Hello,
I am writing for some help. I have some issues which may be related. In summary, I am unable to start the Sophos Anti-Virus service and the on-access scanning is disabled. This just recently started maybe about a week ago. Before that, it was working great.
Before I begin, I am using product version 10.0 that is listed on the left side of the screen in the status section of the Sophos Endpoint Security and Control. I also have Windows XP with the latest service pack.
Ironically, I was able to do scan last week but somehow something must have happened when I used the registry cleaner called CCleaner and it must have missed up the registry. Believing this may have been the problem I then tried to restore my system to an earlier date but the problem still persisted so I undid the system restore back. I am guessing there must be something else that has changed or something else has gone wrong. I am just not sure.
If anyone can help, any help is most appreciated.
I also prefer to not uninstall and reinstall Sophos.
1. On-Access Scanning is disabled in the Sophos Endpoint Security and Control. Everything is grayed out except for the following:
-- in the Firewall section: Configure Firewall, View Firewall
-- in the Updating section: Configuring Updating, View Updating Log
2. All buttons on the toolbar at the top of the screen are grayed out or disabled except the help button. The back, forward, and home buttons are disabled.
3. I also tried to re-register the savi.dll and rebooting but again I was unable to start the Sophos Anti-Virus service. This was a suggestion by another user but it didn't work.
4. In services.msc, I tried to manually start the Sophos Anti-Virus service but it failed with the generic error:
Could not start the Sophos anti-virus service on local computer. Error 0x80004005
5. On my task bar, the blue shield Sophos icon has the tooltip Sophos Protection and has a red cross.
Anti-virus and HIPS: service failure
Last checked for updates: 2/10/14
6. Since Sophos was working a few weeks ago, I don't believe this is a permission issue. I was always able to run a scan without problems, but now I can't for some reason. (I checked the log on tab (services.msc -> right click the Sophos Anti-Virus service and select the log on tab) and the user is NT Authority\LocalService which has not changed. It has always been this. I don't want to change it to local system account as that was not how it was set up and I don't recall the password either. This is probably a moot point.)
So at this moment, it looks like my system is not being protected which has me worried.
7. Based on another user's suggestion, I also checked for the following registry key and it was found. See attached jpg picture that shows this registry key.
[HKEY_CLASSES_ROOT\CLSID\{91C4C540-9FDD-11D2-AFAA-00105A305A2B}]
@="Sophos SAV Interface"
"AppID"="{91C4C540-9FDD-11D2-AFAA-00105A305A2B}"
[HKEY_CLASSES_ROOT\CLSID\{91C4C540-9FDD-11D2-AFAA-00105A305A2B}\InProcServer32]
@="C:\\program files\\sophos\\sophos anti-virus\\savi.dll"
"ThreadingModel"="Both"
[HKEY_CLASSES_ROOT\CLSID\{91C4C540-9FDD-11D2-AFAA-00105A305A2B}\ProgID]
@="SAVI.SAVI.3"
[HKEY_CLASSES_ROOT\CLSID\{91C4C540-9FDD-11D2-AFAA-00105A305A2B}\VersionIndependentProgID]
@="SAVI.SAVI"
Thanks in advance. Any help is most appreciated.
I have attached screen shots to show you what I am seeing just in case I am not clear.
This thread was automatically locked due to age.
