2015-09-01 17:58:31 ExtractClassicConfig: Action started 2015-09-01 17:58:31 ExtractClassicConfig: Action succeeded 2015-09-01 17:58:32 PreInstallChecks: Action started 2015-09-01 17:58:32 PreInstallChecks: Action succeeded 2015-09-01 17:58:32 SetBootDriverStartupProperty: Action started 2015-09-01 17:58:32 SetBootDriverStartupProperty: Boot driver: not installed. 2015-09-01 17:58:32 SetBootDriverStartupProperty: Action succeeded 2015-09-01 17:58:32 SetClassFilterPresentProperty: Action started 2015-09-01 17:58:32 SetClassFilterPresentProperty: Setting class filter present property to: 0 2015-09-01 17:58:32 SetClassFilterPresentProperty: Action succeeded 2015-09-01 17:58:32 SetDriverProperty: Action started 2015-09-01 17:58:32 SetDriverProperty: PROCESSOR_ARCHITECTURE environment variable is: AMD64 2015-09-01 17:58:32 SetDriverProperty: Action succeeded 2015-09-01 17:58:32 SetProcessorProperties: Action started 2015-09-01 17:58:32 SetProcessorProperties: Action succeeded 2015-09-01 17:58:33 SetRestoreExcludedProcessesProperty: Action started 2015-09-01 17:58:33 SetRestoreExcludedProcessesProperty: SetRestoreExcludedProcessesProperty 2015-09-01 17:58:33 SetRestoreExcludedProcessesProperty: PROCESSOR_ARCHITECTURE environment variable is: AMD64 2015-09-01 17:58:33 SetRestoreExcludedProcessesProperty: Action succeeded 2015-09-01 17:58:39 CheckRegForNullDACLs: Action started 2015-09-01 17:58:39 CheckRegForNullDACLs: Action succeeded 2015-09-01 17:58:39 WaitForSAVService: Action started 2015-09-01 17:58:39 WaitForSAVService: WaitForSAVService: Walking system processes... 2015-09-01 17:58:39 WaitForSAVService: WaitForSAVService: Finished walking system processes. 2015-09-01 17:58:39 WaitForSAVService: Action succeeded 2015-09-01 17:58:39 CheckUninstallDrivers: Action started 2015-09-01 17:58:40 CheckUninstallDrivers: IsServiceInstalled: Unable to get a handle to requested service SAVOnAccess control. Returning false. 2015-09-01 17:58:40 CheckUninstallDrivers: IsServiceInstalled: Unable to get a handle to requested service SAVOnAccess filter. Returning false. 2015-09-01 17:58:40 CheckUninstallDrivers: Action succeeded 2015-09-01 17:58:40 DeleteIDEs: Action started 2015-09-01 17:58:40 DeleteIDEs: Action succeeded 2015-09-01 17:58:40 DeleteBDLs: Action started 2015-09-01 17:58:40 DeleteBDLs: Action succeeded 2015-09-01 17:58:40 DeleteHIPSConfig: Action started 2015-09-01 17:58:40 DeleteHIPSConfig: Action succeeded 2015-09-01 17:58:41 UpdateSavAdapterDll: Action started 2015-09-01 17:58:51 UpdateSavAdapterDll: Action succeeded 2015-09-01 17:58:51 CopyOtherFiles: Action started 2015-09-01 17:58:51 CopyOtherFiles: CopyOtherFiles custom action - Copying other driver files 2015-09-01 17:58:51 CopyOtherFiles: Copying class filter source: C:\ProgramData\Sophos\AutoUpdate\cache\savxp\classfilterdrivers\wnet_amd64\SDCFILTER.INF, target: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\ 2015-09-01 17:58:51 CopyOtherFiles: Copying boot driver source: C:\ProgramData\Sophos\AutoUpdate\cache\savxp\WinLH_AMD64\SOPHOSBOOTDRIVER.INF, target: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\ 2015-09-01 17:58:51 CopyOtherFiles: Copying kms source: C:\ProgramData\Sophos\AutoUpdate\cache\savxp\drivers\wxp_i386\SKMSCAN.INF, target: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\ 2015-09-01 17:58:51 CopyOtherFiles: GetRidOfExistingDetoured - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll detoured exists, proceeding to rename it & mark for delete. 2015-09-01 17:58:51 CopyOtherFiles: PROCESSOR_ARCHITECTURE environment variable is: AMD64 2015-09-01 17:58:51 CopyOtherFiles: GetRidOfExistingDetoured - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll detoured exists, proceeding to rename it & mark for delete. 2015-09-01 17:58:51 CopyOtherFiles: Copying boot tasks source: C:\ProgramData\Sophos\AutoUpdate\cache\savxp\WinLH_AMD64\SophosBootTasks.exe, target: C:\WINDOWS\system32\ 2015-09-01 17:58:51 CopyOtherFiles: Action succeeded 2015-09-01 17:58:51 RegisterBufferOverflowProtection: Action started 2015-09-01 17:58:51 RegisterBufferOverflowProtection: BopsUnregister: could not get short path to DLL. It will not be unregistered. 