Sophos Diagnose appears to hang and does not complete

  • Article ID: 118435
  • Rating:
  • 4 customers rated this article 1.5 out of 6
  • Updated: 26 Nov 2014


Sophos Diagnose Utility for appears to 'hang' just after it mentions the following in the 'Logs archived:' box.

"... \TEMP\sdu\sdu-EventLog-System.evtx"

First seen in
Sophos Diagnostic Utility (v1.4.8)


Sophos Diagnose will attempt to acquire a copy of the Group Policy applied to the computer, if the Domain Controller is unavailable this may take a long time to cancel.

You can use the following in a command prompt to determine if acquiring the Group Policy is the cause:

gpresult /R /Z

Typically Laptops that are off the Domain Network are most likely to suffer from this issue.

What To Do

Note: This article does not apply to previous versions of Sophos Diagnose.

  1. If Sophos Diagnose is currently running, click the Stop button on the 'Sophos Diagnose Utility - Collection' window.
  2. After a short while it will display the number of files collected, click OK.
  3. Click the top right close button to exit.
  4. Open notepad and edit the file sduconfig.xml where you are running Sophos Diagnose from, if you have used sfx version then this location will be the following by default:
    64-Bit: C:\Program Files (x86)\Sophos\Sophos Diagnostic Utility
    32-Bit: C:\Program Files\Sophos\Sophos Diagnostic Utility
  5. Locate the following entries and delete the lines:
    <GroupPolicy log="SDU-Sysinfo-GroupPolicy.xml" endlog=""/>
  6. Save sduconfig.xml.
  7. Launch Sophos Diagnose and click Continue, it should now be able to acquire all of the log files for Sophos Support.

If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent