Antivirus Sophos

0 views
Skip to first unread message

Amatista Sheeley

unread,
Aug 5, 2024, 2:13:41 AM8/5/24
to indapneres
SoI decided to have a meeting in London a few months ago with @sophossecurity and it literally blew my mind. They showed me how easy it is for cyber criminals to hack you - but also how easy it is to stop those trying to get to you.

Keep malware at bay with a deep malware scan that unearths hidden threats and removes them from your computer. AI threat detection capabilities leverage security intelligence to protect your PC from never-before-seen malware before it has a chance to create havoc. Sophos Home for Windows also uses cutting-edge ransomware technology to protect personal information. It stops unknown processes from encrypting your data and rolls back all changes.


With Sophos Home, you get protection for the whole family, which can be managed easily with a cloud-based interface. This security solution delivers enterprise-level web protection and parental web filtering for a safe and secure web-browsing experience.


A constantly growing threat landscape demands the same breadth of security that can mitigate all kinds of risks. The focus should be on deploying an antivirus that delivers comprehensive security ROI, and plugs all gaps that can be exploited by cybercriminals. You need protection against phishing attacks launched via emails and phishing websites, advanced anti-ransomware technology and predictive AI backed threat protection and much more. Threats have a nasty habit of sneaking into a PC, exploiting minimal security gaps. This is why third-party security like Sophos Home antivirus is a great way to keep your computer safe.


All clients have had their previous antivirus uninstalled using the same method. While deploying Intercept X on a few remaining clients the installer is failing. I have verified that the old antivirus is completely removed and even ran the manual uninstall tool that is provided. The Sophos logs show the following when attempting to install Intercept X:


I will give the Sophos the benefit of the doubt for the moment and go by the logs. However, there is no trace on my side of this version of Trend Micro being installed on the client (I've looked). Does anyone know where in the Sophos logs that might point to the paths of where it detected the old antivirus is installed? Any other suggestions are more than welcomed as this is where Sophos Support team keeping saying "uninstall the old antivirus.", but I that isn't an available option as it doesn't exist.


I understand that you'd like to see what parts of TM were detected during the sophos installation. I'd prefer to see that in the sophos install logs, too. Probably because of some compliance stuff they cannot provide you that information here.


The path to the ProductCatalog.xml was brilliant. Once I was able to look in that location I was able to see that this was the culprit: 0A07E717-BB5D-4B99-840B-6C5DED52B277 within the registries. By removing it, I was able to install Intercept X with no problem. Thanks for the help.


Viruses have been around for years, but not all cyberattacks are so well known. Criminals are constantly coming up with new ways to attack your data and devices. Each scam is more manipulative and cunning than the last. CEO fraud, for example, happens when cybercriminals pretend to be company executives to trick other employees into releasing sensitive information.


For enterprise-level organizations, look for a cybersecurity solution that offers complete end-to-end protection. You need something that covers your hardware, cloud infrastructure, data, emails, IP information, and all devices on the network.


Another thing to consider is the possibility of an internal data breach. In 2021, 74% of organizations experienced malware activity that spread from one employee to another. Since large businesses have hundreds or even thousands of employees, there is a greater risk of employees spreading malware to their coworkers, either intentionally or by accident. Utilizing a business antivirus solution that catches phishing or CEO fraud attacks can cut down on this.


Studies show medium-sized businesses are being hit with cyberattacks at a rapidly increasing rate. From 2020 to 2021, the number of attacks against midsize businesses jumped by at least 50%. This statistic could be attributed to multiple factors, one of those reasons being an increase in remote workers. Cybercriminals have stepped up their game when it comes to developing cloud-based attacks.


On the other hand, you do want to pay for features that are needed to protect your users and devices. For example, if your business handles financial transactions, look for a security solution that offers plenty of browser and data security. Some other features to consider include a password manager, virtual private network (VPN), and spam management.