2015-09-01 17:58:51 RegisterBufferOverflowProtection: GetRidOfExistingDetoured - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\detoured.dll does not exist, no further action. 2015-09-01 17:58:51 RegisterBufferOverflowProtection: BOPS path already exists 2015-09-01 17:58:51 RegisterBufferOverflowProtection: PROCESSOR_ARCHITECTURE environment variable is: AMD64 2015-09-01 17:58:51 RegisterBufferOverflowProtection: BOPS path already exists 2015-09-01 17:58:51 RegisterBufferOverflowProtection: Action succeeded 2015-09-01 17:58:51 RestoreExcludedProcesses: Action started 2015-09-01 17:58:51 RestoreExcludedProcesses: RestoreExcludedProcesses 2015-09-01 17:58:51 RestoreExcludedProcesses: Empty excluded processes property. Nothing to be done. 2015-09-01 17:58:51 RestoreExcludedProcesses: Action succeeded 2015-09-01 17:58:51 StartDriverServices: Action started 2015-09-01 17:58:51 StartDriverServices: IsServiceRunning: Unable to get a handle to requested service skmscan. Returning false. 2015-09-01 17:58:51 StartDriverServices: Unable to get a handle to kms service - service will not be started until next reboot 2015-09-01 17:58:51 StartDriverServices: Action succeeded 2015-09-01 17:59:01 CreateUserGroups: Action started 2015-09-01 17:59:03 CreateUserGroups: Local name of well-known group Administrators is Administrators 2015-09-01 17:59:03 CreateUserGroups: Local name of well-known group PowerUsers is Power Users 2015-09-01 17:59:03 CreateUserGroups: Local name of well-known group Users is Users 2015-09-01 17:59:04 CreateUserGroups: Failed to add the members of group PowerUsers to SophosPowerUser group 2015-09-01 17:59:05 CreateUserGroups: Adding LOCAL SYSTEM to the SophosAdministrator role in the machine file 2015-09-01 17:59:09 CreateUserGroups: Action succeeded 2015-09-01 17:59:10 AddDomainGroups: Action started 2015-09-01 17:59:10 AddDomainGroups: Action succeeded 2015-09-01 17:59:13 SetSAVAdminUpdateBegin: Action started 2015-09-01 17:59:13 SetSAVAdminUpdateBegin: Action succeeded 2015-09-01 17:59:13 UpdateSAVI: Action started 2015-09-01 17:59:13 UpdateSAVI: About to wait for event Global\!$_SAVI_!$$!_EVENT_$!__ReadyForUpdate 2015-09-01 17:59:13 UpdateSAVI: WaitForSAVIEvent: Could not open memory mapped file Global\!$_SAVI_!$$!_MMMF_$!__ 2015-09-01 17:59:13 UpdateSAVI: Successfully waited for event Global\!$_SAVI_!$$!_EVENT_$!__ReadyForUpdate 2015-09-01 17:59:13 UpdateSAVI: UpdateRequest signalled 2015-09-01 17:59:13 UpdateSAVI: About to wait for event Global\!$_SAVI_!$$!_EVENT_$!__Suspended 2015-09-01 17:59:13 UpdateSAVI: WaitForSAVIEvent: Could not open memory mapped file Global\!$_SAVI_!$$!_MMMF_$!__ 2015-09-01 17:59:13 UpdateSAVI: Successfully waited for event Global\!$_SAVI_!$$!_EVENT_$!__Suspended 2015-09-01 17:59:13 UpdateSAVI: MSCM version orig: new: 0.3.0.90 2015-09-01 17:59:13 UpdateSAVI: Copying MSCM from: C:\ProgramData\Sophos\AutoUpdate\cache\savxp\savmscm.dll to: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\savmscm.dll 2015-09-01 17:59:13 UpdateSAVI: Registered MSCM 2015-09-01 17:59:16 UpdateSAVI: SAVI dll was installed successfully 2015-09-01 17:59:16 UpdateSAVI: Action succeeded 2015-09-01 17:59:16 SetFolderPermissions: Action started 2015-09-01 17:59:16 SetFolderPermissions: We are running on XP or higher - adding LocalService to permissions on config files 2015-09-01 17:59:16 SetFolderPermissions: We are running on XP or higher - adding LocalService to permissions on config files 2015-09-01 17:59:16 SetFolderPermissions: Action succeeded 2015-09-01 17:59:16 SetServiceXP: Action started 2015-09-01 17:59:16 SetServiceXP: Action succeeded 2015-09-01 17:59:16 SetServiceSecurity: Action started 2015-09-01 17:59:16 SetServiceSecurity: Adding SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP to SavService launch