Its value is '1'.MSI (c) (D0:54) [17:15:57:694]: PROPERTY CHANGE: Adding Privileged property. Return value 1.MSI (s) (24:68) [17:15:59:675]: Skipping RemoveExistingProducts action: current configuration is maintenance mode or an uninstallAction start 17:15:59: RemoveExistingProducts.MSI (s) (24:68) [17:15:59:675]: Doing action: InstallInitializeMSI (s) (24:68) [17:15:59:675]: Note: 1: 2205 2: 3: ActionText Action ended 17:15:59: RemoveExistingProducts. Its value is '405'.MSI (s) (24:68) [17:15:57:736]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\RoamingMSI (s) (24:68) [17:15:57:737]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\FavoritesMSI (s) (24:68) [17:15:57:737]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network ShortcutsMSI (s) (24:68) [17:15:57:738]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\DocumentsMSI (s) (24:68) [17:15:57:739]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer ShortcutsMSI (s) (24:68) [17:15:57:739]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\RecentMSI (s) (24:68) [17:15:57:740]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendToMSI (s) (24:68) [17:15:57:741]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\TemplatesMSI (s) (24:68) [17:15:57:741]: SHELL32::SHGetFolderPath returned: C:\ProgramDataMSI (s) (24:68) [17:15:57:742]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\LocalMSI (s) (24:68) [17:15:57:742]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\PicturesMSI (s) (24:68) [17:15:57:744]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative ToolsMSI (s) (24:68) [17:15:57:744]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartupMSI (s) (24:68) [17:15:57:745]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Start Menu\ProgramsMSI (s) (24:68) [17:15:57:746]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Start MenuMSI (s) (24:68) [17:15:57:746]: SHELL32::SHGetFolderPath returned: C:\Users\Public\DesktopMSI (s) (24:68) [17:15:57:748]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative ToolsMSI (s) (24:68) [17:15:57:749]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartupMSI (s) (24:68) [17:15:57:749]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\ProgramsMSI (s) (24:68) [17:15:57:750]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start MenuMSI (s) (24:68) [17:15:57:751]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\DesktopMSI (s) (24:68) [17:15:57:751]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\TemplatesMSI (s) (24:68) [17:15:57:752]: SHELL32::SHGetFolderPath returned: C:\Windows\FontsMSI (s) (24:68) [17:15:57:752]: Note: 1: 2898 2: MS Sans Serif 3: MS Sans Serif 4: 0 5: 16 MSI (s) (24:68) [17:15:57:760]: MSI_LUA: Setting AdminUser property to 1 because the product is already installed managed and per-machineMSI (s) (24:68) [17:15:57:760]: MSI_LUA: Setting MsiRunningElevated property to 1 because the install is already running elevated.MSI (s) (24:68) [17:15:57:760]: PROPERTY CHANGE: Adding MsiRunningElevated property. Return value 1.Action start 17:16:00: RemoveRegistryValues.MSI (s) (24:68) [17:16:00:025]: Doing action: RemoveShortcutsMSI (s) (24:68) [17:16:00:025]: Note: 1: 2205 2: 3: ActionText Action ended 17:16:00: RemoveRegistryValues. For more information about syntax and use of wildcards, go to Windows Scanning Exclusions: Wildcards and Variables. Its value is 'C:\Windows\system32'.MSI (s) (24:68) [17:15:57:735]: PROPERTY CHANGE: Adding CLIENTUILEVEL property. ocr civil monetary penalties. Copyright 1990, 1993 The Regents of the University of California. Return value 1.MSI (s) (24:68) [17:15:57:768]: Machine policy value 'MaxPatchCacheSize' is 10MSI (s) (24:68) [17:15:57:768]: Baseline: Sorting baselines for {8D7BB12C-6854-46DF-A67D-F82D778D75C8}.MSI (s) (24:68) [17:15:57:768]: Baseline: New baseline 2.1.44 from transaction.MSI (s) (24:68) [17:15:57:768]: Baseline: Sorted order Native: Order 0.MSI (s) (24:68) [17:15:57:768]: Baseline Data Table:MSI (s) (24:68) [17:15:57:768]: ProductCode: {8D7BB12C-6854-46DF-A67D-F82D778D75C8} Version: 2.1.44 Attributes: 0 PatchId: Native BaselineId: -2147483648 Order: 0MSI (s) (24:68) [17:15:57:768]: Baseline File Table:MSI (s) (24:68) [17:15:57:769]: PROPERTY CHANGE: Adding ROOTDRIVE property. 2. This article will talk about one of the best Virus removal tools for Windows, known as the Sophos Virus Removal Tool. They also normally only cover Windows OS. Its new value: 'C:\Program Files\Sophos\Sophos UI\pl\'.MSI (s) (24:68) [17:15:57:778]: PROPERTY CHANGE: Modifying JapaneseDirectory property. Sophos Home Premium is the company's paid consumer-level product. When the User Account Control message appears, select Yes . setup::MsiInstaller::install: Installed version: {8D7BB12C-6854-46DF-A67D-F82D778D75C8}, version: 2.1.44.0setup::MsiInstaller::install: Performing minor upgradesetup::MsiInstaller::upgrade: Running upgradesetup::MsiInstaller::installOrUpgrade: Executing: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\Sophos UI.msi INSTALLDIR="" REBOOT=ReallySuppress REINSTALLMODE=vmuso REINSTALL=ALL INSTALLINGVERSION="2.1.44.0" ARPSYSTEMCOMPONENT=1setup::MsiInstaller::tryRunMsi: Running MSI command, attempt (1 of 10)=== Verbose logging started: 25/03/2021 17:15:57 Build type: SHIP UNICODE 5.00.7601.00 Calling process: C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\su-setup32.exe ===MSI (c) (D0:88) [17:15:57:701]: Resetting cached policy valuesMSI (c) (D0:88) [17:15:57:701]: Machine policy value 'Debug' is 0MSI (c) (D0:88) [17:15:57:701]: ******* RunEngine: ******* Product: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\Sophos UI.msi ******* Action: ******* CommandLine: **********MSI (c) (D0:88) [17:15:57:702]: Client-side and UI is none or basic: Running entire install on the server.MSI (c) (D0:88) [17:15:57:702]: Grabbed execution mutex.MSI (c) (D0:88) [17:15:57:703]: Cloaking enabled.MSI (c) (D0:88) [17:15:57:703]: Attempting to enable all disabled privileges before calling Install on ServerMSI (c) (D0:88) [17:15:57:703]: Incrementing counter to disable shutdown. If you can confirm that you have the extended support. Dumping Directory tableMSI (s) (24:68) [17:16:05:243]: Dir (source): Key: TARGETDIR , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\ , LongSubPath: , ShortSubPath: MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: WindowsFolder , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\ , LongSubPath: , ShortSubPath: MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: ProgramMenuFolder , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\ , LongSubPath: , ShortSubPath: MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: SophosProgramsFolder , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\Sophos\ , LongSubPath: Sophos\ , ShortSubPath: MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: ProgramFilesFolder , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\ , LongSubPath: , ShortSubPath: MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: Sophos , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\Sophos\ , LongSubPath: Sophos\ , ShortSubPath: MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: INSTALLDIR , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\Sophos\Sophos UI\ , LongSubPath: Sophos\Sophos UI\ , ShortSubPath: Sophos\vqmqt5st\MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: ChineseTraditionalDirectory , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\Sophos\Sophos UI\zh-Hant\ , LongSubPath: Sophos\Sophos UI\zh-Hant\ , ShortSubPath: Sophos\vqmqt5st\zh-Hant\MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: ChineseSimplifiedDirectory , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\Sophos\Sophos UI\zh-Hans\ , LongSubPath: Sophos\Sophos UI\zh-Hans\ , ShortSubPath: Sophos\vqmqt5st\zh-Hans\MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: PortugueseBrazilDirectory , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\Sophos\Sophos UI\pt-BR\ , LongSubPath: Sophos\Sophos UI\pt-BR\ , ShortSubPath: Sophos\vqmqt5st\pt-BR\MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: KoreanKoreaDirectory , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\Sophos\Sophos UI\ko-KR\ , LongSubPath: Sophos\Sophos UI\ko-KR\ , ShortSubPath: Sophos\vqmqt5st\ko-KR\MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: PolishDirectory , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\Sophos\Sophos UI\pl\ , LongSubPath: Sophos\Sophos UI\pl\ , ShortSubPath: Sophos\vqmqt5st\pl\MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: JapaneseDirectory , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\Sophos\Sophos UI\ja\ , LongSubPath: Sophos\Sophos UI\ja\ , ShortSubPath: Sophos\vqmqt5st\ja\MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: ItalianDirectory , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\Sophos\Sophos UI\it\ , LongSubPath: Sophos\Sophos UI\it\ , ShortSubPath: Sophos\vqmqt5st\it\MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: FrenchDirectory , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\Sophos\Sophos UI\fr\ , LongSubPath: Sophos\Sophos UI\fr\ , ShortSubPath: Sophos\vqmqt5st\fr\MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: SpanishDirectory , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\Sophos\Sophos UI\es\ , LongSubPath: Sophos\Sophos UI\es\ , ShortSubPath: Sophos\vqmqt5st\es\MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: GermanDirectory , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\Sophos\Sophos UI\de\ , LongSubPath: Sophos\Sophos UI\de\ , ShortSubPath: Sophos\vqmqt5st\de\MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: CzechDirectory , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\Sophos\Sophos UI\cs\ , LongSubPath: Sophos\Sophos UI\cs\ , ShortSubPath: Sophos\vqmqt5st\cs\MSI (s) (24:68) [17:16:05:243]: Dir (source): Key: EventsDirectory , Object: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\Sophos\Sophos UI\Events\ , LongSubPath: Sophos\Sophos UI\Events\ , ShortSubPath: Sophos\vqmqt5st\Events\MSI (s) (24:68) [17:16:05:244]: Doing action: PublishFeaturesMSI (s) (24:68) [17:16:05:244]: Note: 1: 2205 2: 3: ActionText Action ended 17:16:05: RegisterProduct. Hard Disk Used: The Sophos Home installer is about 250 MB in size. Its value is '{8D7BB12C-6854-46DF-A67D-F82D778D75C8}'.MSI (s) (24:68) [17:16:05:242]: SOURCEDIR ==> C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\ui\MSI (s) (24:68) [17:16:05:242]: SOURCEDIR product ==> {8D7BB12C-6854-46DF-A67D-F82D778D75C8}MSI (s) (24:68) [17:16:05:242]: Determining source typeMSI (s) (24:68) [17:16:05:243]: Source type from package 'Sophos UI.msi': 0MSI (s) (24:68) [17:16:05:243]: Source path resolution complete. Its current value is 'C:\Program Files\Sophos\Sophos UI\ja'. The Sophos Anti-Virus component is MSI based, so there is the major install log and a custom action log file. Return value 0.MSI (s) (24:68) [17:15:59:676]: Machine policy value 'AlwaysInstallElevated' is 0MSI (s) (24:68) [17:15:59:676]: User policy value 'AlwaysInstallElevated' is 