Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 16 replies
  • Subscribers 1 subscriber
  • Views 31205 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Insufficient privileges

nickm

Hi,

I'm running Sophos 9 standalone.

I started getting this, irrespective of the user account on this machine:

"You do not have sufficient privileges to run the Sophos Anti-Virus main application.
You are not a member of one of the Sophos groups. In order to be able to launch this application, you must be a member of SophosAdministrator, SophosPowerUser or SophosUser group. Please contact the Administrator."

I've looked at the relevant knowledge base article, but there seems to be nothing obvious I can do to fix this.  I can't assign users to the sophos groups on a standalone, can I?

I'm a bit concerned that this may be associated with an install of Chrome today, which won't run anymore.  Windows security center doesn't think that Sophos is running anymore, but the system tray icon is present, and seems to show update action.

I have downloaded and re-installed Sophos, but with the same result.

Any idea what is going on?  Sorry if I'm doing something daft here!

Nick

:2159


This thread was automatically locked due to age.
Parents
  • 0

    Hi Nick,

    You can assign users to the local groups of Sophos, however if you're using the same account now as when you were able to open Sophos it seems unlikely you are no longer of the local SophosAdministrators group.  It is worth checking though.  If you right click on my computer and choose manage, you should be able to find the users and groups,  from there, check who is a member of the above Sophos group.  Hopefully the account you are logged in as is.  If you do find yourself missing add yourself back in.  You will not need to log off and on before the permissions are granted.

    If the group membership looks good, and you also mention problems with other applications.  I would suggest permissions, either at a file or registry level are the most likely.  How much memory is the savservice.exe process consuming on the machine.  It should be in the order of ~60 to ~90 MB.  If it is significantly less, i.e. in the range of 10 MB, it would suggest the failure to load a significant portion of the components.

    You may wish to rule out a virus by running a command line scan of the machine, ideally this would be run from files taken from a known clean machine but you'll probably be safe running sav32cli from the local machine, to do so. launch a command prompt as administrator, navigate to "C:\Program Files\Sophos\Sophos Anti-Virus" or the relevant directory and run SAV32CLI.  It would be interesting to see, a) if this works, proving that the virus data is in good order and b) there doesn't appear to be any obvious piece of malware on the machine.

    Failing all this, I would suggest:

    1. Stop the SAVService (from using the service control manager SCM. Start->Run and type "services.msc"

    2. Get a copy of ProcessMonitor from http://live.sysinternals.com/Procmon.exe

    3. Start Process Monitor running.

    4. Start the SAVService using the SCM.

    5, After SAVService seems to have started stop Process Monitor from capturing

    6. Search for "Access Denied" this is usually a good place to start.

    7. Fix any permission problems on either the registry or files that are incorrect.  Ideally using a reference system to compare ACLs.

    8. Start SAVService.

    9. Start the GUI of SAV, hopefully all is in order.

    I hope this helps and gives you a few things to try.

    Thanks

    JAK

    :2160
Reply
  • 0

    Hi Nick,

    You can assign users to the local groups of Sophos, however if you're using the same account now as when you were able to open Sophos it seems unlikely you are no longer of the local SophosAdministrators group.  It is worth checking though.  If you right click on my computer and choose manage, you should be able to find the users and groups,  from there, check who is a member of the above Sophos group.  Hopefully the account you are logged in as is.  If you do find yourself missing add yourself back in.  You will not need to log off and on before the permissions are granted.

    If the group membership looks good, and you also mention problems with other applications.  I would suggest permissions, either at a file or registry level are the most likely.  How much memory is the savservice.exe process consuming on the machine.  It should be in the order of ~60 to ~90 MB.  If it is significantly less, i.e. in the range of 10 MB, it would suggest the failure to load a significant portion of the components.

    You may wish to rule out a virus by running a command line scan of the machine, ideally this would be run from files taken from a known clean machine but you'll probably be safe running sav32cli from the local machine, to do so. launch a command prompt as administrator, navigate to "C:\Program Files\Sophos\Sophos Anti-Virus" or the relevant directory and run SAV32CLI.  It would be interesting to see, a) if this works, proving that the virus data is in good order and b) there doesn't appear to be any obvious piece of malware on the machine.

    Failing all this, I would suggest:

    1. Stop the SAVService (from using the service control manager SCM. Start->Run and type "services.msc"

    2. Get a copy of ProcessMonitor from http://live.sysinternals.com/Procmon.exe

    3. Start Process Monitor running.

    4. Start the SAVService using the SCM.

    5, After SAVService seems to have started stop Process Monitor from capturing

    6. Search for "Access Denied" this is usually a good place to start.

    7. Fix any permission problems on either the registry or files that are incorrect.  Ideally using a reference system to compare ACLs.

    8. Start SAVService.

    9. Start the GUI of SAV, hopefully all is in order.

    I hope this helps and gives you a few things to try.

    Thanks

    JAK

    :2160
Children
No Data