University of California, Riverside

Security



Sophos


Sophos Anti-VirusWindows Server Security

What is a Virus and Anti-virus software?

A computer virus, much like a biological virus, infects a host and tries to spread itself. Computer viruses usually spread via email, malicious web sites, or operating system (i.e. Windows or Mac OS) exploits. Anti-virus software protects email, instant messages, and other files by removing viruses and worms. Anti-virus software downloads new virus protection updates to protect against new threats. It also quarantines infected files to keep a virus from spreading and can repair infected files so the files can be used without fear of damaging the computer or spreading a virus to other computers.

What is Firewall software?

Sophos AV will soon have an additional component to its anti-virus software, it will include a PC based firewall product. This firewall will act as a protective barrier between the computer and the internet. It monitors all incoming and/or outgoing traffic and allows only permitted network traffic. Sophos AV will protect computers by blocking port-scans from hackers or compromised machines that are searching for computer and network vulnerabilities. By blocking other computers from scanning a computer, attacks are denied and the computer is protected. As soon as this feature is available in the next release of Sophos AV more information will be posted.

How does Sophos protect me?

Sophos Anti-Virus, like its competitors Norton and McAfee, works in two ways: it prevents viruses from executing, and it removes them if it finds that one has already executed. In order to do this, Sophos maintains a database of known viruses and how to remove them, and updates the anti-virus program periodically to ensure that the computer is protected from the newest threats. Sophos constantly watches the computer, and when it notices a virus trying to execute its code, Sophos will stop it from running and quarantine the file (i.e. lock it up in a special directory where it is unable to harm the computer). Sophos can also be run by the user if an infection is suspected; it will scan the files and folders on the computer, stop any viruses from running, and remove the associated files to the quarantine.

It is important to have antivirus software on the computer to protect not only the computer from damage viruses can cause, but the havoc caused to the campus network. Some viruses are malicious and destructive causing destruction to an individual’s data and can also bring a network to a near halt.

How do I get the Sophos software?

Downloads of Sophos anti-virus have been made available to all campus computer users as well as home, staff and faculty machines.

In addition, UC Riverside has antivirus software on its central mail server that scans and removes infected messages before downloading email to the individuals computer.

Note: Sophos replaces any existing anti-virus product, such as Norton AntiVirus. Remove any existing anti-virus software Before installing Sophos. See Instructions for un-installing Symantec AntiVirus.

How do I install Sophos Antivirus for Windows XP?

Before installing this program, any existing anti-virus software must be removed.

Off campus users will need to log in with their UCR NetID and password.

1. To download the software, click the XPSoph10_2.exe icon. When downloaded, double click the icon on your computer.

  
2. When this window comes up, click run.
3. When the Install Program window displays, click Next.
4. Click Next again.
5. The program will install in a default location, clicking Next will agree to the location.
6. Click Yes.
7. Click Start.
8. Click Install.
9. Click Next.
10. Select "I accept the terms in the license agreement".

Then click Next.

11. Click Next.
12. Check "I will enter these details later".

Then click next.

13. Click Next.
14. Click Next. Sophos XP instructions, step 16
15. Click Finish.
16. Click Next.
17. Click Exit.

Sophos XP instructions, step 17

How do I download and Install Sophos Antivirus for Windows 7 and 8

To download the software, click the W7Soph10_2.exe icon. When downloaded, double click the icon on your computer. Download the executable for Windows 7 or 8
1. If this window displays, click "Yes" Windows 7 or 8 Instructions step 1
2. Click "Next" in the Welcome screen Windows 7 or 8 Instructions step 2
3. Click "Next" Windows 7 or 8 Instructions step 3
4. Click "Next" again Windows 7 or 8 Instructions step 4
5. Click "Yes" Windows 7 or 8 Instructions step 5
6. Click "Start" Windows 7 or 8 Instructions step 6
7. Click "Install" Windows 7 or 8 Instructions step 7
8. Click "Next" Windows 7 or 8 Instructions step 8
9. Click "I accept the terms in the license agreement". 
     Then click "Next"
Windows 7 or 8 Instructions step 9
10. Click "Next" Windows 7 or 8 Instructions step 10
11. Select "I will enter these details later". Then click "Next" Windows 7 or 8 Instructions step 11
12. Click "Next" Windows 7 or 8 Instructions step 12
13. Click "Next" Windows 7 or 8 Instructions step 13
14. Click "Finished" Sophos XP instructions, step 14
15. Click "Next" Windows 7 or 8 Instructions step 15
16. Click "Exit" Windows 7 or 8 Instructions step 16

How do I download and install Sophos Antivirus for Mac OS X?