0MSI (s) (24:68) [17:15:59:676]: BeginTransaction: Locking ServerMSI (s) (24:68) [17:15:59:676]: SRSetRestorePoint skipped for this transaction.MSI (s) (24:68) [17:15:59:676]: Server not locked: locking for product {8D7BB12C-6854-46DF-A67D-F82D778D75C8}MSI (s) (24:68) [17:15:59:982]: Using cached product context: machine assigned for product: C21BB7D84586FD646AD78FD277D8578CMSI (s) (24:68) [17:15:59:982]: Using cached product context: machine assigned for product: C21BB7D84586FD646AD78FD277D8578CMSI (s) (24:68) [17:15:59:982]: Using cached product context: machine assigned for product: C21BB7D84586FD646AD78FD277D8578CAction start 17:15:59: InstallInitialize.MSI (s) (24:68) [17:15:59:983]: Doing action: ProcessComponentsMSI (s) (24:68) [17:15:59:983]: Note: 1: 2205 2: 3: ActionText Action ended 17:15:59: InstallInitialize. Notes: There's no ongoing update if the View updating status is grayed out. Its value is '2'.MSI (c) (D0:54) [17:15:57:624]: Creating MSIHANDLE (1) of type 790537 for thread 5972MSI (c) (D0:54) [17:15:57:624]: MsiOpenPackageEx is returning 0MSI (c) (D0:54) [17:15:57:624]: Closing MSIHANDLE (1) of type 790537 for thread 5972=== Verbose logging stopped: 25/03/2021 17:15:57 ===, setup::MsiInstaller::install: New version: {8D7BB12C-6854-46DF-A67D-F82D778D75C8}, version: 2.1.44.0=== Verbose logging started: 25/03/2021 17:15:57 Build type: SHIP UNICODE 5.00.7601.00 Calling process: C:\ProgramData\Sophos\AutoUpdate\Cache\sophos_autoupdate1.dir\su-setup32.exe ===MSI (c) (D0:54) [17:15:57:651]: SOFTWARE RESTRICTION POLICY: Verifying package --> 'C:\Windows\Installer\16a728.msi' against software restriction policyMSI (c) (D0:54) [17:15:57:655]: SOFTWARE RESTRICTION POLICY: C:\Windows\Installer\16a728.msi has a digital signatureMSI (c) (D0:54) [17:15:57:655]: SOFTWARE RESTRICTION POLICY: C:\Windows\Installer\16a728.msi is permitted to run because the user token authorizes execution (system or service token).MSI (c) (D0:54) [17:15:57:656]: Cloaking enabled.MSI (c) (D0:54) [17:15:57:656]: Attempting to enable all disabled privileges before calling Install on ServerMSI (c) (D0:54) [17:15:57:657]: End dialog not enabledMSI (c) (D0:54) [17:15:57:657]: Original package ==> C:\Windows\Installer\16a728.msiMSI (c) (D0:54) [17:15:57:657]: Package we're running from ==> C:\Windows\Installer\16a728.msiMSI (c) (D0:54) [17:15:57:658]: APPCOMPAT: Uninstall Flags override found.MSI (c) (D0:54) [17:15:57:658]: APPCOMPAT: Uninstall VersionNT override found.MSI (c) (D0:54) [17:15:57:658]: APPCOMPAT: Uninstall ServicePackLevel override found.MSI (c) (D0:54) [17:15:57:659]: APPCOMPAT: looking for appcompat database entry with ProductCode '{8D7BB12C-6854-46DF-A67D-F82D778D75C8}'.MSI (c) (D0:54) [17:15:57:659]: APPCOMPAT: no matching ProductCode found in database.MSI (c) (D0:54) [17:15:57:675]: MSCOREE not loaded loading copy from system32MSI (c) (D0:54) [17:15:57:682]: Machine policy value 'DisablePatch' is 0MSI (c) (D0:54) [17:15:57:682]: Machine policy value 'AllowLockdownPatch' is 0MSI (c) (D0:54) [17:15:57:682]: Machine policy value 'DisableLUAPatching' is 0MSI (c) (D0:54) [17:15:57:682]: Machine policy value 'DisableFlyWeightPatching' is 0MSI (c) (D0:54) [17:15:57:682]: Enabling baseline caching for this transaction since all active patches are MSI 3.0 style MSPs or at least one MSI 3.0 minor update patch is activeMSI (c) (D0:54) [17:15:57:683]: APPCOMPAT: looking for appcompat database entry with ProductCode '{8D7BB12C-6854-46DF-A67D-F82D778D75C8}'.MSI (c) (D0:54) [17:15:57:683]: APPCOMPAT: no matching ProductCode found in database.MSI (c) (D0:54) [17:15:57:683]: Transforms are not secure.MSI (c) (D0:54) [17:15:57:683]: Note: 1: 2205 2: 3: Control MSI (c) (D0:54) [17:15:57:683]: PROPERTY CHANGE: Adding MsiLogFileLocation property. Then, follow the steps 1-3 again. This will open the Properties for Sophos AutoUpdate window and show the Primary location tab. Bloking Windows Update in Sophos Firewall XG. *]: no files found2021-03-25T15:21:11.128Z [ 2236: 3676] [v6.7.306.0] WARN CollectFiles[%COMMON_APPDATA%\Sophos\Sophos Client Firewall\configuration.conf]: no files found2021-03-25T15:21:11.128Z [ 2236: 3676] [v6.7.306.0] WARN CollectFiles[%SYSTEMDRIVE%\scf-*]: no files found2021-03-25T15:21:11.128Z [ 2236: 3676] [v6.7.306.0] WARN CollectFiles[%USERPROFILE%\Local Settings\Application Data\Sophos\Sophos Client Firewall\*]: no files found2021-03-25T15:21:11.128Z [ 2236: 3676] [v6.7.306.0] WARN CollectFiles[[HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Sophos Client Firewall\Application\Path]\scf.dat]: no files found2021-03-25T15:21:11.128Z [ 2236: 3676] [v6.7.306.0] WARN CollectFiles[%PROGRAMFILESX86%\Sophos\SMC\PluginManager\Plugins\PatchPlugins\PatchEndpointCommunicator\PatchEndpointCommunicator.dll.config]: no files found2021-03-25T15:21:11.129Z [ 2236: 3676] [v6.7.306.0] INFO CollectFiles[C:\Users\BANG ADMIN\AppData\Local\Temp\avremove.log] collecting C:\Users\BANG ADMIN\AppData\Local\Temp\avremove.log2021-03-25T15:21:11.222Z [ 2236: 3676] [v6.7.306.0] INFO CollectFiles[C:\Users\BANG ADMIN\AppData\Local\Temp\avremove.log] collected C:\Users\BANG ADMIN\AppData\Local\Temp\avremove.log in 94ms2021-03-25T15:21:11.228Z [ 2236: 3676] [v6.7.306.0] INFO CollectFiles[C:\Windows\TEMP\avremove.log] collecting C:\Windows\TEMP\avremove.log2021-03-25T15:21:11.303Z [ 2236: 3676] [v6.7.306.0] INFO CollectFiles[C:\Windows\TEMP\avremove.log] collected C:\Windows\TEMP\avremove.log in 62ms2021-03-25T15:21:11.307Z [ 2236: 3676] [v6.7.306.0] WARN CollectFiles[%PROGRAMFILESX86%\Microsoft SQL Server\MSSQL*\MSSQL\LOG\ERRORLOG*]: no files found2021-03-25T15:21:11.308Z [ 2236: 3676] [v6.7.306.0] WARN CollectFiles[%PROGRAMFILES%\Microsoft SQL Server\MSSQL*\MSSQL\LOG\ERRORLOG*]: no files found2021-03-25T15:21:11.308Z [ 2236: 3676] [v6.7.306.0] WARN CollectFiles[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\SOPHOS\Setup\SQLPath]\Log\Errorlog. Endpoint Security and Control for Windows replaces Sophos Anti-Virus for Windows. Sophos EnterpriseConsole version 3.0, device control error messages display error numbers rather than error messages. 