permissions 2015-09-01 17:59:16 SetServiceSecurity: Adding SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP to SavService launch permissions 2015-09-01 17:59:16 SetServiceSecurity: Action succeeded 2015-09-01 17:59:17 SetServiceRecoveryActions: Action started 2015-09-01 17:59:17 SetServiceRecoveryActions: Action succeeded 2015-09-01 17:59:17 InstallDeviceControl: Action started 2015-09-01 17:59:17 InstallDeviceControl: PROCESSOR_ARCHITECTURE environment variable is: AMD64 2015-09-01 17:59:17 InstallDeviceControl: Action succeeded 2015-09-01 17:59:17 SetAdminGroupDescription: Action started 2015-09-01 17:59:18 SetAdminGroupDescription: Action succeeded 2015-09-01 17:59:18 SetPowerGroupDescription: Action started 2015-09-01 17:59:18 SetPowerGroupDescription: Action succeeded 2015-09-01 17:59:19 SetUserGroupDescription: Action started 2015-09-01 17:59:19 SetUserGroupDescription: Action succeeded 2015-09-01 17:59:19 SetOnAccessGroupDescription: Action started 2015-09-01 17:59:19 SetOnAccessGroupDescription: Action succeeded 2015-09-01 17:59:19 DisablePUADetection: Action started 2015-09-01 17:59:20 DisablePUADetection: Action succeeded 2015-09-01 17:59:20 DeleteExpiredCaches: Action started 2015-09-01 17:59:20 DeleteExpiredCaches: Action succeeded 2015-09-01 17:59:20 EnableJournals: Action started 2015-09-01 17:59:20 EnableJournals: Checking journal for active volumes. 2015-09-01 17:59:20 EnableJournals: Journaling already enabled for on \\?\Volume{1d1419f9-4af4-11e5-9e4e-94659c2cbf9f}\ 2015-09-01 17:59:20 EnableJournals: Journaling already enabled for on \\?\Volume{2ef831c5-3ad9-11e5-9869-806e6f6e6963}\ 2015-09-01 17:59:20 EnableJournals: Action succeeded 2015-09-01 17:59:20 DisableWebProtection: Action started 2015-09-01 17:59:20 DisableWebProtection: DisableWebProtection: OK 2015-09-01 17:59:20 DisableWebProtection: Action succeeded 2015-09-01 17:59:20 DisableSxlLookups: Action started 2015-09-01 17:59:21 DisableSxlLookups: DisableSxlLookups: OK 2015-09-01 17:59:21 DisableSxlLookups: Action succeeded 2015-09-01 17:59:21 CheckSNMPDLLPresence: Action started 2015-09-01 17:59:21 CheckSNMPDLLPresence: Action succeeded 2015-09-01 17:59:21 UpdateSXLServerList: Action started 2015-09-01 17:59:21 UpdateSXLServerList: LoadSophtainerData: GetSophtainerSection(C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SXLConfig.dat) returned 0. (180 bytes returned) 2015-09-01 17:59:21 UpdateSXLServerList: ExtractSXLServerConf: 0, 4, 4 2015-09-01 17:59:21 UpdateSXLServerList: Action succeeded 2015-09-01 17:59:22 GenerateSavMachineId: Action started 2015-09-01 17:59:22 GenerateSavMachineId: Sav machine id = CADCC016-A7DA-4CA4-9CDA-09085AA16A75 2015-09-01 17:59:22 GenerateSavMachineId: Action succeeded 2015-09-01 17:59:22 SetSAVAdminUpdateComplete: Action started 2015-09-01 17:59:22 SetSAVAdminUpdateComplete: Action succeeded 2015-09-01 17:59:22 RunPreLaunchScripts: Action started 2015-09-01 17:59:23 RunPreLaunchScripts: RunPreLaunchScripts: No entries. 2015-09-01 17:59:23 RunPreLaunchScripts: Action succeeded 2015-09-01 17:59:24 BootDriverStartup: Action started 2015-09-01 17:59:24 BootDriverStartup: Boot driver restored: disabled 2015-09-01 17:59:24 BootDriverStartup: Action succeeded 2015-09-01 18:00:44 RegisterDCIfEnabled: Action started 2015-09-01 18:00:44 RegisterDCIfEnabled: isDCEnabled: node not found: /configuration/components/DeviceControlManager/settings/enabled 2015-09-01 18:00:44 RegisterDCIfEnabled: Action succeeded 2015-09-01 18:00:44 StartSAVServices: Action started 2015-09-01 18:00:44 StartSAVServices: Failed to start the Sophos Anti-Virus service. 2015-09-01 18:00:44 StartSAVServices: Action failed 2015-09-01 18:00:45 UninstallSecurityCenter: Action started 2015-09-01 18:00:45 UninstallSecurityCenter: Error returned from CAntiVirusProvider::Uninstall() was: -2147467259 2015-09-01 18:00:45 UninstallSecurityCenter: Error returned from CAntiSpywareProvider::Uninstall() was: -2147467259 2015-09-01 18:00:45 UninstallSecurityCenter: Action succeeded 2015-09-01 18:00:45 RollbackInstallDeviceControl: Action started 2015-09-01 18:00:45 RollbackInstallDeviceControl: Action succeeded 2015-09-01 18:00:45 RemoveSAVI: Action started 2015-09-01 18:00:45 RemoveSAVI: About to wait for event Global\!