Sophos
Download and Installation Instructions
FAQ
Sophos Anti-VirusWindows Server Security
What is a Virus and Anti-virus software?
A computer virus, much like a biological virus, infects a host and tries to spread itself. Computer viruses usually spread via email, malicious web sites, or operating system (i.e. Windows or Mac OS) exploits. Anti-virus software protects email, instant messages, and other files by removing viruses and worms. Anti-virus software downloads new virus protection updates to protect against new threats. It also quarantines infected files to keep a virus from spreading and can repair infected files so the files can be used without fear of damaging the computer or spreading a virus to other computers.
What is Firewall software?
Sophos AV will soon have an additional component to its anti-virus software, it will include a PC based firewall product. This firewall will act as a protective barrier between the computer and the internet. It monitors all incoming and/or outgoing traffic and allows only permitted network traffic. Sophos AV will protect computers by blocking port-scans from hackers or compromised machines that are searching for computer and network vulnerabilities. By blocking other computers from scanning a computer, attacks are denied and the computer is protected. As soon as this feature is available in the next release of Sophos AV more information will be posted.
How does Sophos protect me?
Sophos Anti-Virus, like its competitors Norton and McAfee, works in two ways: it prevents viruses from executing, and it removes them if it finds that one has already executed. In order to do this, Sophos maintains a database of known viruses and how to remove them, and updates the anti-virus program periodically to ensure that the computer is protected from the newest threats. Sophos constantly watches the computer, and when it notices a virus trying to execute its code, Sophos will stop it from running and quarantine the file (i.e. lock it up in a special directory where it is unable to harm the computer). Sophos can also be run by the user if an infection is suspected; it will scan the files and folders on the computer, stop any viruses from running, and remove the associated files to the quarantine.
It is important to have antivirus software on the computer to protect not only the computer from damage viruses can cause, but the havoc caused to the campus network. Some viruses are malicious and destructive causing destruction to an individual’s data and can also bring a network to a near halt.
How do I get the Sophos software?
Downloads of Sophos anti-virus have been made available to all campus computer users as well as home, staff and faculty machines.
In addition, UC Riverside has antivirus software on its central mail server that scans and removes infected messages before downloading email to the individuals computer.
Note: Sophos replaces any existing anti-virus product, such as Norton AntiVirus. Remove any existing anti-virus software Before installing Sophos. See Instructions for un-installing Symantec AntiVirus.
- How do I download and install Sophos Antivirus for Widows 95, 98, and ME?
Before installing this program, any existing anti-virus software must be removed.
Off campus users will need to log in with their UCR NetID and password
1. Download the installer from http://cnc.ucr.edu/files/RemoteSophos9xME.exe
2. When the file has downloaded, double-click to launch the installation program 3. Click the “Install” button 
4. Click “Next” through the prompts 5. When asked to enter information for automatic updating, check “I will enter these details later” and click “Next” 
6. Check “Yes, restart my computer now” and click “Finish” to complete the installation 
7. When the computer reboots, it will run a scan to check the computer for viruses; once this has completed, the computer is protected. - How do I download and install Sophos Antivirus for Windows 2000, XP, Vista, and Windows 7?
1. Download the installer from http://cnc.ucr.edu/security/files/SAV9UCR.exe 2. When the file has downloaded, double-click the file to run the installer. 3. Click the next button. 
4. Click “Next” through the prompts. Press install when prompted. When the installer pops up the Sophos install wizard, press next. Accept the Sophos End-User License agreement and press next. 5. When asked to enter information for automatic updating, check “I will enter these details later” and click “Next”. When asked about removing third-party security software, keep the box checked and press next. 
6. Click “Next,” then click “Finish” to complete the installation 
7. Right-click the Sophos shield in the system tray 8. Click Open Sophos Anti-Virus 
9. Click Configure Anti-Virus and HIPS 
10. Click On-access Scanning under Configure 
11. Click the Cleanup tab 12. Place a checkmark next to “Automatically clean up items that contain a virus” 
13. Under “If automatic cleanup is not used, or if cleanup fails…” select “Move to:” and leave the default directory in that field. 14. Click OK 15. Click Right-Click scanning under Configure 
16. Click the Cleanup tab 17. Place a checkmark next to “Automatically clean up items that contain a virus” 
18. Under “If automatic cleanup is not used, or if cleanup fails…” select “Move to:” and leave the default directory in that field. At the bottom of the window, place a checkmark next to "Automatically clean up adware and PUAs." 19. Click OK - How do I download and install Sophos Antivirus for Mac OS X?
Before installing this program, uninstall any existing anti-virus software
Off campus users will need to log in with their UCR NetID and password
1. Download the Sophos Antivirus installer from http://cnc.ucr.edu/files/SAV70MacUCR.dmg
- In Safari, if warned that “‘SAV70MacUCR.dmg’ contains an application” click Continue; Safari will then automatically run the installation program.
- In Firefox or other browsers, please save the file and double-click to open the disk image, then double-click on Sophos Anti-Virus.mpkg to run the installer
2. Click “Continue” through the prompts until the “Select a Destination” prompt 
3. Click on the hard drive and click “Continue” 4. Click “Install” and enter the computer password when prompted. 5. Click “Close” when the installation has completed. 6. Click “Save” when prompted to save the changes to Sophos Anti-Virus, and enter the password when prompted. Manually Scanning with Sophos Anti-Virus 1. Click on the Sophos shield 
at the upper right corner of the screen .2. Click “Open Sophos Anti-Virus”. 3. Make sure the green light icon next to the hard drive is lit (click on the green light icon to turn it on or off). 4. Click the green arrow button 
to begin scanning:
FAQ
- Q: How do I uninstall the Sophos Antivirus Enterprise version?
To uninstall the Enterprise version of Sophos Antivirus:
1. Click Start > Settings > Control Panel (or Start > Control Panel) 
2. Double-click Add or Remove Programs 
3. Remove all three components of Sophos Antivirus: - Sophos Anti-Virus
- Sophos AutoUpdate
- Sophos Remote Management System
- Q: How do I configure the Sophos consumer version for updates (Windows)?
After Sophos successfully installs on the computer, a blue shield in the system tray will appear. Follow these steps to configure the updating:
1. Right-click (use right button on mouse) on the blue Sophos shield in the system tray 
2. Click on Configure updating… this will bring up the Properties Box 3. Click on the Schedule tab and verify that Enable automatic updates is checked, then enter the amount of minutes it should check. DO NOT change any settings under the Primary Server tab, click Apply, click OK - Q: How do I configure the Sophos consumer version for updates (Macintosh)?
After Sophos successfully installs on the computer, a blue shield in the upper right corner of the screen. Follow these steps to configure the updating:
1. Click the Sophos shield 2. Click Open Preferences 3. Click the Autoupdate tab 4. In the Show pull-down, select Scheduling 5. To change the update interval, first click the lock at the lower left of the window and enter the computer’s password. Then click Set to save changes. DO NO change any setting under the Primary Server tab - Q: How do I change my firewall settings in Windows XP SP2 to run the enterprise Sophos Antivirus client?
These instructions assume the Windows Firewall turned on already, if the Windows Firewall is not in use go no further. If a third party firewall product is used, the program ‘RouterNT.exe’ needs to be added as an exception. If assistance is required, please call the Help Desk at x23555.
The Windows XP firewall must be configured to allow the program ‘RouterNT.exe’ to be an exception. To modify the firewall settings follow these steps:
1. Click the Start button and choose ‘Settings’ then ‘Control Panel’. 
2. In the Control Panel box, double-click ‘Windows Firewall’. This will open a window. 
3. Click on the ‘Exceptions’ tab at the top. 4. Under ‘Program and Services’ in the ‘Exceptions’ window click ‘Add Program’ 
5. In the ‘Add Program’ window, click ‘Browse’. 
6. Using the drop down menu, navigate through the file system to C:\Program Files\Sophos\Remote Management System\RouterNT.exe. 
7. Select RouterNT.exe and click Open. The Add a Program window will reappear. 8. Click on Change Scope. 
9. In the Change Scope window, select Custom List and type in the following IP address: 138.23.227.21. Keep clicking OK until the windows disappear. 10. Reboot the system to have the changes take effect. - Q: What should I do if I get the following error:
“The update service does not recognize this product, please contact the software vendor for updates for this product, Error 13000: Product not registered with the agent.”
Just click ‘Finish’ and Sophos will finish installing. This is a non-critical error.
- Q: How do I use the Symantec Anti-virus removal tool?
If after uninstalling Symantec or Norton Anti-virus products the Sophos installation fails with the error that there is another anti-virus product on the computer, try running Sophos’ removal tool to clean up the registry. Download the removal tool from http://css.ucr.edu/public/sophos/NAV_removal_compdetect.exe and double-click to run it.