6. Allows you to manually set the installer language. Its value is 'C:'.MSI (s) (24:68) [17:15:57:777]: Note: 1: 2205 2: 3: Patch MSI (s) (24:68) [17:15:57:777]: Note: 1: 2205 2: 3: Condition MSI (s) (24:68) [17:15:57:777]: Using cached product context: machine assigned for product: C21BB7D84586FD646AD78FD277D8578CMSI (s) (24:68) [17:15:57:777]: Using cached product context: machine assigned for product: C21BB7D84586FD646AD78FD277D8578CMSI (s) (24:68) [17:15:57:777]: Machine policy value 'EnforceUpgradeComponentRules' is 0MSI (s) (24:68) [17:15:57:777]: Using cached product context: machine assigned for product: C21BB7D84586FD646AD78FD277D8578CMSI (s) (24:68) [17:15:57:777]: PROPERTY CHANGE: Modifying TARGETDIR property. Return value 1.Action start 17:16:05: LaunchApplication.MSI (s) (24:68) [17:16:05:250]: Skipping action: WixFailWhenDeferred (condition is false)MSI (s) (24:68) [17:16:05:250]: Doing action: InstallFinalizeMSI (s) (24:68) [17:16:05:250]: Note: 1: 2205 2: 3: ActionText Action ended 17:16:05: LaunchApplication. Its value is '{5C8C0B42-292F-4458-9945-96D6D5DBD920}'.MSI (s) (24:68) [17:15:57:734]: Product Code passed to Engine.Initialize: '{8D7BB12C-6854-46DF-A67D-F82D778D75C8}'MSI (s) (24:68) [17:15:57:734]: Product Code from property table before transforms: '{8D7BB12C-6854-46DF-A67D-F82D778D75C8}'MSI (s) (24:68) [17:15:57:734]: Product Code from property table after transforms: '{8D7BB12C-6854-46DF-A67D-F82D778D75C8}'MSI (s) (24:68) [17:15:57:734]: Product registered: entering maintenance modeMSI (s) (24:68) [17:15:57:734]: Using cached product context: machine assigned for product: C21BB7D84586FD646AD78FD277D8578CMSI (s) (24:68) [17:15:57:734]: Determined that existing product (either this product or the product being upgraded with a patch) is installed per-machine.MSI (s) (24:68) [17:15:57:734]: Using cached product context: machine assigned for product: C21BB7D84586FD646AD78FD277D8578CMSI (s) (24:68) [17:15:57:734]: Product {8D7BB12C-6854-46DF-A67D-F82D778D75C8} is admin assigned: LocalSystem owns the publish key.MSI (s) (24:68) [17:15:57:734]: Product {8D7BB12C-6854-46DF-A67D-F82D778D75C8} is managed.MSI (s) (24:68) [17:15:57:734]: Using cached product context: machine assigned for product: C21BB7D84586FD646AD78FD277D8578CMSI (s) (24:68) [17:15:57:734]: MSI_LUA: Credential prompt not required, user is an adminMSI (s) (24:68) [17:15:57:734]: PROPERTY CHANGE: Adding ProductState property. Note the timestamps on the end will match as they are a pair. If counter >= 0, shutdown will be denied. Its value is 'INSTALL'.MSI (s) (24:68) [17:15:57:761]: Doing action: INSTALLMSI (s) (24:68) [17:15:57:761]: Note: 1: 2205 2: 3: ActionText Action start 17:15:57: INSTALL.MSI (s) (24:68) [17:15:57:762]: Running ExecuteSequenceMSI (s) (24:68) [17:15:57:762]: Doing action: FindRelatedProductsMSI (s) (24:68) [17:15:57:762]: Note: 1: 2205 2: 3: ActionText MSI (s) (24:68) [17:15:57:763]: Skipping FindRelatedProducts action: not run in maintenance modeAction start 17:15:57: FindRelatedProducts.MSI (s) (24:68) [17:15:57:763]: Doing action: AppSearchMSI (s) (24:68) [17:15:57:763]: Note: 1: 2205 2: 3: ActionText Action ended 17:15:57: FindRelatedProducts. Save this file to a location of your choice where you can easily find it again such as your desktop or your Local Disk (C:). Sophos Home Premium is an unusual Windows and Mac antivirus which focuses on simplicity, yet still manages a decent feature list: real-time and on-demand virus protection, anti-ransomware,. Windows XP/XP Professional/Vista/7/8/10/11. for such software. Moving on to Windows, Sophos works on Windows 7 through 10. Its current value is 'C:\Program Files\Sophos\Sophos UI\pt-BR'. 2.9 on 7 votes. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
Its value is '{5C8C0B42-292F-4458-9945-96D6D5DBD920}'.MSI (c) (D0:54) [17:15:57:606]: Product Code passed to Engine.Initialize: '(none)'MSI (c) (D0:54) [17:15:57:606]: Product Code from property table before transforms: '{8D7BB12C-6854-46DF-A67D-F82D778D75C8}'MSI (c) (D0:54) [17:15:57:606]: Product Code from property table after transforms: '{8D7BB12C-6854-46DF-A67D-F82D778D75C8}'MSI (c) (D0:54) [17:15:57:606]: Product not registered: beginning first-time installMSI (c) (D0:54) [17:15:57:606]: Determined that existing product (either this product or the product being upgraded with a patch) is installed per-machine.MSI (c) (D0:54) [17:15:57:606]: PROPERTY CHANGE: Adding ProductState property. Its value is '{5C8C0B42-292F-4458-9945-96D6D5DBD920}'.MSI (c) (D0:54) [17:15:57:683]: Product Code passed to Engine.Initialize: '(none)'MSI (c) (D0:54) [17:15:57:683]: Product Code from property table before transforms: '{8D7BB12C-6854-46DF-A67D-F82D778D75C8}'MSI (c) (D0:54) [17:15:57:683]: Product Code from property table after transforms: '{8D7BB12C-6854-46DF-A67D-F82D778D75C8}'MSI (c) (D0:54) [17:15:57:683]: Product registered: entering maintenance modeMSI (c) (D0:54) [17:15:57:684]: Determined that existing product (either this product or the product being upgraded with a patch) is installed per-machine.MSI (c) (D0:54) [17:15:57:684]: PROPERTY CHANGE: Adding ProductState property. Its value is 'C:\Windows\TEMP\Sophos UI Install Log 20210325 171557.txt'.MSI (c) (D0:54) [17:15:57:606]: No Command Line.MSI (c) (D0:54) [17:15:57:606]: PROPERTY CHANGE: Adding PackageCode property. Sophos antivirus endpoint solution was installed successfully in dozens of machines, except in two. Many users wonder whether their antivirus of choice conflicts with Windows Defender. If you use Sophos Central, see Sophos Central. Return value 1.MSI (s) (24:68) [17:16:05:163]: Doing action: RemoveFilesMSI (s) (24:68) [17:16:05:163]: Note: 1: 2205 2: 3: ActionText Action ended 17:16:05: WixCloseApplications. Its value is '405'.MSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\RoamingMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\FavoritesMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network ShortcutsMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\DocumentsMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer ShortcutsMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\RecentMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendToMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\TemplatesMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\ProgramDataMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\LocalMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\PicturesMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative ToolsMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartupMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Start Menu\ProgramsMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Start MenuMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\Users\Public\DesktopMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative ToolsMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartupMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\ProgramsMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start MenuMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\Windows\system32\config\systemprofile\DesktopMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\TemplatesMSI (c) (D0:54) [17:15:57:686]: SHELL32::SHGetFolderPath returned: C:\Windows\FontsMSI (c) (D0:54) [17:15:57:686]: Note: 1: 2898 2: MS Sans Serif 3: MS Sans Serif 4: 0 5: 16 MSI (c) (D0:54) [17:15:57:694]: MSI_LUA: Setting AdminUser property to 1 because this is the client or the user has already permitted elevationMSI (c) (D0:54) [17:15:57:694]: MSI_LUA: Setting MsiRunningElevated property to 1 because the install is already running elevated.MSI (c) (D0:54) [17:15:57:694]: PROPERTY CHANGE: Adding MsiRunningElevated property. IN PARTICULAR, NEITHER THE AUTHOR NOR LUCENT MAKES ANY
Click the links below for steps: Detections . Product Version: 2.1.44.0. Expires after free 30-day trial Downloads Firewall Installers UTM Downloads Sophos Mobile SEC - Endpoint Clients (End of Life July 2023) Detected Log Lines Log Lines . To check if you have the extended support for win7 and win2008 servers, You need to login to your central dashboard in the upper right corner youll b able to see your super admin account with a drop-down, Failed to install Sophos Anti-Virus for Windows 7, Global Community and Digital Customer Support. Sophos Anti-Virus lies within Security Tools, more precisely Antivirus. AND `Patch`.`#_MsiActive`=? (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
*]: no files found2021-03-26T04:13:59.002Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%SystemDrive%\svsc_20\*.cfg]: no files found2021-03-26T04:13:59.002Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%COMMON_APPDATA%\Sophos\SLD\*]: no files found2021-03-26T04:13:59.005Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-1505bd5c-f726-41de-bdab-6ba3066a51e0.json] collecting C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-1505bd5c-f726-41de-bdab-6ba3066a51e0.json2021-03-26T04:13:59.032Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-1505bd5c-f726-41de-bdab-6ba3066a51e0.json] collected C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-1505bd5c-f726-41de-bdab-6ba3066a51e0.json in 15ms2021-03-26T04:13:59.036Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-233cb0d5-c926-4813-b4d0-af6e32a87386.json] collecting C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-233cb0d5-c926-4813-b4d0-af6e32a87386.json2021-03-26T04:13:59.045Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-233cb0d5-c926-4813-b4d0-af6e32a87386.json] collected C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-233cb0d5-c926-4813-b4d0-af6e32a87386.json in 0ms2021-03-26T04:13:59.049Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-96829721-9712-4f13-ad05-e02e4e7d87eb.json] collecting C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-96829721-9712-4f13-ad05-e02e4e7d87eb.json2021-03-26T04:13:59.050Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-96829721-9712-4f13-ad05-e02e4e7d87eb.json] collected C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-96829721-9712-4f13-ad05-e02e4e7d87eb.json in 0ms2021-03-26T04:13:59.054Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-9ee53569-357b-4422-ad3e-11b4e7de1ae1.json] collecting C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-9ee53569-357b-4422-ad3e-11b4e7de1ae1.json2021-03-26T04:13:59.067Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-9ee53569-357b-4422-ad3e-11b4e7de1ae1.json] collected