New user to Sophos for Mac - problems reported in log

There are certain kinds of files (mostly the types you mentioned) that are container archives which can actually contain different kinds of data.  Sophos appears to not be detecting a few variants, which then get listed as corrupt, because they're similar enough to another variant to validate as that type, but not verify as being complete.  I already have a defect ticket raised against these, so it should be fixed in a future version of the product engine.

Sophos also tends to be more conservative than some others in file validation.  Therefore, a file may run properly on the system it is designed for with the software that normally runs it, but Sophos may identify that the file is actually not sticking to the official specification, and mark it as corrupt.  When you see "corrupt" it is often useful to read that message as "file format is not completely valid" -- the contents may still be perfectly accessible.

That said, I encourage you to submit any files flagged as corrupt, noting that the file is a '"problem file" flagged as corrupt' in the item submission.  This way, if there are some file types not already flagged for update, they can be added to the list.

Two deal breakers for me so I had to uninstall Sophos:

1.  Interferes with SuperDuper! backup

2.  Interferes with Exchange Server 2007 access through Mac Mail.

Until these issues are addressed, which I believe are large problems, at least for me, I won't be able to use Sophos Antivirus for Mac or recommend it to my friends.

Thank you for the feedback!

Out of curiosity, how is it interfering with those products?  I can make a few guesses regarding SuperDuper (the same issues that occur with Time Machine regarding file access and regarding targets that need to be excluded from scanning), but ES 2007 is a bit of a puzzler -- are you finding that the product is denying access to remote Exchange folders that contain malicious emails?

I may have to take back the comment about Exchange 2007.  I was at my mother's house a couple of hours ago and it was working.  This was just after I had uninstalled Sophos so I attributed the fix to a problem with Sophos.  On my mom's wifi, exchange was picking up mail again. It had stopped a couple of days ago and that was when I had installed Sophos.  Now I'm home and I'm having the same problems as I was last night even though Sophos is uninstalled.  There must be a problem with my wifi setup.

The recommendation to uninstall Sophos came from tech support at ShirtPocket software.  The backup is running right now with no problems.  I have to have my daily backup so I'm afraid I still can't install Sophos.

Once again, what precisely was the issue you were having running backups with Sophos installed?  The product is very configurable, and can probably run alongside if the right settings are used and/or folders are excluded from on-access scanning.  Since this is a fairly popular piece of backup software, I'm sure others would also like to know how to run both at the same time.

Were you having backup problems even with On-Access scanning disabled?

I am having the same issue with Sophos for Mac and SuperDuper. The thing is, the problem isn't with SuperDuper but Disk Utility trying to create the image file before running the backup. It appears that Sophos may be causing a timeout to occur during the file creation while it scans the file. I have disabled On-Access and get the same error. Since the file isn't created yet, how can it be added to an exclusion list? I guess I could exclude the whole folder where the backups are saved. This still would not help when On-Access tries to scan the file during backup.

One note, I am now using a "clean install" version of OS X 10.8 Mountain Lion. I didn't have this issue previously, but, I have only upgraded everytime since 10.5, not a clean install. Even after my upgrade from 10.7 to 10.8 it was still working correctly. I had to do a clean install due to an issue with Java, then when I went to do my first backup I ran into this issue.

I've heard of some problems using older SuperDuper versions with Mountain Lion -- you need to be at least at version 2.7 for it to operate correctly.  If On-Access is disabled, it won't be monitoring at all, so this is likely not where the problem lies.  Do the console.app logs for SuperDuper, Sophos, Disk Utility and the syslog shed any light on this?

I am running the latest version of SuperDuper. Here is the information from Console (I have replaced private information with *'s):

