Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 3513 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos protection disabled

Nelsaidi

Hey,

First of all I'm a Uni student using Sophos Endpoint on my computer for anti virus protection.

The software checks for updates every hour or so, and updates sucesfully when there is an update, However I have just hovered my mouse over the icon and it reads "Sophos protection disabled" - The Icon is blue, it is fully up to date and I cannot see any reason as to this?

Does this mean I am not protected against viruses? I have on access/on read checks enabled, will they not be performed? And how can I remedy this?

Thanks alot,

Nels

:2660


This thread was automatically locked due to age.
  • 0

    Hi,

    I have a couple of tests you can try to confirm the state:

    1. If you launch the interface of Sophos Endpoint Security, in the top left "Status" section, does it say on-access is "Enabled"?  If so, this is probably a more accurate representation of the status than the shield icon as the shield icon (almon.exe) could just be out of sync with SAV.  

    2. If the above test shows on-access to be "Enabled", I would suggest opening Windows Task Manager and killing the process "Almon.exe", if you then hover over the shied icon in the system tray, this will force a repaint and it should disappear.  You can then relaunch "Almon.exe" from the "Startup" folder in the "Start" menu.  If you hover over it again, is the correct state reflected?

    3. Obtain a copy of eicar.com (the test file designed to test if AV software is working from:

    http://eicar.org/anti_virus_test_file.htm

    This should trigger an alert from SAV and give you confidence you are protected.  

    I hope these tests help.

    Thanks

    JAK

    :2663
  • 0

    My remote guess is that you can't connect for whatever reason (using misconfigured WLAN instead of wired NIC?) to your university's internal Sophos update server. Due to the lack of communication to the Sophos server your local Sophos installation doesn't know if it's up to date or missing out the latest virus definition updates (IDEs) and that's why it shows you the red X.

    If you connect properly to your university's network (right IP, right subnet etc) and force an Update the red X should go away.

    :2670
Unfiltered HTML