Sophos Antivirus enterprise edition

**phoenix211984** · 29-06-2006

just a quick query. Has anybody experienced sophos antivirus apparently removing itself from the server despite still having registry entries for it. I have been suspended from the school where i work because the headteacher and an independent computer consultancy company have alleged that i have removed the antivirus software. I am just looking for anyone that has experienced a similar event who is willing to give a statement to support my innocence.

**VopThis** · 29-06-2006

Sorry to hear of your problem. Your suspicion and possible explanation may be very hard to prove. Surely, vendors have adequate safeguards in place to prevent such a possibility especially on a SERVER. Consider the possibility that someone else (deemed to be you or using your compromised password) accessed the computer and manually uninstalled Sophos. That is a more likely explanation.

Suggest that you send Sophos an email asking whether it is THEORETICALLY possible to remove thier AV tool using a properly crafted script or batch file without having any user inaction needed.

It shouldn't be that easy, if possible at all. I could see where your school wouldn't believe that as a possible explanation. That would be a big problem flaw if such actions are possible and a very valuable hacker tool indeed. And Sophos, potentially, should be very interested to learn of such a vulnerability possibility.

Sophos Antivirus enterprise edition

Sophos Antivirus enterprise edition

Similar Threads

Problem installing language pack in office 2007 enterprise

Google Desktop search enterprise edition with Xp

xp media edition

Sophos intradaily update 06/06/2005 (20:49)

Sophos Virus Cleaner Tool 3.95.0 - July 2005