Before installing this program, uninstall any existing anti-virus software

Off campus users will need to log in with their UCR NetID and password

1. Download the Sophos Antivirus installer from http://cnc.ucr.edu/files/SAV71MacUCR.dmg
  • In Safari, if warned that “‘SAV71MacUCR.dmg’ contains an application” click Continue; Safari will then automatically run the installation program.
  • In Firefox or other browsers, please save the file and double-click to open the disk image, then double-click on Sophos Anti-Virus.mpkg to run the installer

step 1

step 1

2. Click “Continue” through the prompts until the “Select a Destination” prompt step 1
3. Click on the hard drive and click “Continue” step 1
4. Click “Install” and enter the computer password when prompted.  
5. Click “Close” when the installation has completed.  
6. Click “Save” when prompted to save the changes to Sophos Anti-Virus, and enter the password when prompted.  
7. Click on the Sophos shield Sophos shield in the menu bar and choose Update Now.  This may take a few moments while Sophos updates its virus definitions.  
Manually Scanning with Sophos Anti-Virus  
1. Click on the Sophos shield Sophos shieldat the upper right corner of the screen .  
2. Click “Open Sophos Anti-Virus”.  
3. When the Sophos window appears, click the Scan This Mac button to scan your computer.  step 1

FAQ

Q: How do I uninstall the Sophos Antivirus Enterprise version?

To uninstall the Enterprise version of Sophos Antivirus:

1. Click Start > Settings > Control Panel (or Start > Control Panel) step 1
2. Double-click Add or Remove Programs step 1
3. Remove all three components of Sophos Antivirus:
  • Sophos Anti-Virus
  • Sophos AutoUpdate
  • Sophos Remote Management System
step 1

Q: How do I configure the Sophos consumer version for updates (Windows)?

After Sophos successfully installs on the computer, a blue shield in the system tray will appear. Follow these steps to configure the updating:

1. Right-click (use right button on mouse) on the blue Sophos shield in the system tray step 1
2. Click on Configure updating… this will bring up the Properties Box  
3. Click on the Schedule tab and verify that Enable automatic updates is checked, then enter the amount of minutes it should check. DO NOT change any settings under the Primary Server tab, click Apply, click OK  

Q: How do I configure the Sophos consumer version for updates (Macintosh)?

After Sophos successfully installs on the computer, a blue shield in the upper right corner of the screen. Follow these steps to configure the updating:

1. Click the Sophos shield step 1
2. Click Open Preferences
3. Click the Autoupdate tab
4. In the Show pull-down, select Scheduling
5. To change the update interval, first click the lock at the lower left of the window and enter the computer’s password. Then click Set to save changes. DO NO change any setting under the Primary Server tab

 

Q: How do I change my firewall settings in Windows XP SP2 to run the enterprise Sophos Antivirus client?

These instructions assume the Windows Firewall turned on already, if the Windows Firewall is not in use go no further. If a third party firewall product is used, the program ‘RouterNT.exe’ needs to be added as an exception. If assistance is required, please call the Help Desk at x23555.

The Windows XP firewall must be configured to allow the program ‘RouterNT.exe’ to be an exception. To modify the firewall settings follow these steps:

1. Click the Start button and choose ‘Settings’ then ‘Control Panel’. step 1
2. In the Control Panel box, double-click ‘Windows Firewall’. This will open a window. step 1
3. Click on the ‘Exceptions’ tab at the top.
4. Under ‘Program and Services’ in the ‘Exceptions’ window click ‘Add Program’ step 1
5. In the ‘Add Program’ window, click ‘Browse’. step 1
6. Using the drop down menu, navigate through the file system to C:\Program Files\Sophos\Remote Management System\RouterNT.exe. step 1
7. Select RouterNT.exe and click Open. The Add a Program window will reappear.
8. Click on Change Scope. step 1
9. In the Change Scope window, select Custom List and type in the following IP address: 138.23.227.21. Keep clicking OK until the windows disappear.
10. Reboot the system to have the changes take effect.

 

  • Q: What should I do if I get the following error:

    “The update service does not recognize this product, please contact the software vendor for updates for this product, Error 13000: Product not registered with the agent.”

    Just click ‘Finish’ and Sophos will finish installing. This is a non-critical error.

  • Q: How do I use the Symantec Anti-virus removal tool?

    If after uninstalling Symantec or Norton Anti-virus products the Sophos installation fails with the error that there is another anti-virus product on the computer, try running Sophos’ removal tool to clean up the registry. Download the removal tool from http://css.ucr.edu/public/sophos/NAV_removal_compdetect.exe and double-click to run it.

More Information 

General Campus Information

University of California, Riverside
900 University Ave.
Riverside, CA 92521
Tel: (951) 827-1012

Department Information

Computing & Communications
Computing & Communications Bldg.

Tel: (951) 827-4741
Fax: (951) 827-4541
E-mail: helpdesk@ucr.edu

Footer