Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +3 person also asked this people also asked this
  • Locked Locked
  • Replies 17 replies
  • Subscribers 22 subscribers
  • Views 51979 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

The security health cannot be reported at the moment error

Jeff Odell

I installed InterceptX onto a computer and i get following error.  "The security health cannot be reported at the moment" in Sophos Central.  Is there a fix for this? 



This thread was automatically locked due to age.
  • 0 in reply to Beverly Glen

    Hi  

    The Sophos Health Service is responsible for creating the registry keys under HKLM\Software\Wow6432node\sophos\Health\Status. The MCS Agent Service reads these keys to report the Health status. This error occurs when there are problems writing the values, for which Process monitor logs will be helpful to monitor what happens when you start Sophos health Service, in terms of the above keys. I would recommend you to open a support case for in-depth investigation. 

    Shweta

    Community Support Engineer | Sophos Technical Support
    Are you a Sophos Partner? | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
    The New Home of Sophos Support Videos! - Visit Sophos Techvids
  • 0

    Sophos needs to fix the issue in their installer. I have found that the issue occurs when you try to install Sophos after the warning of "It is recommended that you reboot your machine before installing..." but ignore it, and install anyways. Sophos should either require a reboot or prevent you from installing, if this issue is going to occur. We didn't realize this until we had 8-9 computers with the service error. What we've found as a way to fix it, without entering safe mode is to run the commands listed in this KB article:

    https://community.sophos.com/kb/en-us/124218

    I did end up scripting this as a batch file and was able to deploy it with PDQ Deploy - group policy wasn't working for us, but other deployment methods should work as long as they run it as admin or as the local service account.

    1. Open an Elevated (Administrative) Command Prompt (Search for cmd.exe or command prompt, right-click, Run as Administrator)
    2. Run the following commands in order:
       fsutil resource setautoreset true c:\
       attrib -r -s -h c:\windows\System32\Config\TxR\*
       del c:\windows\System32\Config\TxR\*
       attrib -r -s -h c:\windows\System32\SMI\Store\Machine\*
       del c:\windows\System32\SMI\Store\Machine\*.tm*
       del c:\windows\System32\SMI\Store\Machine\*.blf
       del c:\windows\System32\SMI\Store\Machine\*.regtrans-ms
    3. Restart the computer

    Batch File:

    Echo On
    fsutil resource setautoreset true c:\
    attrib -r -s -h c:\windows\System32\Config\TxR\*
    echo y | del c:\windows\System32\Config\TxR\*
    attrib -r -s -h c:\windows\System32\SMI\Store\Machine\*
    del c:\windows\System32\SMI\Store\Machine\*.tm*
    del c:\windows\System32\SMI\Store\Machine\*.blf
    del c:\windows\System32\SMI\Store\Machine\*.regtrans-ms
    exit

  • 0 in reply to Jack Beggs

    The version of Sophos Health in the EAP for new features no longer uses the transactional registry APIs so I guess any problems with the dependency on that working goes away in the future.

    Regards,

    Jak

  • 0

    Any update on this, I noticed this error reoccurring on a clients system, then I had the same issue with my laptop.  Looking at our estate there are many systems with the same problem.

  • +1 in reply to McDuck

    Hi  

    Please have a look at this related post, if it helps.

  • +1 in reply to DianneY

    Thanks, but the link is dead.

  • 0 in reply to McDuck

    Sorry about that. I've now updated the original reply with a working link.

Unfiltered HTML