices: Action failed 2014-07-25 16:17:49 UninstallSecurityCenter: Action started 2014-07-25 16:17:49 UninstallSecurityCenter: Error returned from CAntiVirusProvider::Uninstall() was: -2147467259 2014-07-25 16:17:49 UninstallSecurityCenter: Error returned from CAntiSpywareProvider::Uninstall() was: -2147467259 2014-07-25 16:17:49 UninstallSecurityCenter: Action succeeded 2014-07-25 16:17:49 RollbackInstallDeviceControl: Action started 2014-07-25 16:17:49 RollbackInstallDeviceControl: Action succeeded 2014-07-25 16:17:49 RemoveSAVI: Action started 2014-07-25 16:17:50 RemoveSAVI: About to wait for event Global\!$_SAVI_!$$!_EVENT_$!__ReadyForUpdate 2014-07-25 16:17:50 RemoveSAVI: WaitForSAVIEvent: Could not open memory mapped file Global\!$_SAVI_!$$!_MMMF_$!__ 2014-07-25 16:17:50 RemoveSAVI: Successfully waited for event Global\!$_SAVI_!$$!_EVENT_$!__ReadyForUpdate 2014-07-25 16:17:50 RemoveSAVI: UpdateRequest signalled 2014-07-25 16:17:50 RemoveSAVI: About to wait for event Global\!$_SAVI_!$$!_EVENT_$!__Suspended 2014-07-25 16:17:50 RemoveSAVI: WaitForSAVIEvent: Could not open memory mapped file Global\!$_SAVI_!$$!_MMMF_$!__ 2014-07-25 16:17:50 RemoveSAVI: Successfully waited for event Global\!$_SAVI_!$$!_EVENT_$!__Suspended 2014-07-25 16:17:50 RemoveSAVI: Action succeeded 2014-07-25 16:17:56 DeleteUserGroups: Action started 2014-07-25 16:17:56 DeleteUserGroups: We are not a domain controller: Attempting to delete local user groups 2014-07-25 16:17:56 DeleteUserGroups: Action succeeded 2014-07-25 16:17:57 RollbackUpdateSavAdapterDll: Action started 2014-07-25 16:17:57 RollbackUpdateSavAdapterDll: Action succeeded 2014-07-25 16:17:57 DeleteOtherFiles: Action started 2014-07-25 16:17:57 Error deleting file: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll.stf00 with error: Zugriff verweigert . 2014-07-25 16:17:57 DeleteOtherFiles: Unregistered MSCM 2014-07-25 16:17:57 DeleteOtherFiles: GetRidOfExistingDetoured - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll detoured exists, proceeding to rename it & mark for delete. 2014-07-25 16:17:57 DeleteOtherFiles: PROCESSOR_ARCHITECTURE environment variable is: AMD64 2014-07-25 16:17:57 DeleteOtherFiles: GetRidOfExistingDetoured - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll detoured exists, proceeding to rename it & mark for delete. 2014-07-25 16:17:57 DeleteOtherFiles: GetRidOfExistingDetoured - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\detoured.dll does not exist, no further action. 2014-07-25 16:17:57 DeleteOtherFiles: Deleting config file folder 2014-07-25 16:17:57 DeleteOtherFiles: Failed to delete config folder, 2 2014-07-25 16:17:57 DeleteOtherFiles: Action succeeded 2014-07-25 16:17:57 ForceDeleteFiles: Action started 2014-07-25 16:17:57 ForceDeleteFiles: Error deleting DesktopMessaging registry key. Returned error was: Das System kann die angegebene Datei nicht finden. 2014-07-25 16:17:57 ForceDeleteFiles: Action succeeded 2014-07-25 16:17:57 RunErrorScripts: Action started 2014-07-25 16:17:57 RunErrorScripts: Action succeeded 2014-07-25 16:17:57 RestoreMovedFiles: Action started 2014-07-25 16:17:57 RestoreMovedFiles: Action succeeded 2014-07-25 16:17:57 SetUpdateFailed: Action started 2014-07-25 16:17:57 SetUpdateFailed: Unable to create an instance of ComponentManager - SystemInformation cannot be informed of end of update 2014-07-25 16:17:57 SetUpdateFailed: Action succeeded