Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 5 subscribers
  • Views 17148 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Local Cache Corruption causes shutdown after login

RMDS

We are having a major problem wit the deployment of DX and DP on workstations.  After installing both products and receiving the polcies and keys from the server the computer becomes a paper weight by shutting itself off immediately after login because the LocalCache becomes corrupted.  We have to boot into safe mode and change the GINA string in the registry back to msgina.dll and then boot into normal mode and completely unistall all applications.  Needless to say, because of this little glitch we have not been able to deploy this past our test environment..  I have opened a ticket with support, but they have not been able to figure it out yet.  I have a feeling it may have something to do with our AV (we run McAfree Enterprise 8.5.0i) and we have exempted all the places Sophos has advised.  I thought I had it resolved at one point last week because I was able to reboot a system about 10 times without any problems.  Then wehn I came in on Monday and powered it up it shut itself down after login.

Are there any other users out there that have had similar problems that may be able to shed some light on the issue???

:239


This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    We were experiencing SGN cache corruption for over a year, and were going back and forth with SGN support with debugs, but the issue never got resolved. - We just had very annoyed users!

    As advised by Sophos support, it was quote; "something to do with our environment". If I had a British pound for every time I heard that from Sophos I'd be a very rich man by now! ;)

    Then in May this year Sophos End-Point solution 10.0.4 update was released. This was marketed by Sophos as having various "enhancements" to the Windows driver and Sophos Web Protection and Live Protection Functionality (LSP).

    These "enhancements" (don't we love marketing departments) were actually bug fixes, which Sophos tech like to call "defects".

    In particular one of these defects was: #DEF76953 "Endpoint shutdown after "blocked file transfer"".

     Upon finding out this information I contacted Sophos technical support and asked them to see if this "defect" was related to a case I had open for a very long time (11 months to be precise). After a bit of back and forth it was confirmed that it was.

    So, I waited for the new update to End-Point...

    Sure enough when we updated to End-Point 10.0.4 our SGN cache corruptions disappeared overnight.

    Another thing to highlight here is that of EVERY instance of an SGN corruption we have experienced was due to end-point. And no; we have had more than one ;)

    Now, in no way whatsoever am I saying that any Sophos products are the cause of your problems, but I am saying that they should not be overlooked.

    Happy hunting.

    John

    P.S. Now if only someone from Sophos could tell me the truth as to why they don’’’’t list their defects in a secure online customer KEDB like other vendors do. – (We all know it’’’’s really because Marketing see it as bad press), but don’’’’t you think it’’’’s worse to keep you customers in the dark for over a year, and then silently release a fix.

    I realise that some of the defects may list potential vulnerabilities, and I understand why you chose not to publish those.

    :25679
Reply
  • 0

    Hi,

    We were experiencing SGN cache corruption for over a year, and were going back and forth with SGN support with debugs, but the issue never got resolved. - We just had very annoyed users!

    As advised by Sophos support, it was quote; "something to do with our environment". If I had a British pound for every time I heard that from Sophos I'd be a very rich man by now! ;)

    Then in May this year Sophos End-Point solution 10.0.4 update was released. This was marketed by Sophos as having various "enhancements" to the Windows driver and Sophos Web Protection and Live Protection Functionality (LSP).

    These "enhancements" (don't we love marketing departments) were actually bug fixes, which Sophos tech like to call "defects".

    In particular one of these defects was: #DEF76953 "Endpoint shutdown after "blocked file transfer"".

     Upon finding out this information I contacted Sophos technical support and asked them to see if this "defect" was related to a case I had open for a very long time (11 months to be precise). After a bit of back and forth it was confirmed that it was.

    So, I waited for the new update to End-Point...

    Sure enough when we updated to End-Point 10.0.4 our SGN cache corruptions disappeared overnight.

    Another thing to highlight here is that of EVERY instance of an SGN corruption we have experienced was due to end-point. And no; we have had more than one ;)

    Now, in no way whatsoever am I saying that any Sophos products are the cause of your problems, but I am saying that they should not be overlooked.

    Happy hunting.

    John

    P.S. Now if only someone from Sophos could tell me the truth as to why they don’’’’t list their defects in a secure online customer KEDB like other vendors do. – (We all know it’’’’s really because Marketing see it as bad press), but don’’’’t you think it’’’’s worse to keep you customers in the dark for over a year, and then silently release a fix.

    I realise that some of the defects may list potential vulnerabilities, and I understand why you chose not to publish those.

    :25679
Children
No Data
Unfiltered HTML