IT Services


Fix Sophos

Any machine which uses Sophos Antivirus (SSD 4, 5, non SSD and any servers) and was switched on between 21:00 - 22:00 on 19/09/2012 will have an issue because Sophos released a corrupt update.

Your machine is still protected but Sophos will be misreporting items as quarantined.

SSD 7 machines, Macs and Unix are unaffected by this issue.

Solution

Standard University desktops and laptops (SSD)
When your PC is next restarted it will be repaired automatically (valid from 16:30 on 20/09/2012).

Home and other users
Please click here to run a repair (Click Run if prompted).
then restart your machine.

OR

The advice from Sophos is to manually do the following:

NOTE: the user account that was used to install Sophos should be used for this procedure.

Fix Sophos updater

  1. While online open Sophos Antivirus - Double click the white shield with a blue S in the bottom right windows taskbar. (In Windows 7 you may need to click show hidden icons )
  2. This opens a window for Sophos Endpoint Security and Control
  3. Select from the top menu Configure > Anti-Virus > On-access scanning (see diagram 1)
  4. ‎Under the Scanning tab UNCHECK Enable on-access scanning for this computer
  5. Click Apply then OK
  6. Now right click the White shield icon (bottom right) and select Update now
  7. After a few minutes again Select Configure > Anti-Virus > On-access scanning
  8. Under ther Scanning tab CHECK Enable on-access scanning for this computer
  9. Your PC should now update normally

Remove items from Quarantine

  1. Open Sophos Endpoint Security and Control
  2. Select Quarantine from Items in Quarantine under Status on the left hand side of the window (see diagram 2)
  3. Select all items marked Shh/Updater-B - you can do this by clicking Select all
  4. Select Clear from list
  5. A dialgue box will appear. Click OK
  6. You can now close Sophos Endpoint Security and Control
faqs

How can I check this has worked or if I was affected in the first place?

Hover your mouse over the white shield with a blue S in the bottom right windows taskbar.

A pop-up will say something like:

Sophos protection
Last checked for updates: 20/09/2012 12:15:10

The important point is that your PC should have updated after the 19/09/2012

How do I know if I use SSD or not?

  1. Click Start (bottom left corner) then right click over My Computer
  2. A 'context menu' should appear select Properties (bottom of the menu)
  3. A window should pop up
  4. If your machine is SSD you will see a University of Glasgow logo with the version next to the logo (see diagram).
Support

If you have any problems with this please contact your local IT staff for advice.