8/2/12 7:42:08.189 AM sudo[1002]:     root : TTY=unknown ; PWD=/ ; USER=******** ; COMMAND=/usr/bin/hdiutil create -size 749296.62m -fs HFS+J -volname 2012-08-01 ML Full Backup -ov /Users/********/Documents/**************.sparsebundle
8/2/12 7:42:16.000 AM kernel[0]: hfs: Initializing the journal (joffset 0x16de000 sz 0x4000000)...
8/2/12 7:42:16.336 AM SuperDuper![207]: ISGetIconFamilyFromStorage: seed mismatch for 29c50010, actual seed is 79df4ca
	1   OSServices                          0x970ea1cb _ZL26ISGetIconFamilyFromStoragemPP17CIconStorageArrayPm + 148
	2   OSServices                          0x970eaded _ISIsStorageOnTheVolume + 29
	3   OSServices                          0x9711ce45 _ISIsAnyOfImageStoragesOnTheVolume + 49
	4   LaunchServices                      0x960440d8 _ZN13CIconRefEntry23DataChangedAfterUnmountEs + 28
	5   LaunchServices                      0x96042da3 _ZN13CIconRefArray13UnmountVolumeEs + 75
	6   LaunchServices                      0x960440b4 _ZL21MountNotificationHookP15VolumeNoticeBlk + 45
	7   CarbonCore                          0x95d766a2 _Z29_FSVolumeNotificationCallbacksPK10__CFStringPKvPv + 338
	8   CarbonCore                          0x95d2cf48 _FSVolumeObserverCallback + 176
	9   CoreFoundation                      0x948ff1ef __CFMachPortPerform + 303
	10  CoreFoundation                      0x948ff0a5 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ + 53
	11  CoreFoundation                      0x948fecd2 __CFRunLoopDoSource1 + 146
	12  CoreFoundation                      0x949349c6 __CFRunLoopRun + 2038
	13  CoreFoundation                      0x94933d6a CFRunLoopRunSpecific + 378
	14  CoreFoundation                      0x94933bdb CFRunLoopRunInMode + 123
	15  HIToolbox                           0x90d298aa RunCurrentEventLoopInMode + 242
	16  HIToolbox                           0x90d29619 ReceiveNextEventCommon + 374
	17  HIToolbox                           0x90d29494 BlockUntilNextEventMatchingListInMode + 88
	18  AppKit                              0x992b8a5a _DPSNextEvent + 724
	19  AppKit                              0x992b828c -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 119
	20  AppKit                              0x992ae6dc -[NSApplication run] + 855
	21  AppKit                              0x992518e6 NSApplicationMain + 1053
	22  SuperDuper!                         0x0000211e SuperDuper! + 4382
	23  SuperDuper!                         0x00002045 SuperDuper! + 4165
8/2/12 7:42:16.337 AM SuperDuper![207]: ISGetIconFamilyFromStorage: seed mismatch for 216f0011, actual seed is 408af2e7
	1   OSServices                          0x970ea1cb _ZL26ISGetIconFamilyFromStoragemPP17CIconStorageArrayPm + 148
	2   OSServices                          0x970eaded _ISIsStorageOnTheVolume + 29
	3   OSServices                          0x9711ce45 _ISIsAnyOfImageStoragesOnTheVolume + 49
	4   LaunchServices                      0x960440d8 _ZN13CIconRefEntry23DataChangedAfterUnmountEs + 28
	5   LaunchServices                      0x96042da3 _ZN13CIconRefArray13UnmountVolumeEs + 75
	6   LaunchServices                      0x960440b4 _ZL21MountNotificationHookP15VolumeNoticeBlk + 45
	7   CarbonCore                          0x95d766a2 _Z29_FSVolumeNotificationCallbacksPK10__CFStringPKvPv + 338
	8   CarbonCore                          0x95d2cf48 _FSVolumeObserverCallback + 176
	9   CoreFoundation                      0x948ff1ef __CFMachPortPerform + 303
	10  CoreFoundation                      0x948ff0a5 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ + 53
	11  CoreFoundation                      0x948fecd2 __CFRunLoopDoSource1 + 146
	12  CoreFoundation                      0x949349c6 __CFRunLoopRun + 2038
	13  CoreFoundation                      0x94933d6a CFRunLoopRunSpecific + 378
	14  CoreFoundation                      0x94933bdb CFRunLoopRunInMode + 123
	15  HIToolbox                           0x90d298aa RunCurrentEventLoopInMode + 242
	16  HIToolbox                           0x90d29619 ReceiveNextEventCommon + 374
	17  HIToolbox                           0x90d29494 BlockUntilNextEventMatchingListInMode + 88
	18  AppKit                              0x992b8a5a _DPSNextEvent + 724
