Sophos Virus Disabled in Windows 7

Discussions around the setup, operation, replacement, and disposal of clerk computers, not to include using MLS
jedware
New Member
Posts: 24
Joined: Sun Jul 04, 2010 2:53 pm
Location: Sandy, UT USA

Sophos Virus Disabled in Windows 7

#1

Post by jedware »

Sophos was working on the computer up till last week but now the windows 7 action center is reporting that is it turned off.

When trying to turn back on it states: "This program will not run. Windows did not trust this program because its identity can't be verified"

Doing an update now does not resolve the problem. Any solutions?
User avatar
Mikerowaved
Community Moderators
Posts: 4734
Joined: Sun Dec 23, 2007 12:56 am
Location: Layton, UT

#2

Post by Mikerowaved »

The first thing I would so is scan your PC for dormant viruses. They can sometimes disable popular AV products that they find. I suggest using a product like Malwarebytes for this.

If that reports it's clean, the next step would be to uninstall/reinstall Sophos and see if that helps the problem.
So we can better help you, please edit your Profile to include your general location.
jedware
New Member
Posts: 24
Joined: Sun Jul 04, 2010 2:53 pm
Location: Sandy, UT USA

#3

Post by jedware »

Mikerowaved wrote:The first thing I would so is scan your PC for dormant viruses. They can sometimes disable popular AV products that they find. I suggest using a product like Malwarebytes for this.

If that reports it's clean, the next step would be to uninstall/reinstall Sophos and see if that helps the problem.


Did scan and nothing appeared so I did reinstall and that particular error message is gone but now new message in action center seems to indicate Sophos is not installed even though Icon is in systray and all services are running.

It appears as though Sophos is no longer correctly interacting with the action center and reinstalling just disabled all interaction to the point it doesn't see that Sophos is installed.

I checked the forums and the only think is points to is checking the ""Sophos Anti-Virus Status Reporter" service is running.

I can turn off further messages but was curious if anyone else is seeing this on Windows 7?
JamesAnderson
Senior Member
Posts: 773
Joined: Tue Jan 23, 2007 2:03 pm

#4

Post by JamesAnderson »

This also has been noted, and appears to have been since November that I saw three machines in my FHC seem to lose the Sophos icon.

I've usually been able to clean-install Sophos and things show normal again.

Since it was at an FHC, I simply used the deployment portal to force the clean-install, since it opens the installer for Sophos if the software is already on the machine. Then I have to run the updater by forcing the update, usually the next time the FHC is open is when I force things through to be sure I catch everything.

Someone said they heard that some piece of antivirus software or scanner somewhere is itself calling Sophos a problem item, which is obviously false, just what or who is doing this I don't know.

Another possibility is the Microsoft Malicious Software Removal Tool may be doing something too. Unconfirmed, but worth looking into, it gets updated at the same time that Microsoft sends out the patches each month, and it only appears to have happened since the November updates, if not the December one.
jdlessley
Community Moderators
Posts: 9858
Joined: Mon Mar 17, 2008 12:30 am
Location: USA, TX

#5

Post by jdlessley »

JamesAnderson wrote:Another possibility is the Microsoft Malicious Software Removal Tool may be doing something too. Unconfirmed, but worth looking into, it gets updated at the same time that Microsoft sends out the patches each month, and it only appears to have happened since the November updates, if not the December one.
This is not likely for administrative computers behind the Cisco 881W firewall since the Windows update site is blocked. As such, no Windows updates occur automatically or through any other manner on-line. I can't verify whether this is the same for administrative computers behind the Cisco PIX 501 or the Cisco ASA 5505. The ASA 5505 may have the same blocking configuration as the 881W.
JD Lessley
Have you tried finding your answer on the ChurchofJesusChrist.org Help Center or Tech Wiki?
russellhltn
Community Administrator
Posts: 34418
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#6

Post by russellhltn »

jdlessley wrote:This is not likely for administrative computers behind the Cisco 881W firewall since the Windows update site is blocked. As such, no Windows updates occur automatically or through any other manner on-line.

That's not my experience with the Stake Admin computer and the Cisco 881W.

I'd think if it was blocked, we'd hear a number of complaints about it, right next to common login complaint.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
russellhltn
Community Administrator
Posts: 34418
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#7

Post by russellhltn »

jdlessley wrote:This is not likely for administrative computers behind the Cisco 881W firewall since the Windows update site is blocked. As such, no Windows updates occur automatically or through any other manner on-line.

By any chance, are your computers running Desktop 5.5? That image blocked MS Updates until you install Service Pack 3 for XP on top of it.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
jdlessley
Community Moderators
Posts: 9858
Joined: Mon Mar 17, 2008 12:30 am
Location: USA, TX

#8

Post by jdlessley »

RussellHltn wrote:By any chance, are your computers running Desktop 5.5? That image blocked MS Updates until you install Service Pack 3 for XP on top of it.
No, the system is a Dell 740. After your post I decided to take a closer look at the blocked message page yesterday evening. The sight was not the Windows update site . The "Windows Update" link had been recreated with a URL to some other site. That's the short story. I'm still investigating the situation. With everything restored the update site is not blocked.
JD Lessley
Have you tried finding your answer on the ChurchofJesusChrist.org Help Center or Tech Wiki?
russellhltn
Community Administrator
Posts: 34418
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#9

Post by russellhltn »

I wonder if it was a Dell update site. Otherwise I'd suspect malware.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
jfackerson
Member
Posts: 72
Joined: Mon May 12, 2008 9:34 am
Location: Longview, Washington, USA

#10

Post by jfackerson »

jedware wrote:Sophos was working on the computer up till last week but now the windows 7 action center is reporting that is it turned off.

When trying to turn back on it states: "This program will not run. Windows did not trust this program because its identity can't be verified"

Doing an update now does not resolve the problem. Any solutions?

Had been working fine for more than about 8 monts, but...
Same thing appeared on our Window OS 7 machine.
This is probably the main reason why we can't transmit with CHQ.
We have no AV protection, so we're not allowed access to Internet.
Dial-up to CHQ went away during installation of Internet.
Post Reply

Return to “Clerk Computers”