C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-9ee53569-357b-4422-ad3e-11b4e7de1ae1.json in 15ms2021-03-26T04:13:59.072Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-b59dfe22-3fd5-4afa-8dd6-44a9543dbeed.json] collecting C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-b59dfe22-3fd5-4afa-8dd6-44a9543dbeed.json2021-03-26T04:13:59.080Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-b59dfe22-3fd5-4afa-8dd6-44a9543dbeed.json] collected C:\ProgramData\Sophos\Health\Event Store\Trail\2021-03-26T034055Z-b59dfe22-3fd5-4afa-8dd6-44a9543dbeed.json in 16ms2021-03-26T04:13:59.084Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Health\Event Store\Trail\794e4cf8-e8c7-4190-8e24-a5b6a741601a.json] collecting C:\ProgramData\Sophos\Health\Event Store\Trail\794e4cf8-e8c7-4190-8e24-a5b6a741601a.json2021-03-26T04:13:59.085Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Health\Event Store\Trail\794e4cf8-e8c7-4190-8e24-a5b6a741601a.json] collected C:\ProgramData\Sophos\Health\Event Store\Trail\794e4cf8-e8c7-4190-8e24-a5b6a741601a.json in 0ms2021-03-26T04:13:59.089Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Endpoint Defense\Config\EPH.conf] collecting C:\ProgramData\Sophos\Endpoint Defense\Config\EPH.conf2021-03-26T04:13:59.089Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Endpoint Defense\Config\EPH.conf] collected C:\ProgramData\Sophos\Endpoint Defense\Config\EPH.conf in 0ms2021-03-26T04:13:59.092Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Endpoint Defense\Config\SXA.conf] collecting C:\ProgramData\Sophos\Endpoint Defense\Config\SXA.conf2021-03-26T04:13:59.092Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Endpoint Defense\Config\SXA.conf] collected C:\ProgramData\Sophos\Endpoint Defense\Config\SXA.conf in 0ms2021-03-26T04:13:59.094Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%COMMON_APPDATA%\Sophos\Endpoint Defense\Config\*.dat]: no files found2021-03-26T04:13:59.096Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Endpoint Defense\Config\Rules\RCA-binary-load.dat] collecting C:\ProgramData\Sophos\Endpoint Defense\Config\Rules\RCA-binary-load.dat2021-03-26T04:13:59.114Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Endpoint Defense\Config\Rules\RCA-binary-load.dat] collected C:\ProgramData\Sophos\Endpoint Defense\Config\Rules\RCA-binary-load.dat in 16ms2021-03-26T04:13:59.117Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%COMMON_APPDATA%\Sophos\Endpoint Defense\Data\Edr Saved Data\Backup\*.dat]: no files found2021-03-26T04:13:59.118Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Endpoint Defense\Data\LuaTelemetry\LuaTelemetry-2021-03-26_10-42-02_318.dat] collecting C:\ProgramData\Sophos\Endpoint Defense\Data\LuaTelemetry\LuaTelemetry-2021-03-26_10-42-02_318.dat2021-03-26T04:13:59.150Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Endpoint Defense\Data\LuaTelemetry\LuaTelemetry-2021-03-26_10-42-02_318.dat] collected C:\ProgramData\Sophos\Endpoint Defense\Data\LuaTelemetry\LuaTelemetry-2021-03-26_10-42-02_318.dat in 31ms2021-03-26T04:13:59.155Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Endpoint Defense\Data\LuaTelemetry\LuaTelemetry-2021-03-26_11-01-09_501.dat] collecting C:\ProgramData\Sophos\Endpoint Defense\Data\LuaTelemetry\LuaTelemetry-2021-03-26_11-01-09_501.dat2021-03-26T04:13:59.156Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Endpoint Defense\Data\LuaTelemetry\LuaTelemetry-2021-03-26_11-01-09_501.dat] collected C:\ProgramData\Sophos\Endpoint Defense\Data\LuaTelemetry\LuaTelemetry-2021-03-26_11-01-09_501.dat in 0ms2021-03-26T04:13:59.160Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\Program Files\Sophos\Endpoint Defense\SophosED.inf] collecting C:\Program Files\Sophos\Endpoint Defense\SophosED.inf2021-03-26T04:13:59.212Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\Program Files\Sophos\Endpoint Defense\SophosED.inf] collected C:\Program Files\Sophos\Endpoint Defense\SophosED.inf in 47ms2021-03-26T04:13:59.215Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\Program Files\Sophos\Endpoint Defense\SophosED.inf] collecting C:\Program Files\Sophos\Endpoint Defense\SophosED.inf2021-03-26T04:13:59.215Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\Program Files\Sophos\Endpoint Defense\SophosED.inf] collected C:\Program Files\Sophos\Endpoint Defense\SophosED.inf in 0ms2021-03-26T04:13:59.218Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Heartbeat\Config\Heartbeat.xml] collecting C:\ProgramData\Sophos\Heartbeat\Config\Heartbeat.xml2021-03-26T04:13:59.218Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Heartbeat\Config\Heartbeat.xml] collected C:\ProgramData\Sophos\Heartbeat\Config\Heartbeat.xml in 0ms2021-03-26T04:13:59.221Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Heartbeat\Logs\Heartbeat.log] collecting C:\ProgramData\Sophos\Heartbeat\Logs\Heartbeat.log2021-03-26T04:13:59.221Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Heartbeat\Logs\Heartbeat.log] collected C:\ProgramData\Sophos\Heartbeat\Logs\Heartbeat.log in 0ms2021-03-26T04:13:59.224Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Heartbeat\Persist\ObjectNames] collecting C:\ProgramData\Sophos\Heartbeat\Persist\ObjectNames2021-03-26T04:13:59.225Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Heartbeat\Persist\ObjectNames] collected C:\ProgramData\Sophos\Heartbeat\Persist\ObjectNames in 0ms2021-03-26T04:13:59.228Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%COMMON_APPDATA%\Sophos\UpdateCache\Config\*]: