Sophos Home Updated. Need Your Feedback!

Discussion in 'other anti-virus software' started by Alex_Sophos, May 23, 2016.

  1. cavehomme

    cavehomme Registered Member

    Joined:
    May 19, 2010
    Posts:
    124
    I asked this question last week on a support chat session. They confirmed it was fully compatible. However, I've had several issues with Sophos Home related to browsing so uninstalled it. Also noticed that their detection is not better than Windows Defender recently, so WD + Hitmanpro.alert seems a good combination for the meantime.
     
  2. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    776
    Location:
    Melbourne, Australia
    Is that a reflection of WD's improvement or Sophos not being that great? Sophos, in my mind, is one of those companies that you expect a stellar performance as the norm, yet they don't do that great in published tests.
     
  3. plat1098

    plat1098 Guest

    I agree. Sometimes, it's better to sit back and watch for a little while, with a decent, time-tested and smooth-running configuration.
     
  4. snippits

    snippits Registered Member

    Joined:
    Jun 19, 2011
    Posts:
    194
    @Alex_Sophos

    Could you tell the developers to remove the Sophos update user account that is left behind in the Local Users and Groups when Sophos is uninstalled. This happens on Windows 10.

    While using another security suite, the Sophos created account shows up as an account while setting up Parental Control which had me puzzled for a bit. Found the account, deleted it, and all is fine now.
     
  5. cavehomme

    cavehomme Registered Member

    Joined:
    May 19, 2010
    Posts:
    124
    I'm running Sophos Home on just one PC at the moment. Yesterday it warned of malware and indicated that it could not be automatically removed so I would need to do it manually, the alert is -

    Manual cleanup required: 'Mal/HckPk-A' at 'C:\Windows\CryptoGuard\EA33C206'

    After searching on the internet it seems that this folder is created by Hitmanpro.alert? HMP.a has not found nor quarantined any malware, as far as I am aware. I uploaded this data file to Virustotal and Sophos was the only AV which detected this file as malware, so very likely it's a false positive and one more indication that Sophos and HMP / alert still do not sit together comfortably.

    Second point - in trying to stop Sophos from alerting on this file and release it from its grip to upload to VT for a second opinion was way too difficult. It's not possible to do this entirely inside the client, needed to go to the online account and deal with it there by temporarily disabling AV protection (the paradox of being online and needing to disable AV protection was an obvious risk).

    The next step was to try and get Sophos Home to ignore / except this false-positive file and generally ignore C:\Windows\CryptoGuard location to avoid further issues. Adding the exception location is not straightforward, the Sophos web interface does not interact with windows explorer therefore I had to seperately search for the location / folders in windows explorer, copy the location, go back into the browser and paste the location and file names into the Sophos Home online account. Simply too many steps and possibility of errors.

    There needs to be an "ignore" or some other function like in other AVs. Some functions need to be in the client software not online, although I do understand that it's done this way to restrict users from doing anything and instead allow the remote IT person to have full control, but surely there is a better way that can be designed.

    Overall, with the mediocre detection rate, issues running alongside Hitmanpro and alert, very clunky and frustrating experience adding exceptions and needing to go online to do it, well it's not so good at the moment, I'm losing too much time on this and I feel like a beta tester.

    Hope Sophos can more quickly grasp these issues that various people are reporting and fix them quickly. I think you have a good concept but the implementation can be a lot better. As far as detection is concerned, you really need to link up with some of these smaller guys out there who keep coming out in the lead on virustotal detections of zero day malware and with very few false positives.
     
    Last edited: Sep 13, 2016
  6. cavehomme

    cavehomme Registered Member

    Joined:
    May 19, 2010
    Posts:
    124
    I don't want to get into an A vs B discussion. Both products are now equal on detection, and both are equally acceptable to me from a detection perspective when paired with the other layer of HMP/alert. I use both of them in diferent scenarios / user types.
     
  7. cavehomme

    cavehomme Registered Member

    Joined:
    May 19, 2010
    Posts:
    124
    It's nearly 4 months later, do you have any further updates?
     
  8. cavehomme

    cavehomme Registered Member

    Joined:
    May 19, 2010
    Posts:
    124

    I think it's unrealistic to be able to download without registration since a key part of the solution is the web based control panel.

