• Home
  • Disclaimer
  • Contact
  • Archives
  • About
  • Subscribe
  • Support
  • Advertise

Kernel Talks

Unix, Linux, & Cloud!

  • How-to guides
    • Howto
    • Disk management
    • Configurations
    • Troubleshooting
  • OS
    • HPUX
    • Linux
  • Miscellaneous
    • Software & Tools
    • Cloud Services
    • System services
    • Virtualization
  • Certification Preparations
    • AWS Certified Solutions Architect – Associate
    • AWS Certified Solutions Architect – Professional
    • AWS Certified SysOps Administrator – Associate
    • AWS Certified Cloud Practitioner
    • Certified Kubernetes Administrator
    • Hashicorp Certified Terraform Associate
    • Oracle Cloud Infrastructure Foundations 2020 – Associate
  • Tips & Tricks
  • Linux commands
You are here: Home / Software & Tools

How to install and uninstall Sophos Antivirus in Linux

Published: October 31, 2018 | Modified: June 24, 2020



Short post to learn how to install and uninstall Sophos Antivirus in Linux.

Sophos is a well-known antivirus for Windows, Linux, Mac platforms. Sophos also offers different security solutions along with antivirus. In this post we walk through the install, check and remove Sophos antivirus on Linux systems. You can download Sophos antivirus for Linux for free here.

How to install Sophos Antivirus in Linux

You can transfer the installer downloaded on a laptop or desktop on your Linux server. Or you can use tools like wget to download the installer directly on your Linux server. You can get a Linux installer link from your account on a website.

You will be having Sophos Antivirus with install.sh script within. For non-interactive setup executive script with below switches and you are good to go –

root@kerneltalks # ./install.sh --automatic --acceptlicence /opt/sophos-av
Installing Sophos Anti-Virus....
Selecting appropriate kernel support...

Installation completed.
Your computer is now protected by Sophos Anti-Virus.

Antivirus is successfully installed on your server.

Check current status of Sophos Antivirus

Antivirus runs with service named sav-protect. So you can use normal Linux service status command to check the status of AV service.

root@kerneltalks # service sav-protect status
sav-protect.service - "Sophos Anti-Virus daemon"
   Loaded: loaded (/usr/lib/systemd/system/sav-protect.service; enabled)
   Active: active (running)[0m since Thu 2018-07-19 13:30:50 IST; 3 months 4 days ago
     Docs: man:sav-protect
  Process: 5619 ExecStop=/opt/sophos-av/engine/.sav-protect.systemd.stop.sh (code=exited, status=0/SUCCESS)
  Process: 6287 ExecStartPost=/opt/sophos-av/engine/.sav-protect.systemd.poststart.(code=exited, status=1/FAILURE)
  Process: 5646 ExecStartPre=/opt/sophos-av/engine/.sav-protect.systemd.prestart.sh (code=exited, status=0/SUCCESS)
 Main PID: 6286 (savd)
   CGroup: /system.slice/sav-protect.service
           ├─5842 savscand --incident=unix://tmp/incident --namedscan=unix://root@tmp/namedscansprocessor.397 --ondemandcontrol=socketpair://46/47
           └─6286 savd etc/savd.cfg

Oct 21 17:50:56 kerneltalks savd[6286]: scheduled.scan.log: Scheduled scan "SEC:Weekly scan" completed: master boot records scanned: 0, boot records scanned: 0, files scanned: 968342, scan errors: 0, threats detected: 0, infected files detected: 0
Oct 21 21:38:46 kerneltalks savd[6286]: update.check: Successfully updated Sophos Anti-Virus from \\avserver.kerneltalks.com\SophosUpdate\CIDs\S038\savlinux

You can see the recent two activities as a successful scheduled scan run and virus definition update in the last log lines.

How to uninstall Sophos Antivirus in Linux

Run uninstall.sh script located at /opt/sophos-av to uninstall Sophos Antivirus.

root@kerneltalks # /opt/sophos-av/uninstall.sh
Uninstalling Sophos Anti-Virus.
WARNING: Sophos Anti-Virus still running.
Do you want to stop Sophos Anti-Virus? Yes(Y)/No(N) [N]
> Y

Stopping Sophos Anti-Virus.
Sophos Anti-Virus has been uninstalled.

And AV is un-installed. You can confirm by checking status again which will result in an error.

root@kerneltalks # service sav-protect status
service: no such service sav-protect
⇠ Previous article
Install Ansible in Linux
Next article ⇢
How to disable IPv6 on Linux

Related stuff:

  • Package installation in Linux (YUM,APT & zypper)
  • How to use sudo access in winSCP
  • How to start, stop & restart MariaDB server in Linux
  • What is the difference between su and sudo?
  • SUSE Manager Client registration
  • How to install SSL certificate on Apache running on Linux
  • How to restart Apache server in Linux
  • How to add Oracle Linux public repository in SUSE Manger
  • xsos: a tool to read sosreport in RHEL/CentOS
  • Install and configure checkmk server on Linux
  • Googler : Search google right from your Linux terminal
  • How to check if the package is installed on Linux

Filed Under: Software & Tools Tagged With: check sophos av is running or not, install sophos in linux, remove sophos from linux, uninstall sophos from linux

If you like my tutorials and if they helped you in any way, then

  • Consider buying me a cup of coffee via paypal!
  • Subscribe to our newsletter here!
  • Like KernelTalks Facebook page.
  • Follow us on Twitter.
  • Add our RSS feed to your feed reader.

Share Your Comments & Feedback: Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Get fresh content from KernelTalks

  • Email
  • Facebook
  • RSS
  • Twitter

Get Linux & Unix stuff right into your mailbox. Subscribe now!

* indicates required

This work is licensed under a CC-BY-NC license · Privacy Policy
© Copyright 2016-2021 KernelTalks · All Rights Reserved.
The content is copyrighted to Shrikant Lavhate & can not be reproduced either online or offline without prior permission.