Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 9 subscribers
  • Views 8589 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Multiple versions installed

KingRolo

Hello!

After today updates, I can see that previous version is also installed. 

Central AV is acting normally. What should I check?

 

Regards



This thread was automatically locked due to age.
Parents
  • 0

    I alos have it !

    Multiple versions installed
    V. 10.6.3.537, V. 10.8.1.217

     
  • 0 in reply to Hupf

    The KBA suggests to open a ticket but it's all based on registry keys.

    If you run Process Monitor, with a filter for registry events and "Path" - "contains" -  "\installer\", you will see roughly what is happening.  For example, with the above filter in place and refreshing the "Installed Components" page, SophosDiag.exe is querying the keys under:

    HKCR\Installer\UpgradeCodes\

    So as an example, for the component "Sophos Endpoint", which exists under:

    HKEY_CLASSES_ROOT\Installer\Products\EA24592DC7824E24BA8283851EC3A1E3\

    This is referenced from the value under:
    HKEY_CLASSES_ROOT\Installer\UpgradeCodes\7A41AF7D7BEAD94418670A2A0C5FFD9E

    REG_SZ - EA24592DC7824E24BA8283851EC3A1E3

    Therefore, I would suggest, search under 

    HKEY_CLASSES_ROOT\Installer\Products\

    for "Sophos Anti-Virus" to find the SAV component.  E.g. HKEY_CLASSES_ROOT\Installer\Products\55F6FAB44EFFA3A43876CCE2BBF0113C
    Then take the key name, e.g 55F6FAB44EFFA3A43876CCE2BBF0113C and search for it under: HKEY_CLASSES_ROOT\Installer\Products\

    I suspect under a key under HKEY_CLASSES_ROOT\Installer\UpgradeCodes\ you will find one pointing to 2 different "Products" keys for Sophos Anti-Virus.

    I assume you have the 10.8.1.217 actually installed and this is the only version of Sophos Anti-Virus listed under: 
    HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall

    You should be able to just delete the second value under the key HKEY_CLASSES_ROOT\Installer\UpgradeCodes\XXXXXXX\ that points to the version that isn't installed, i.e. the 10.6.3 version.

    Regards,

    Jak 

     

     

Reply
  • 0 in reply to Hupf

    The KBA suggests to open a ticket but it's all based on registry keys.

    If you run Process Monitor, with a filter for registry events and "Path" - "contains" -  "\installer\", you will see roughly what is happening.  For example, with the above filter in place and refreshing the "Installed Components" page, SophosDiag.exe is querying the keys under:

    HKCR\Installer\UpgradeCodes\

    So as an example, for the component "Sophos Endpoint", which exists under:

    HKEY_CLASSES_ROOT\Installer\Products\EA24592DC7824E24BA8283851EC3A1E3\

    This is referenced from the value under:
    HKEY_CLASSES_ROOT\Installer\UpgradeCodes\7A41AF7D7BEAD94418670A2A0C5FFD9E

    REG_SZ - EA24592DC7824E24BA8283851EC3A1E3

    Therefore, I would suggest, search under 

    HKEY_CLASSES_ROOT\Installer\Products\

    for "Sophos Anti-Virus" to find the SAV component.  E.g. HKEY_CLASSES_ROOT\Installer\Products\55F6FAB44EFFA3A43876CCE2BBF0113C
    Then take the key name, e.g 55F6FAB44EFFA3A43876CCE2BBF0113C and search for it under: HKEY_CLASSES_ROOT\Installer\Products\

    I suspect under a key under HKEY_CLASSES_ROOT\Installer\UpgradeCodes\ you will find one pointing to 2 different "Products" keys for Sophos Anti-Virus.

    I assume you have the 10.8.1.217 actually installed and this is the only version of Sophos Anti-Virus listed under: 
    HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall

    You should be able to just delete the second value under the key HKEY_CLASSES_ROOT\Installer\UpgradeCodes\XXXXXXX\ that points to the version that isn't installed, i.e. the 10.6.3 version.

    Regards,

    Jak 

     

     

Children
No Data
Unfiltered HTML