    Personally, if someone offers me their professional-grade product for free then a simple act of registering my email details with them is the least courtesy and gratitude that I can extend to them. Even if I end up not staying with their product it gives me a good and free insight and testing of alternatives and allows me a wider range of free solutions to choose what's best for me.

    Thank you Sophos for an interesting and completely free product, even if I am having a frustrating experience at the moment and feeling like a beta tester rather than a happily oblivious end-user ;)
     
  9. Alex_Sophos

    Alex_Sophos Registered Member

    Joined:
    Feb 9, 2016
    Posts:
    52
    I'll let them know in our meeting today. Thanks for letting me know.
     
  10. Alex_Sophos

    Alex_Sophos Registered Member

    Joined:
    Feb 9, 2016
    Posts:
    52
    Yep! I posted about a week back about it: "I'm happy to let everyone know that a quarantine/restore/"ask before you delete" function is in the works for Sophos Home. Confirmed it with the product team today. Still a few months out. Thanks for everyone's feedback on that."
     
  11. Users of free version don't get support, reason: I accepted terms when installing the software. I have no problem with that, would be more transparent when they had mentioned that on post where they offered support.
     
  12. cavehomme

    cavehomme Registered Member

    Joined:
    May 19, 2010
    Posts:
    124
    Any update on the meeting, in general terms? I'd like to know more about the interoperability issue with HMPpro / alert which I highlighted above. If there is no support for home users and we get no answers here, it would be good to know that at least someone is looking at these things and considerating them.
     
  13. Alex_Sophos

    Alex_Sophos Registered Member

    Joined:
    Feb 9, 2016
    Posts:
    52
    I sent all the recent comments on this forum to the engineers. There was discussion about why the issues were occurring and scheduling time to have a more in depth look at them. The best way to see progress is to communicate with the via the Sophos Home community/support forum. Just need to create a forum user account and post. The engineers regularly engage with users on the forum and will sometimes PM users to get really in depth on the issue.
     
  14. cavehomme

    cavehomme Registered Member

    Joined:
    May 19, 2010
    Posts:
    124
    Great, thanks for the update Alex. I'm especially keen to have Sophos and HitmanPro and Alert work without faults.

    By the way, I noticed that detection rates improved in August according to the latest AV Comparatives test.
     
  15. solitarios

    solitarios Registered Member

    Joined:
    Mar 28, 2016
    Posts:
    110
    Not pass the test of phishing AMTSO all other tests if happens.
     
  16. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,130
    Location:
    Germany
  17. ance

    ance formerly: fmon

    Joined:
    May 5, 2013
    Posts:
    1,298
    Very nice but still autodelete without quarantine? I hope there won't be a false positive again ... :doubt:
     
  18. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    764
    Location:
    USA
    Dealbreaker!!!
     
  19. ance

    ance formerly: fmon

    Joined:
    May 5, 2013
    Posts:
    1,298
    Is there a planned release date for "ask before delete" setting? It's like introducing a new car but the brakes will come a few months later ... :(

    Furthermore I'm still getting warnings from the windows security center while sophos is updating, please fix it finally.
     
  20. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    7,357
    I just tested this. I really don't like the lack of configuations options, and that it installs six different programs. I'd prefer it if there as only one program to uninstall. Also, it seemed a bit heavy for my liking.

    It does very badly at detecting PUPs (it misses the majority of them), which may or may not be an issue depending on your point of view. However, on the plus side, the few PUPs it detected were correctly identified as PUPs and not as malware or trojans.
     
  21. ance

    ance formerly: fmon

    Joined:
    May 5, 2013
    Posts:
    1,298
    Performance is good without web protection but I hate autoquarantine.
     
  22. treehouse786

    treehouse786 Registered Member

    Joined:
    Jun 6, 2010
    Posts:
    1,410
    Location:
    Lancashire
    this especially
     
  23. rollers

    rollers Registered Member

    Joined:
    Sep 13, 2004
    Posts:
    473
    Ive been using it for months now on three machines and find it very light and forget it is there
     
  24. Jadda

    Jadda Registered Member

    Joined:
    Jun 5, 2007
    Posts:
    428
    Does this integrate any of the HitmanPro technology?
     
  25. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,561
    I don't think so as of yet
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.