Anti-Virus for Windows

These instructions are primarily for people who want to install Sophos Central Endpoint (Anti-Virus) onto their self-managed or BYOD Microsoft Windows devices. Please check with your local IT Support Staff about anti-virus protection for college and departmental systems as local arrangements often apply, and installing the version intended for personal systems may cause problems.

Table of Contents

  1. Installing Sophos
  2. Checking the status of Sophos
  3. Updating Sophos for the first time
  4. Keeping Sophos up to date
  5. Frequently Asked Questions (FAQ)
  6. Uninstalling Sophos
  7. Further information and documentation from vendor

Installing Sophos

If you haven't already obtained Sophos you can download it via the following link: Please check that your device meets the necessary system requirements needed for installation.

Please note: before installing the Sophos software you must uninstall any other anti-virus software you may have installed on the machine (read the software manufacturer's instructions on how to do this). 

After you have downloaded the file, run it or find the downloaded file and double-click on it. You will see a dialog box with a progress bar as the files are extracted. This may take a minute or two. Run the installer with admin privileges and allow the pre-install checks to run, if advised to restart at this point it's recommended to do so.

Once the files have been extracted the installation screen (shown below) will appear. Click on the 'Install' button to begin the installation.

win sophos 1

The installer will now download the latest package. Once you have started the installation please be patient and wait for it to complete (this may take several minutes). You are not required to help in this process. When the installation has completed you will see the following screen.

win sophos

If the installation was successful we recommend that you restart your computer as Sophos can only enable all features after a restart.

Checking the status of Sophos

Once you have rebooted check that you can see a blue and white shield icon in the system tray (usually in the bottom-right of the screen, near the clock). The shield will probably be hidden and to view it you will need to click on the up-arrow near the clock.

win sophos 4

So long as the shield icon is blue and white as shown then Sophos should be working correctly. However you still need to update it as described below to protect against malware discovered since the installation package was built. Sophos generally pops up status messages from the shield to alert you to problems, as well as to confirm that Sophos is running properly.

Updating Sophos for the first time

Sophos should begin to automatically update immediately after the first reboot of the machine post-installation but we shall detail the method of updating manually. Navigate to the Sophos Endpoint window the click the 'About' option in the lower right hand corner. You will then be presented with the following screen.

win sophos

Click the 'Update Now' button and Sophos will begin to download files and will show you a downloading screen. Once all the necessary files have been downloaded, Sophos will automatically install these files onto your system. A green tick (as above) will appear when the update is complete. From this point on Sophos will try to update itself automatically. You won't see the downloading screen during these automatic updates.

Keeping Sophos up to date

Sophos Endpoint is configured to automatically download and install updates to keep your defences against viruses, trojans, and worms as up-to-date as possible. On networked computers, this occurs once an hour for the Sophos detection engine and every 10 minutes for the threat detection data. 

If either the automatic hourly update or the manual update fails for any reason the shield on the menu bar will have a cross in the middle of it. Your computer does need to be connected to the Internet in order to download updates so if you see this icon when you are not connected this is normal and nothing to be concerned about. When you reconnect to the Internet it may take up to an hour before Sophos tries to update again and the shield returns to normal. In this instance you may wish to 'Update Now' manually to bring the machine back to date promptly.

To find out when the program last updated itself, click on the shield on the menu bar to open Sophos Endpoint, then 'About'. You should see a window showing the last date and time that Sophos was updated.

win sophos date

You can also update Sophos manually at any time by clicking 'Update Now'.

Frequently Asked Questions (FAQ)

Below we have answered a number of Frequently Asked Questions regarding Sophos Anti-Virus for Windows.

How do I run a manual scan?

To scan all files on the computer or server, go to the Status page, then click the 'Scan' button.

win sophos

When the scan is complete, you'll see a summary of the scan results. If threats are detected, you can go to the Events page to see details.

I have an issue with Sophos - how can I get assistance?

In order to report an issue with Sophos Endpoint for Windows on your BYOD device, please speak with the IT Services Service Desk. They can be contacted at or 01865 (2)12345. When reporting this issue it is important to include the following information:

  • Version of Windows
  • Your unique Endpoint ID
  • Version of Sophos

Rather helpfully, all of this information can be found within Sophos itself. In order to find this information, open Sophos Endpoint and navigate to the 'About' section. You should then click the 'Run Diagnostic Tool' button. This will open the Sophos Endpoint Self Help tool.

win sophos 11 green

This tool provides more in-depth detail into Sophos Endpoint and the background process and policies set up for this device. In this instance, please navigate to the 'System' option. You will be presented with a screen detailing system information. We recommend providing these details to the Service Desk when reporting an issue so that they have all the data required to begin an investigation.

Uninstalling Sophos

In order to uninstall Sophos Endpoint, navigate to Apps & Features found under the Apps tab in the Control Panel. When here, search for Sophos.

win sophos

Select "Sophos Endpoint Agent" and click uninstall. Enter your administrator credentials when prompted.

win sophos

Allow Sophos to uninstall all components. It may take some time for the uninstall to complete. When the uninstallation has completed, please restart your computer.

Further information and documentation from vendor

If you encounter any problems there is a Frequently Asked Questions (FAQ) web page with answers to some of the most common issues that people encounter.

Sophos provide full documentation in their Sophos Endpoint for Windows documentation. This has also been provided as a PDF Manual.

Support Contacts

For a personally managed device or for general advice, please contact the IT Services Service Desk.

For a University or Department owned device, please contact your Local IT Support Staff.

IT Support Staff to contact OxCERT.

About this Service

This service is provided by

OxCERT logo

For more details about service governance refer to the service catalogue entry.