Antivirus programs are designed to detect and remove known forms of malware. This includes viruses, keyloggers, worms, and ransomware, but only ones that have previously been identified. Antivirus programs are not built to seek out or catalog new threats.


Endpoint protection, on the other hand, is primarily geared toward businesses. Endpoint security solutions protect all devices in a network. Desktops, laptops, mobile devices, and servers are centrally managed through a cloud-based infrastructure, making it easy to monitor and maintain multiple endpoints from a single location.


Hello, the UTM has started to block an Kaspersky Antivirus updates or signuature renewals (this started a month ago after some UTM upgrades. The same happens to other update Services for some garphics Adapters (Geforce), O&O Imanging Software etc.


BTW, Kaspersky has lots of update Servers. The download of the new files start but end up in freeze at 65 - 83% (it varies). Switching off the UTM an bringing the PCs directly to the Internet Show that the UTM configuration is stopping the process. Any ideas?


I have created and activated a filter option for the domain ^ https?: // ([A-Za-z0-9.-] + \.)? Kaspersky \ .com /. The check is omitted for authentication, antivirus, file extensions, redirect to sandstorm, URL filter, content removal.Unfortunately, Kaspersky does not update. But if I trigger it manually, then already......


I found a similar problem with Sophos XG firewalls where the same symptoms were appearing and Kaspersky updates fails halfway through. A bit of digging around showed that the firewall was blocking virus definition files ending with .dat extension as these are categorized as video files and the firewall policy is to block videos.


UCLA will retire the Sophos Antivirus product for campus on 10/28/21. If you are utilizing Sophos on any personally-owned machines, you will need to uninstall and switch products before this date to avoid a disruption in your antivirus protection.


Users that reported this issue through support tickets have mentioned that after reinstalling the latest versions of their antivirus, as well as the Dropbox desktop application, the message doesn't appear anymore and the issue is resolved.


Did this post help you? If so please give it a Like below.

Did this post fix your issue/answer your question? If so please press the 'Accept as Best Answer' button to help others find it.

Still stuck? Ask me a question! (Questions asked in the community will likely receive an answer within 4 hours!)


I suspect it may very well be a legitimate file/update to the Dropbox Program, or it could be a trojan ransomware virus monster from hell. How do I confirm through Dropbox.com, or wherever, if it's legitimate.


Moreover, as you can see on our Known Issues thread (as per the Welcome Banner), this issue is currently investigated by our engineers. You can keep a lookout for an update here on our Forum - I, or a colleague of mine, will be updating this thread too once we have further news on the matter.


Did this post help you? If so, give it a Like below to let us know.

Need help with something else? Ask me a question!

Find Tips & Tricks Discover more ways to use Dropbox here!

Interested in Community Groups? Click here to join




Seems like a bit of a blunt answer to any and all issues with security software blocking the exam. "There may be problems...why not disable the whole thing". Obviously, from a security position, it is never recommended to disable your antivirus software. However, it's your choice at the end of the day (if it is your own computer and you are allowed to do it). You posted on the General forum so it's hard to judge which Sophos Anti-Virus software you have.


Sophos has different antivirus software versions (Windows, Mac, locally controlled, centrally configured by a web console). However to disable it depends on what version you have. Since you mention Mac OS and a home installation that narrows it down a bit. However, it could still be centrally controlled, say through the Sophos Home web console, or locally.


If you're using Sophos Home your would have to log into the dashboard and drill down to your computer and toggle the AV to off and then wait a minute for the setting to be relayed to the computer. Example...


skimming through the documentation on the site I conjecture that the software has anti-cheating functionality ("secure exams") - e.g. closing applications that have windows open, checking if it's in a VM. Doesn't go too well together with AV. And they clearly state *While it is our recommendation and best practice to disable your antivirus programs before each exam, please be sure to re-enable your antivirus program following each exam. Might rephrase that as just before each exam.

So IMO it's not your average there may be problems.

3a8082e126
Reply all
Reply to author
Forward
0 new messages