Sophos Virus Disabled in Windows 7

Discussions around the setup, operation, replacement, and disposal of clerk computers, not to include using MLS
jedware
New Member
Posts: 24
Joined: Sun Jul 04, 2010 1:53 pm
Location: Sandy, UT USA

Sophos Virus Disabled in Windows 7

Postby jedware » Sun Jan 01, 2012 12:28 pm

Sophos was working on the computer up till last week but now the windows 7 action center is reporting that is it turned off.

When trying to turn back on it states: "This program will not run. Windows did not trust this program because its identity can't be verified"

Doing an update now does not resolve the problem. Any solutions?

User avatar
Mikerowaved
Community Moderators
Posts: 3132
Joined: Sun Dec 23, 2007 12:56 am
Location: Layton, UT

Postby Mikerowaved » Sun Jan 01, 2012 3:08 pm

The first thing I would so is scan your PC for dormant viruses. They can sometimes disable popular AV products that they find. I suggest using a product like Malwarebytes for this.

If that reports it's clean, the next step would be to uninstall/reinstall Sophos and see if that helps the problem.
So we can better help you, please edit your Profile to include your general location.

jedware
New Member
Posts: 24
Joined: Sun Jul 04, 2010 1:53 pm
Location: Sandy, UT USA

Postby jedware » Sun Jan 01, 2012 4:51 pm

Mikerowaved wrote:The first thing I would so is scan your PC for dormant viruses. They can sometimes disable popular AV products that they find. I suggest using a product like Malwarebytes for this.

If that reports it's clean, the next step would be to uninstall/reinstall Sophos and see if that helps the problem.



Did scan and nothing appeared so I did reinstall and that particular error message is gone but now new message in action center seems to indicate Sophos is not installed even though Icon is in systray and all services are running.

It appears as though Sophos is no longer correctly interacting with the action center and reinstalling just disabled all interaction to the point it doesn't see that Sophos is installed.

I checked the forums and the only think is points to is checking the ""Sophos Anti-Virus Status Reporter" service is running.

I can turn off further messages but was curious if anyone else is seeing this on Windows 7?

JamesAnderson
Senior Member
Posts: 748
Joined: Tue Jan 23, 2007 2:03 pm

Postby JamesAnderson » Sun Jan 01, 2012 7:20 pm

This also has been noted, and appears to have been since November that I saw three machines in my FHC seem to lose the Sophos icon.

I've usually been able to clean-install Sophos and things show normal again.

Since it was at an FHC, I simply used the deployment portal to force the clean-install, since it opens the installer for Sophos if the software is already on the machine. Then I have to run the updater by forcing the update, usually the next time the FHC is open is when I force things through to be sure I catch everything.

Someone said they heard that some piece of antivirus software or scanner somewhere is itself calling Sophos a problem item, which is obviously false, just what or who is doing this I don't know.

Another possibility is the Microsoft Malicious Software Removal Tool may be doing something too. Unconfirmed, but worth looking into, it gets updated at the same time that Microsoft sends out the patches each month, and it only appears to have happened since the November updates, if not the December one.

jdlessley
Community Moderators
Posts: 6526
Joined: Sun Mar 16, 2008 11:30 pm
Location: USA, TX

Postby jdlessley » Sun Jan 01, 2012 7:43 pm

JamesAnderson wrote:Another possibility is the Microsoft Malicious Software Removal Tool may be doing something too. Unconfirmed, but worth looking into, it gets updated at the same time that Microsoft sends out the patches each month, and it only appears to have happened since the November updates, if not the December one.
This is not likely for administrative computers behind the Cisco 881W firewall since the Windows update site is blocked. As such, no Windows updates occur automatically or through any other manner on-line. I can't verify whether this is the same for administrative computers behind the Cisco PIX 501 or the Cisco ASA 5505. The ASA 5505 may have the same blocking configuration as the 881W.
JD Lessley
Have you tried finding your answer on the LDS.org Help Center page or the LDSTech wiki?

russellhltn
Community Administrator
Posts: 20762
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Postby russellhltn » Sun Jan 01, 2012 9:12 pm

jdlessley wrote:This is not likely for administrative computers behind the Cisco 881W firewall since the Windows update site is blocked. As such, no Windows updates occur automatically or through any other manner on-line.


That's not my experience with the Stake Admin computer and the Cisco 881W.

I'd think if it was blocked, we'd hear a number of complaints about it, right next to common login complaint.
Have you searched the Wiki?
Try using a Google search by adding "site:tech.lds.org/wiki" to the search criteria.

russellhltn
Community Administrator
Posts: 20762
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Postby russellhltn » Wed Jan 04, 2012 8:34 am

jdlessley wrote:This is not likely for administrative computers behind the Cisco 881W firewall since the Windows update site is blocked. As such, no Windows updates occur automatically or through any other manner on-line.


By any chance, are your computers running Desktop 5.5? That image blocked MS Updates until you install Service Pack 3 for XP on top of it.
Have you searched the Wiki?

Try using a Google search by adding "site:tech.lds.org/wiki" to the search criteria.

jdlessley
Community Moderators
Posts: 6526
Joined: Sun Mar 16, 2008 11:30 pm
Location: USA, TX

Postby jdlessley » Wed Jan 04, 2012 11:31 am

RussellHltn wrote:By any chance, are your computers running Desktop 5.5? That image blocked MS Updates until you install Service Pack 3 for XP on top of it.
No, the system is a Dell 740. After your post I decided to take a closer look at the blocked message page yesterday evening. The sight was not the Windows update site . The "Windows Update" link had been recreated with a URL to some other site. That's the short story. I'm still investigating the situation. With everything restored the update site is not blocked.
JD Lessley
Have you tried finding your answer on the LDS.org Help Center page or the LDSTech wiki?

russellhltn
Community Administrator
Posts: 20762
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Postby russellhltn » Wed Jan 04, 2012 11:33 am

I wonder if it was a Dell update site. Otherwise I'd suspect malware.
Have you searched the Wiki?

Try using a Google search by adding "site:tech.lds.org/wiki" to the search criteria.

jfackerson
Member
Posts: 68
Joined: Mon May 12, 2008 8:34 am
Location: Longview, Washington, USA

Postby jfackerson » Wed Jan 11, 2012 10:29 pm

jedware wrote:Sophos was working on the computer up till last week but now the windows 7 action center is reporting that is it turned off.

When trying to turn back on it states: "This program will not run. Windows did not trust this program because its identity can't be verified"

Doing an update now does not resolve the problem. Any solutions?


Had been working fine for more than about 8 monts, but...
Same thing appeared on our Window OS 7 machine.
This is probably the main reason why we can't transmit with CHQ.
We have no AV protection, so we're not allowed access to Internet.
Dial-up to CHQ went away during installation of Internet.


Return to “Clerk Computers”

Who is online

Users browsing this forum: No registered users and 1 guest