$_SAVI_!$$!_EVENT_$!__ReadyForUpdate 2015-09-01 18:00:45 RemoveSAVI: WaitForSAVIEvent: Could not open memory mapped file Global\!$_SAVI_!$$!_MMMF_$!__ 2015-09-01 18:00:45 RemoveSAVI: Successfully waited for event Global\!$_SAVI_!$$!_EVENT_$!__ReadyForUpdate 2015-09-01 18:00:45 RemoveSAVI: UpdateRequest signalled 2015-09-01 18:00:45 RemoveSAVI: About to wait for event Global\!$_SAVI_!$$!_EVENT_$!__Suspended 2015-09-01 18:00:45 RemoveSAVI: WaitForSAVIEvent: Could not open memory mapped file Global\!$_SAVI_!$$!_MMMF_$!__ 2015-09-01 18:00:45 RemoveSAVI: Successfully waited for event Global\!$_SAVI_!$$!_EVENT_$!__Suspended 2015-09-01 18:00:45 RemoveSAVI: Action succeeded 2015-09-01 18:00:49 DeleteUserGroups: Action started 2015-09-01 18:00:49 DeleteUserGroups: We are not a domain controller: Attempting to delete local user groups 2015-09-01 18:00:50 DeleteUserGroups: Action succeeded 2015-09-01 18:00:50 RollbackUpdateSavAdapterDll: Action started 2015-09-01 18:00:50 RollbackUpdateSavAdapterDll: Action succeeded 2015-09-01 18:00:50 DeleteOtherFiles: Action started 2015-09-01 18:00:50 DeleteOtherFiles: Unregistered MSCM 2015-09-01 18:00:50 Error deleting file: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll.stf00 with error: Access is denied. . 2015-09-01 18:00:50 Error deleting file: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll.stf11 with error: Access is denied. . 2015-09-01 18:00:50 Error deleting file: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll.stf16 with error: Access is denied. . 2015-09-01 18:00:50 Error deleting file: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll.stf01 with error: Access is denied. . 2015-09-01 18:00:51 Error deleting file: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll.stf06 with error: Access is denied. . 2015-09-01 18:00:51 Error deleting file: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll.stf07 with error: Access is denied. . 2015-09-01 18:00:51 Error deleting file: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll.stf09 with error: Access is denied. . 2015-09-01 18:00:51 Error deleting file: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll.stf10 with error: Access is denied. . 2015-09-01 18:00:51 DeleteOtherFiles: GetRidOfExistingDetoured - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll detoured exists, proceeding to rename it & mark for delete. 2015-09-01 18:00:51 DeleteOtherFiles: PROCESSOR_ARCHITECTURE environment variable is: AMD64 2015-09-01 18:00:51 DeleteOtherFiles: GetRidOfExistingDetoured - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll detoured exists, proceeding to rename it & mark for delete. 2015-09-01 18:00:51 DeleteOtherFiles: GetRidOfExistingDetoured - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\detoured.dll does not exist, no further action. 2015-09-01 18:00:51 DeleteOtherFiles: Deleting config file folder 2015-09-01 18:00:51 DeleteOtherFiles: Failed to delete config folder, 2 2015-09-01 18:00:51 DeleteOtherFiles: Action succeeded 2015-09-01 18:00:51 ForceDeleteFiles: Action started 2015-09-01 18:00:51 ForceDeleteFiles: Error deleting DesktopMessaging registry key. Returned error was: The system cannot find the file specified. 2015-09-01 18:00:51 ForceDeleteFiles: Action succeeded 2015-09-01 18:00:51 RunErrorScripts: Action started 2015-09-01 18:00:51 RunErrorScripts: Action succeeded 2015-09-01 18:00:51 RestoreMovedFiles: Action started 2015-09-01 18:00:51 RestoreMovedFiles: Action succeeded 2015-09-01 18:00:51 SetUpdateFailed: Action started 2015-09-01 18:00:51 SetUpdateFailed: Unable to create an instance of ComponentManager - SystemInformation cannot be informed of end of update 2015-09-01 18:00:51 SetUpdateFailed: Action succeeded