Sophos quarantine manager: Should I "Clear from list"?

Discussions around the setup, operation, replacement, and disposal of clerk computers, not to include using MLS
ulupoi
Member
Posts: 66
Joined: Mon Jan 24, 2011 2:21 am
Location: California, USA

Sophos quarantine manager: Should I "Clear from list"?

Postby ulupoi » Mon Jan 24, 2011 2:34 am

1. Once Sophos quarantines something, does it still pose a threat?

2. What do we do with the items in the Quarantine Manager? The church's installation of Sophos doesn't seem to allow us to clean up or delete anything. I keep getting pop-up windows with warnings about viruses that I assume are the result of not dealing with the items in quarantine. Should I just use "Clear from list" to remove them from the Quarantine Manager list? Does "Clear from list" remove the items from the Quarantine Manager list without removing them from quarantine? Of course, I don't want to let those bad boys loose again.

3. How do I update Sophos on dial-up computers? (I'm an assistant stake clerk. Some of the computers in the stake are on dial-up, and others are on-line via DSL.)

4. How do I update LANDesk on dial-up computers?

User avatar
Mikerowaved
Community Moderators
Posts: 3132
Joined: Sun Dec 23, 2007 12:56 am
Location: Layton, UT

Postby Mikerowaved » Mon Jan 24, 2011 12:29 pm

ulupoi wrote:1. Once Sophos quarantines something, does it still pose a threat?

No. Once it's quarantined it's safe.

ulupoi wrote:2. What do we do with the items in the Quarantine Manager? The church's installation of Sophos doesn't seem to allow us to clean up or delete anything. I keep getting pop-up windows with warnings about viruses that I assume are the result of not dealing with the items in quarantine. Should I just use "Clear from list" to remove them from the Quarantine Manager list? Does "Clear from list" remove the items from the Quarantine Manager list without removing them from quarantine? Of course, I don't want to let those bad boys loose again.

You can ignore them. They aren't posing a threat anymore.

ulupoi wrote:3. How do I update Sophos on dial-up computers? (I'm an assistant stake clerk. Some of the computers in the stake are on dial-up, and others are on-line via DSL.)

They should update automatically. The PC's on dial-up are at a slightly lower risk, since they connect directly to the church servers, bypassing the internet. They are still susceptible to things like flash drives with malware, etc.

ulupoi wrote:4. How do I update LANDesk on dial-up computers?

LANDesk will be updated as needed by CHQ. I don't think we need to worry about it.
So we can better help you, please edit your Profile to include your general location.

ulupoi
Member
Posts: 66
Joined: Mon Jan 24, 2011 2:21 am
Location: California, USA

Postby ulupoi » Mon Jan 24, 2011 12:57 pm

Thank you for your help, Mikerowaved. Is it safe to "Clear from list" the items in the Quarantine Manager?

User avatar
Mikerowaved
Community Moderators
Posts: 3132
Joined: Sun Dec 23, 2007 12:56 am
Location: Layton, UT

Postby Mikerowaved » Mon Jan 24, 2011 2:06 pm

OK, I seriously misspoke on my previous post and I apologize. I did some testing with a "safe" virus in a virtual machine environment and it appears Sophos doesn't actually MOVE the suspected virus file to a quarantined area like other major AV programs do. The virus appears to be still alive and kicking, even though it's on the quarantine list.

Clearing the list tells Sophos to basically ignore what it found, so that's NOT a good option. The only way to properly deal with what it found is to delete it, but you can only do that within Sophos if you are using an account that is part of the SophosAdministrator group and the Sophos install routine only puts the account that installed it into that group, which is most likely, the Administrator account.

I see two ways to deal with this...


  1. Login using the Administrator account, open Sophos and kill any threats on the list.
  2. Double-click on the "Details" section of each listed malware. For each one, Sophos will open Windows Explorer in the folder where the malware exists. Find them and delete them manually.
Once all are deleted, re-run a full scan.
So we can better help you, please edit your Profile to include your general location.

ulupoi
Member
Posts: 66
Joined: Mon Jan 24, 2011 2:21 am
Location: California, USA

Postby ulupoi » Mon Jan 24, 2011 3:30 pm

Just got off the phone with Local Unit Support. This is what I was told.

ulupoi wrote:1. Once Sophos quarantines something, does it still pose a threat?


No.

ulupoi wrote: 2. What do we do with the items in the Quarantine Manager? The church's installation of Sophos doesn't seem to allow us to clean up or delete anything. I keep getting pop-up windows with warnings about viruses that I assume are the result of not dealing with the items in quarantine. Should I just use "Clear from list" to remove them from the Quarantine Manager list? Does "Clear from list" remove the items from the Quarantine Manager list without removing them from quarantine? Of course, I don't want to let those bad boys loose again.


You can leave them there. You can also use "Clear from list" as this will remove them from the Quarantine Manager List but not remove them from quarantine.

ulupoi wrote:3. How do I update Sophos on dial-up computers? (I'm an assistant stake clerk. Some of the computers in the stake are on dial-up, and others are on-line via DSL.)


You don't. Sorry, no updates.

ulupoi wrote:4. How do I update LANDesk on dial-up computers?


Again, no updates.

harddrive
Member
Posts: 445
Joined: Thu Jan 03, 2008 7:52 pm

Postby harddrive » Tue Jan 25, 2011 6:29 am

The only way to update Sophos and other stuff on a dial up computer is to download them to a USB flashdrive and then install it from there.

ulupoi
Member
Posts: 66
Joined: Mon Jan 24, 2011 2:21 am
Location: California, USA

Postby ulupoi » Tue Jan 25, 2011 9:40 am

I used to do that with Norton, but I don't know how to do that with Sophos or LANDesk.

russellhltn
Community Administrator
Posts: 20777
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Postby russellhltn » Tue Jan 25, 2011 10:31 am

harddrive wrote:The only way to update Sophos and other stuff on a dial up computer is to download them to a USB flashdrive and then install it from there.


Except that the church has not made any updates available. The only thing on mls.lds.org is now over a year old.

Last I checked, there was no way from the Sophos website to do that.

I have seen Sophos update over dial-up, but it's slow and hit or miss. I suspect the further behind it gets, the more likely it will fail to update.
Have you searched the Wiki?
Try using a Google search by adding "site:tech.lds.org/wiki" to the search criteria.


Return to “Clerk Computers”

Who is online

Users browsing this forum: No registered users and 1 guest