Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 15 replies
  • Subscribers 1 subscriber
  • Views 7958 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Autoupdate failed and insufficient rights to do anything with Sophos

kiril982

Hi Sophos team,

I had to register as I have annoying problem with Sophos. The most I got from my IT admin (who is in Denmark while I am on a stay in China) is to uninstall it and instal something else. While that's the last option. I will give a last try to ask you.

I neither have the rights to manipulate with Sophos properly (it says "insufficient right"), nor the autoupdate funtion works. This is all from today when I tried to delete a virus or whatever was it from usb, and I noticed the first one. Once I tried to fix using your (increadibly confusing and overloaded) forums, the auto-update stoped working as well. Its a bit annoying and I got a bit frustrated.

1. I have tried to fix the "sufficient rights" issue by following your posted procedure i.e. updating the SID numbers using the SophosLocalGroups.txt file but it didn't work. I also downloaded some file, and than copied it in the indicated lcoation and run it (which was suppose to automatically updade the SIDS) but it was waste of time in both reading and doing it.

2. I have tried to fix the auto-update issue, i even don't remember what I did, but i stoped the Sophos virus protection and did what was written in your post and activated it again. It didn't work.

Is there any solution except spending hours and trying to understand what SID and DSN settings are or?

Thanks a lot,

Kiril

p.s. for the record, when I start up my pc, the notification appears with "Sophos Endpoing Secirity and Control updater has faild to download", and in the update log the following appears (the other updates seem to work properly- as it says in the log):

Time: 23-07-2012 23:37:14
Message: Could not connect to the server. Check that this computer is connected to the network and that Sophos AutoUpdate is configured to update from the correct location with the correct credentials and proxy details (if required)
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:37:13
Message: Downloading product Sophos AutoUpdate from server \\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:37:11
Message: Could not add a connection to server \\SOFUS\SophosUpdate; user djf\sophos; Windows error 53
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:37:09
Message: Could not connect to the server. Check that this computer is connected to the network and that Sophos AutoUpdate is configured to update from the correct location with the correct credentials and proxy details (if required)
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:37:08
Message: Downloading product SAVXP from server \\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:37:06
Message: Could not add a connection to server \\SOFUS\SophosUpdate; user djf\sophos; Windows error 53
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:37:04
Message: Could not connect to the server. Check that this computer is connected to the network and that Sophos AutoUpdate is configured to update from the correct location with the correct credentials and proxy details (if required)
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:37:03
Message: Downloading product RMSNT from server \\SOFUS\SophosUpdate\CIDs\S000\SAVSCFXP\
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:37:01
Message: Could not add a connection to server \\SOFUS\SophosUpdate; user djf\sophos; Windows error 53
Module: CIDUpdate
Process ID: 4808
Thread ID: 4412

Time: 23-07-2012 23:36:38
Message: *************** Sophos AutoUpdate started ***************
Module: ALUpdate
Process ID: 4808
Thread ID: 4412

:27249


This thread was automatically locked due to age.
Parents
  • 0

    Hello Kiril,

    right now I get inconsistent results doing the lookup - whatever the cause.

    Anyway, when connected via VPN it should use a "private" nameserver, not one from the site which provides access to the network. As you get the external (130.xxx.xxx.xxx) address in both cases it's no surprise that you can't connect to the server. Is this "your" VPN (Det Jordbrugsvidenskabelige Fakultet) or is it used to get access to the Center for Agricultural Resources Research network?

    W32/AutoRun-MO (see the link for the analysis) is well-known and that it has been found on the stick suggests the PC you plugged it in is infected. Seems like Sophos successfully detected it but you might want to check your machine for items similar to those mentioned in the analysis.

    4.77G is definitely old (4.79 is current and 4.80 is due next week but given you can't reach the update location it's the expected version) - thus I'm surprised that WSC shows all green, but then I'm no expert when it comes to WSC.

    Re user rights in the GUI: Adding your account (assuming you have administrative rights on the machine) to the SophosAdministrator group should give you Sophos Administrator rights the next time you open the GUI. But even if this doesn't work you should be able to view the Software details on this page. What does it say for Last updated (right above Components)? Note that the Last updated in the Status pane on the left shows the time of the last check whereas under Software you see the time when actually something was downloaded.

    Christian

    :27313
Reply
  • 0

    Hello Kiril,

    right now I get inconsistent results doing the lookup - whatever the cause.

    Anyway, when connected via VPN it should use a "private" nameserver, not one from the site which provides access to the network. As you get the external (130.xxx.xxx.xxx) address in both cases it's no surprise that you can't connect to the server. Is this "your" VPN (Det Jordbrugsvidenskabelige Fakultet) or is it used to get access to the Center for Agricultural Resources Research network?

    W32/AutoRun-MO (see the link for the analysis) is well-known and that it has been found on the stick suggests the PC you plugged it in is infected. Seems like Sophos successfully detected it but you might want to check your machine for items similar to those mentioned in the analysis.

    4.77G is definitely old (4.79 is current and 4.80 is due next week but given you can't reach the update location it's the expected version) - thus I'm surprised that WSC shows all green, but then I'm no expert when it comes to WSC.

    Re user rights in the GUI: Adding your account (assuming you have administrative rights on the machine) to the SophosAdministrator group should give you Sophos Administrator rights the next time you open the GUI. But even if this doesn't work you should be able to view the Software details on this page. What does it say for Last updated (right above Components)? Note that the Last updated in the Status pane on the left shows the time of the last check whereas under Software you see the time when actually something was downloaded.

    Christian

    :27313
Children
No Data