Sophos Antivirus?

Discussion in 'other anti-virus software' started by light50, Aug 28, 2006.

Thread Status:
Not open for further replies.
  1. light50

    light50 Registered Member

    Joined:
    Feb 23, 2006
    Posts:
    30
    anyone ever used it? i would like to know your opinions on this antivirus :).. couldn't find a recent review on it and i can't exactly test it's detection rate at home. And what about features?
     
  2. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    It is actualy an enterprise av. It targets the needs of a corporate environment. It is not really set up for home use.
     

    Attached Files:

  3. Ngwana

    Ngwana Registered Member

    Joined:
    Jul 5, 2006
    Posts:
    156
    Location:
    Glasgow, United Kingdom
    As already mentioned, it is really an enterprise biased AV and it is good as it gets. A very short review of the latest version can be found at:

    http://www.pcpro.co.uk/reviews/92195/sophos-antivirus-enterprise-6.html

    The Sophos Labs are very busy and you can judge from secunia.com that they find/recieve more new virus samples compared to most of their compettition. :D
     
  4. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    BigC is right. Many companies have license agreement to provide their employees with the free Sophos AV copy (for home use).

    Not being able to top the detection chart is one of the biggest reason you don’t see many tests on Sophos. Otherwise it’s a very easy AV to deploy and manage.


    tD
     
  5. Chubb

    Chubb Registered Member

    Joined:
    Aug 9, 2005
    Posts:
    1,967
    While it is an enterprise AV, you can still purchase the single user license online (Web download), but it is very expensive!!! Sophos AntiVirus 6.0.3 supports Windows XP x64.
     

    Attached Files:

  6. light50

    light50 Registered Member

    Joined:
    Feb 23, 2006
    Posts:
    30
    i found a trial for desktops, going to try it out and see from there :)
     
  7. Chubb

    Chubb Registered Member

    Joined:
    Aug 9, 2005
    Posts:
    1,967
  8. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi,folks: just gave it a test run w/ mostly recent updates. Test was done in frozen mode of DeepFreeze. Upon installation(strange enough, no reboot required), it flagged DeepFreeze as virus,mal/packer. I use DF to shield malware from entering, now I have AV telling me, that piece of defence is a thing I try to fend off. This reminds me of a similar incident, where GMER(anti-rootkits app) spotted FD-ISR as a rootkit. Perhaps some security apps do not like to share the same platform w/ other sandbox/virturalization apps. Have someone here had similiar encounter? Or just me, Or luckily just F.P. Sophos does not have forum and do not know their tech support will respond to trial run.o_O
     
  9. EraserHW

    EraserHW Malware Expert

    Joined:
    Oct 19, 2005
    Posts:
    588
    Location:
    Italy
    nothing but a questionable generic detection from Sophos. Mal/Packer is a generic detection from Sophos Antivirus that flags every executable packed with a "strange" runtime packer as a possible malware. In this case, if I remember right, DeepFreeze executable is packed with ExeCryptor, that's used with a lot of malware. So Sophos detected it as a possible malware. Nothing more than this ;) There's no war between av companies and other apps...well, at least nothing coming from the scenario you've drawn ;)

    Best regards,

    Marco
     
  10. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks: thanks Marco. This detection will spell out a misfortune for Sophos. Just because DeepFreeze is widely used by educational institutions, libraries and large corporations. Hope that folks @ Sophos have seen this and act accordingly. :'(
     
  11. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Runtime Packer detection being reported as Mal/Packer is delusional IMO. Other than this stupid feature, the Sophos engine is actually quite good. It is not meant for home users, but Webroot will soon come out with an AV for home users based on Sophos engine. :)
     
  12. Chubb

    Chubb Registered Member

    Joined:
    Aug 9, 2005
    Posts:
    1,967
    Hi Perman,

    I also think it is a FP of Sophos, maybe because the packing of DeepFreeze is something like virus packing activity. I have been using Sophos for some time recently and I am lucky that I don't get any FP for my applications. If you contact them and tell them that their product has a FP, I think they would be more than happy to investigate the issue for you. You may give it a try and submit your query here:

    http://www.sophos.com/support/query/

    I submitted a query on their Sophos Anti-Rootkit some time ago using this form and I received a very quick response on it.
     
  13. Chubb

    Chubb Registered Member

    Joined:
    Aug 9, 2005
    Posts:
    1,967
    The Sophos engine in Spy Sweeper 5.2 (realtime) do not have any conflicts with KAV 6.0.303 realtime so far, which is quite encourging. I will turn the Sophos engine off some time after testing for compability and conflicts.
     
  14. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,531
    Location:
    Sneffels volcano
    Nice explanation. I can confirm this behavior when I installed the trial of this product 2 months back.

    I guess Sophos wants to get rid of all these 'runtime packers' that are not needed on a corporate/enterprise environment :D

    _____________________________________________________________________________________________________________
     
  15. MalwareDie

    MalwareDie Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    500
    Sophos has below average detection rates so I wouldn't get it. Yiu can check it out on the last comparative on avtest
     
  16. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,531
    Location:
    Sneffels volcano
    Can't seem to find latest comparative on AV-Test.org, I only see 3rd party reviews o_O

    _______________________________________________________________________________________________________
     
  17. MalwareDie

    MalwareDie Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    500
  18. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,531
    Location:
    Sneffels volcano
  19. MalwareDie

    MalwareDie Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    500
  20. dan_maran

    dan_maran Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    1,053
    Location:
    Stamford, CT
    Last edited: Feb 7, 2007
  21. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,531
    Location:
    Sneffels volcano
    Last edited: Feb 8, 2007
  22. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,531
    Location:
    Sneffels volcano
  23. MalwareDie

    MalwareDie Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    500

    Lol stupid google translation. How did they get Web Which ago...
     
  24. MalwareDie

    MalwareDie Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    500
    Whoops sorry I noticed i didn't give you the latest test. likuidkewl did though so I guess its fine
     
  25. octogen

    octogen Registered Member

    Joined:
    Feb 11, 2002
    Posts:
    212
    I'm guessing that it split washer into "was" and "her". Although, generally, "was" means "what", it can, in some instances, mean "which" and "her" means "ago". Still, LOL. :D
     
Loading...
Thread Status:
Not open for further replies.