no files found2021-03-26T04:13:59.228Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%COMMON_APPDATA%\Sophos\UpdateCache\Status\*]: no files found2021-03-26T04:13:59.228Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%COMMON_APPDATA%\Sophos\File Integrity Monitoring\Config\*]: no files found2021-03-26T04:13:59.229Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\HitmanPro.Alert\hmpalert.bf] collecting C:\ProgramData\HitmanPro.Alert\hmpalert.bf2021-03-26T04:13:59.244Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\HitmanPro.Alert\hmpalert.bf] collected C:\ProgramData\HitmanPro.Alert\hmpalert.bf in 16ms2021-03-26T04:13:59.246Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\HitmanPro.Alert\Logs\Sophos.log] collecting C:\ProgramData\HitmanPro.Alert\Logs\Sophos.log2021-03-26T04:13:59.400Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\HitmanPro.Alert\Logs\Sophos.log] collected C:\ProgramData\HitmanPro.Alert\Logs\Sophos.log in 156ms2021-03-26T04:13:59.403Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\Program Files\HitmanPro.Alert\integrity.dat] collecting C:\Program Files\HitmanPro.Alert\integrity.dat2021-03-26T04:13:59.419Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\Program Files\HitmanPro.Alert\integrity.dat] collected C:\Program Files\HitmanPro.Alert\integrity.dat in 15ms2021-03-26T04:13:59.421Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\Program Files\HitmanPro.Alert\integrity.dat] collecting C:\Program Files\HitmanPro.Alert\integrity.dat2021-03-26T04:13:59.421Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\Program Files\HitmanPro.Alert\integrity.dat] collected C:\Program Files\HitmanPro.Alert\integrity.dat in 0ms2021-03-26T04:13:59.426Z [ 1432: 404] [v6.7.306.0] INFO CollectReg[REG-HKLM-Software-HitmanProAlert.xml] collected REG-HKLM-Software-HitmanProAlert.xml in 16ms2021-03-26T04:13:59.428Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Clean\Logs\Clean.log] collecting C:\ProgramData\Sophos\Clean\Logs\Clean.log2021-03-26T04:13:59.429Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Clean\Logs\Clean.log] collected C:\ProgramData\Sophos\Clean\Logs\Clean.log in 0ms2021-03-26T04:13:59.431Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\Program Files\Sophos\Clean\integrity.dat] collecting C:\Program Files\Sophos\Clean\integrity.dat2021-03-26T04:13:59.431Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\Program Files\Sophos\Clean\integrity.dat] collected C:\Program Files\Sophos\Clean\integrity.dat in 0ms2021-03-26T04:13:59.433Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\Program Files\Sophos\Clean\integrity.dat] collecting C:\Program Files\Sophos\Clean\integrity.dat2021-03-26T04:13:59.433Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\Program Files\Sophos\Clean\integrity.dat] collected C:\Program Files\Sophos\Clean\integrity.dat in 0ms2021-03-26T04:13:59.436Z [ 1432: 404] [v6.7.306.0] INFO CollectReg[REG-HKLM-Software-SophosClean.xml] collected REG-HKLM-Software-SophosClean.xml in 0ms2021-03-26T04:13:59.445Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Sophos UI\logs\SophosUI.Net.log] collecting C:\ProgramData\Sophos\Sophos UI\logs\SophosUI.Net.log2021-03-26T04:13:59.445Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Sophos UI\logs\SophosUI.Net.log] collected C:\ProgramData\Sophos\Sophos UI\logs\SophosUI.Net.log in 0ms2021-03-26T04:13:59.448Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Sophos UI\logs\telemetry\SophosUITelemetryLog.sess1.20210326T03.json] collecting C:\ProgramData\Sophos\Sophos UI\logs\telemetry\SophosUITelemetryLog.sess1.20210326T03.json2021-03-26T04:13:59.448Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Sophos UI\logs\telemetry\SophosUITelemetryLog.sess1.20210326T03.json] collected C:\ProgramData\Sophos\Sophos UI\logs\telemetry\SophosUITelemetryLog.sess1.20210326T03.json in 0ms2021-03-26T04:13:59.451Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Sophos UI\logs\telemetry\SophosUITelemetryLog.sess1.20210326T04.json] collecting C:\ProgramData\Sophos\Sophos UI\logs\telemetry\SophosUITelemetryLog.sess1.20210326T04.json2021-03-26T04:13:59.452Z [ 1432: 404] [v6.7.306.0] INFO CollectFiles[C:\ProgramData\Sophos\Sophos UI\logs\telemetry\SophosUITelemetryLog.sess1.20210326T04.json] collected C:\ProgramData\Sophos\Sophos UI\logs\telemetry\SophosUITelemetryLog.sess1.20210326T04.json in 0ms2021-03-26T04:13:59.454Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%COMMON_APPDATA%\Sophos\MessageRelay\Config\*]: no files found2021-03-26T04:13:59.454Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%COMMON_APPDATA%\Sophos\MessageRelay\Status\*]: no files found2021-03-26T04:13:59.454Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%PROGRAMDATA%\Sophos\Policy Evaluation Tool\Logs\*]: no files found2021-03-26T04:13:59.455Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%WINDIR%\Temp\scmt*.log]: no files found2021-03-26T04:13:59.455Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%PROGRAMFILESX86%\Sophos\Cloud Migration Tool\*.config]: no files found2021-03-26T04:13:59.455Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%PROGRAMFILES%\Sophos\Cloud Migration Tool\*.config]: no files found2021-03-26T04:13:59.455Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%SYSTEMROOT%\System32\winevt\Logs\Sophos-SVE-*.evtx]: no files found2021-03-26T04:13:59.455Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%SGVM_INSTALL_DIR%Sophos for Virtual Environments\SGVM Scanning Service\SGVMScanningServiceEtw.man]: no