Anti-Virus Upgrades (Autumn 2020)

From MRC Centre for Outbreak Analysis and Modelling
Revision as of 16:22, 26 October 2020 by Admin (talk | contribs)
Jump to navigation Jump to search

Introduction

Imperial College has been using a combination of MalwareBytes and Symantec security software to protect our computers for many years. Changes in licensing costs have forced Imperial College to switch to another supplier for both of these services. Sophos combines the best of both into one package for a lower price.

We need to have Symantec Endpoint Protection removed from all DIDE computers by the end of October 2020.

We need to have MalwareBytes removed from all DIDE computers (desktops and laptops) by the end of November 2020.

Please read all of this before you begin, to avoid surprises.

The Procedure (overview)

These steps must be followed exactly and in sequence, and they apply to all operating systems. Only move on to the next step if the current one isn't applicable to you (e.g. you don't have MalwareBytes installed).

  1. Copy (but don't run!) the Sophos installer file to your computer (from the T:\IT\Antivirus folder on the DIDE network if installing on a departmental DIDE PC, or from this link if installing on a PC/laptop at home, which needs your username@ic.ac.uk login.).
  2. Uninstall MalwareBytes software:
    1. Uninstall MalwareBytes Anti-Exploit (if installed).
    2. Uninstall MalwareBytes Anti-Malware (if installed).
  3. Uninstall Symantec Endpoint Protection.
  4. Important: Restart your computer.
  5. Important: Check that Symantec and MalwareBytes are really uninstalled from your PC (especially from your Mac).
  6. Install Sophos package which you downloaded in step 1 by double-clicking on the installer file.
  7. Important: Restart your computer.

That's all there is to it. If all has gone well, you now have no yellow Symantec shield and instead have a blue and white Sophos shield.

The Procedure (specifics)

We assume that you are running a Windows 10 computer. If you're running a Mac you can uninstall MalwareBytes and Symantec by dragging the application icon into your recycle bin and restarting your Mac. Then see the extra Mac-specific notes at the bottom of this page.

  1. Press your Windows key (usually bottom left, between CTRL and ALT) to open the Windows 10 menu and type "Add or remove programs". Click on that menu item.
  2. Scroll down to MalwareBytes and uninstall any items you see there (you may see the main client plus another called Anti-Exploit; uninstall both).
  3. You will be prompted to restart your computer, but you don't need to until we've also uninstalled Symantec.
  4. Scroll down further to Symantec and uninstall Symantec Endpoint Protection. If you also have their Encryption software don't uninstall that!
  5. This will prompt you to restart your computer. You definitely have to restart now or the next step will break your computer.
  6. Do not proceed past here until you have confirmed that any MalwareBytes software and Symantec Endpoint Protection have been uninstalled, and you've restarted your computer.
  7. Now that you've restarted your computer you can install the Sophos software. This will warn you that it will take about ten minutes and require a restart. It will, and it does.
    1. Computer on the wired DIDE network: The installer is in the T:\IT\Antivirus folder.
    2. Other computers: The installer link is here.
  8. Restart your computer when prompted to by the Sophos software.

If all has gone well, you now have no yellow Symantec shield and instead have a blue and white Sophos shield.

Mac-Specific notes

Macs are more awkward these days with their extra security warnings and checks (it's rather like running Windows Vista). See this page for all the extra Mac steps.