Sophos Anti-virus v10 issues
We have had reports of the current version of Sophos Anti-virus causing some issues with the running of Microsoft SQL server.
This may cause an issue with customers using PDM or the SQL version of Opera.
Sophos are aware of the problem and are working on a fix - in the meantime they have provided the following information which may be helpful.
Please be aware that Pegasus do not supply or support Sophos Anti-virus so following the below steps it entirely at your own risk and should be carried out by a competent IT person.
1. Turn off On-access scanning
Please open Sophos Anti-Virus and go to 'Configure' 'Anti-Virus' 'on-access scanning' and remove the tick from 'Enable on-access scanning' then test. Is the issue resolved by this? Once the test is complete please re-enable the on-access scanning to proceed with the HIPS and BOPS Testing.
2.Turn off just Host Intrusion Prevention (HIPS).
Please open Sophos Anti-Virus and go to 'Configure' 'Anti-Virus' 'Suspicious Behaviour Detection' and untick the 'Detect suspicious behaviour' option. Then Does the problem still persist?
3. Turn off just Buffer Overflow Protection (BOPS)
Please open Sophos Anti-Virus and go to 'Configure' 'HIPS Runtime behaviour analysis...' and re-tick 'Detect suspicious behaviour' and untick 'Detect buffer overflows'. Does the problem still persist?
4. Turn off both HIPS and BOPS
Please open Sophos Anti-Virus and go to 'Configure' 'Anti-Virus' 'Suspicious Behaviour Detection' and untick both 'Detect suspicious behaviour' and 'Detect buffer overflows'. Does the problem still persist?
5. Remove Sophos~1.dll with HIPS and BOPS turned off
Open the registry and backup the below registry key. Locate the AppInit_DLLs registry string within the below key and remove the value data reference to sophos_detoured.dll (it should look similar to C:PROGRA~1sophosSOPHOS~1SOPHOS~1.DLL).
HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWindows
Reboot the machine. Does the problem still persist?
6. Turn of Web Protection.
Please open Sophos Anti-Virus and go to 'Configure' 'Web protection' untick the 'Block access to malicious websites' option.
Also put the download scanning to off
Then reboot the machine. Does the problem still persist?
7, Disable sophos live protection
Please open Sophos Anti-Virus and go to 'Configure'anti-virus - Sophos live protection
Un tick both of the boxes in here
Comments
There are no comments yet