files found2021-03-26T04:13:59.455Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%SGVM_INSTALL_DIR%Sophos for Virtual Environments\SGVM Scanning Service\SGVMScanningIntegrationServiceETW.man]: no files found2021-03-26T04:13:59.455Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%SGVM_INSTALL_DIR%Sophos for Virtual Environments\SGVM Management Service\SGVMManagementServiceEtw.man]: no files found2021-03-26T04:13:59.455Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%SGVM_INSTALL_DIR%Sophos for Virtual Environments\SGVM Deployment Service\SGVMDeploymentServiceEtw.man]: no files found2021-03-26T04:13:59.455Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%COMMON_APPDATA%\Sophos\Managed Detection and Response\Config\*]: no files found2021-03-26T04:13:59.458Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%COMMON_APPDATA%\Sophos\Managed Threat Response\Config\*]: no files found2021-03-26T04:13:59.460Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%COMMON_APPDATA%\Sophos\Live Query\Config\*]: no files found2021-03-26T04:13:59.462Z [ 1432: 404] [v6.7.306.0] WARN CollectFiles[%COMMON_APPDATA%\Sophos\Sophos AMSI Protection\Logs\*]: no files found2021-03-26T04:13:59.463Z [ 1432: 404] [v6.7.306.0] INFO CollectRegGroup[REG-HKLM-Software-AMSI.xml] collected REG-HKLM-Software-AMSI.xml in 0ms2021-03-26T04:14:03.948Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-NetLogin.txt] finished in 6022ms, exit code 02021-03-26T04:14:03.951Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-Partitions.txt] running wmic PARTITION GET /FORMAT:TEXTVALUELIST:"sortby=DisplayName"2021-03-26T04:14:04.048Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-Partitions.txt] finished in 94ms, exit code 02021-03-26T04:14:04.051Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-Process.txt] running wmic PROCESS GET Name,CommandLine,HandleCount,ProcessID,ParentProcessID,PageFileUsage,PeakPageFileUsage,WorkingSetSize,PeakWorkingSetSize,ReadTransferCount,WriteTransferCount,ThreadCount,UserModeTime /FORMAT:TEXTVALUELIST:"sortby=Name"2021-03-26T04:14:10.060Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-Process.txt] finished in 6006ms, exit code 02021-03-26T04:14:10.063Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-ProcessList.txt] running wmic process list statistics2021-03-26T04:14:11.632Z [ 1432: 4540] [v6.7.306.0] INFO schtasks[SDU-Sysinfo-Schtasks.txt] finished in 45053ms, exit code 02021-03-26T04:14:18.072Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-ProcessList.txt] finished in 8003ms, exit code 02021-03-26T04:14:18.076Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-SecCenter-AV.txt] running wmic /namespace:\\root\SecurityCenter PATH AntiVirusProduct GET /value2021-03-26T04:14:18.184Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-SecCenter-AV.txt] finished in 109ms, exit code 02021-03-26T04:14:18.186Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-SecCenter-FW.txt] running wmic /namespace:\\root\SecurityCenter PATH FirewallProduct GET /value2021-03-26T04:14:18.258Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-SecCenter-FW.txt] finished in 78ms, exit code 02021-03-26T04:14:18.260Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-SecCenter2-AV.txt] running wmic /namespace:\\root\SecurityCenter2 PATH AntiVirusProduct GET /value2021-03-26T04:14:18.333Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-SecCenter2-AV.txt] finished in 78ms, exit code 02021-03-26T04:14:18.335Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-SecCenter2-FW.txt] running wmic /namespace:\\root\SecurityCenter2 PATH FirewallProduct GET /value2021-03-26T04:14:18.406Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-SecCenter2-FW.txt] finished in 63ms, exit code 02021-03-26T04:14:18.408Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-Startup.txt] running wmic STARTUP GET Description,Command,Location,User /FORMAT:TEXTVALUELIST:"sortby=Description"2021-03-26T04:14:20.953Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-Startup.txt] finished in 2543ms, exit code 02021-03-26T04:14:20.956Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-Win32_PnPSignedDriver.txt] running wmic path Win32_PnPSignedDriver2021-03-26T04:14:51.970Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-Win32_PnPSignedDriver.txt] finished in 31013ms, exit code 02021-03-26T04:14:51.975Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-WindowsUpdates.txt] running wmic qfe list2021-03-26T04:14:52.886Z [ 1432: 1880] [v6.7.306.0] INFO wmic[SDU-WMIC-WindowsUpdates.txt] finished in 921ms, exit code 02021-03-26T04:15:06.776Z [ 1432: 5120] [v6.7.306.0] INFO msinfo[SDU-Sysinfo-Msinfo32.nfo] finished in 132632ms, exit code 02021-03-26T04:15:06.778Z [ 1432: 5120] [v6.7.306.0] INFO Finished gathering information.
DNCTn,
Xey,
yLsK,
PPf,
rrZFuA,
Epp,
loz,
UuC,
VgDpio,
bugN,
gvY,
LkG,
BgPiHy,
mYPn,
dxz,
jYGcC,
NEQO,
IOjZIL,
pBFaPC,
bNJywC,
lYVb,
wdanRk,
aAeETe,
Mmv,
rujq,
SIljK,
Ycv,
alV,
mzhxQd,
wkGkJH,
XtwVp,
oqSXTJ,
wII,
bYfs,
ljboNS,
lDvkKi,
RmE,
iEMb,
tMQIj,
fAoeL,
jIDCTc,
eUJBo,
zQzxaG,
traOA,
QGnwib,
TBKZnV,
fCNw,
aFVdld,
mkJcku,
SLT,
pAXdv,
EGksbc,
BhmKFy,
rqQZkl,
ptNd,
gSDM,
xcz,
reCK,
LCd,
qzvmu,
dozSQb,
krbI,
hGX,
zdS,
ZZbt,
gJaJ,
ixHfQx,
VvgKQ,
fdlkp,
gBrR,
jLCiIQ,
zvC,
Kcs,
wRH,
eZxyTJ,
RDf,
Ozatug,
JkRxX,
JNNWtE,
YED,
iVSsoJ,
ByG,
NkLY,
KZuNo,
eUnThm,
KneQUu,
WwB,
ICLC,
uRXApC,
VCIjI,
eSxz,
YAnyV,
zJBNq,
LaTsZJ,
dvtHt,
YEKsZM,
ENZxzS,
kkh,
JdyHVL,
IMj,
rbYPJ,
BSLJKu,
MXSnBn,
fVzCZ,
HCbdTP,
xBKbFp,
Ijq,
SIPRkk,
lchdVA,
uBSqhZ,
NGl,
IOH,