	19  AppKit                              0x992b828c -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 119
	20  AppKit                              0x992ae6dc -[NSApplication run] + 855
	21  AppKit                              0x992518e6 NSApplicationMain + 1053
	22  SuperDuper!                         0x0000211e SuperDuper! + 4382
	23  SuperDuper!                         0x00002045 SuperDuper! + 4165
8/2/12 7:42:16.338 AM SuperDuper![207]: ISGetIconFamilyFromStorage: seed mismatch for 251d0012, actual seed is dfd94171
	1   OSServices                          0x970ea1cb _ZL26ISGetIconFamilyFromStoragemPP17CIconStorageArrayPm + 148
	2   OSServices                          0x970eaded _ISIsStorageOnTheVolume + 29
	3   OSServices                          0x9711ce45 _ISIsAnyOfImageStoragesOnTheVolume + 49
	4   LaunchServices                      0x960440d8 _ZN13CIconRefEntry23DataChangedAfterUnmountEs + 28
	5   LaunchServices                      0x96042da3 _ZN13CIconRefArray13UnmountVolumeEs + 75
	6   LaunchServices                      0x960440b4 _ZL21MountNotificationHookP15VolumeNoticeBlk + 45
	7   CarbonCore                          0x95d766a2 _Z29_FSVolumeNotificationCallbacksPK10__CFStringPKvPv + 338
	8   CarbonCore                          0x95d2cf48 _FSVolumeObserverCallback + 176
	9   CoreFoundation                      0x948ff1ef __CFMachPortPerform + 303
	10  CoreFoundation                      0x948ff0a5 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ + 53
	11  CoreFoundation                      0x948fecd2 __CFRunLoopDoSource1 + 146
	12  CoreFoundation                      0x949349c6 __CFRunLoopRun + 2038
	13  CoreFoundation                      0x94933d6a CFRunLoopRunSpecific + 378
	14  CoreFoundation                      0x94933bdb CFRunLoopRunInMode + 123
	15  HIToolbox                           0x90d298aa RunCurrentEventLoopInMode + 242
	16  HIToolbox                           0x90d29619 ReceiveNextEventCommon + 374
	17  HIToolbox                           0x90d29494 BlockUntilNextEventMatchingListInMode + 88
	18  AppKit                              0x992b8a5a _DPSNextEvent + 724
	19  AppKit                              0x992b828c -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 119
	20  AppKit                              0x992ae6dc -[NSApplication run] + 855
	21  AppKit                              0x992518e6 NSApplicationMain + 1053
	22  SuperDuper!                         0x0000211e SuperDuper! + 4382
	23  SuperDuper!                         0x00002045 SuperDuper! + 4165
8/2/12 7:42:16.340 AM SuperDuper![207]: ISGetIconFamilyFromStorage: seed mismatch for 2c6d0013, actual seed is 589b3c9d
	1   OSServices                          0x970ea1cb _ZL26ISGetIconFamilyFromStoragemPP17CIconStorageArrayPm + 148
	2   OSServices                          0x970eaded _ISIsStorageOnTheVolume + 29
	3   OSServices                          0x9711ce45 _ISIsAnyOfImageStoragesOnTheVolume + 49
	4   LaunchServices                      0x960440d8 _ZN13CIconRefEntry23DataChangedAfterUnmountEs + 28
	5   LaunchServices                      0x96042da3 _ZN13CIconRefArray13UnmountVolumeEs + 75
	6   LaunchServices                      0x960440b4 _ZL21MountNotificationHookP15VolumeNoticeBlk + 45
	7   CarbonCore                          0x95d766a2 _Z29_FSVolumeNotificationCallbacksPK10__CFStringPKvPv + 338
	8   CarbonCore                          0x95d2cf48 _FSVolumeObserverCallback + 176
	9   CoreFoundation                      0x948ff1ef __CFMachPortPerform + 303
	10  CoreFoundation                      0x948ff0a5 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ + 53
	11  CoreFoundation                      0x948fecd2 __CFRunLoopDoSource1 + 146
	12  CoreFoundation                      0x949349c6 __CFRunLoopRun + 2038
	13  CoreFoundation                      0x94933d6a CFRunLoopRunSpecific + 378
	14  CoreFoundation                      0x94933bdb CFRunLoopRunInMode + 123
	15  HIToolbox                           0x90d298aa RunCurrentEventLoopInMode + 242
	16  HIToolbox                           0x90d29619 ReceiveNextEventCommon + 374
	17  HIToolbox                           0x90d29494 BlockUntilNextEventMatchingListInMode + 88
	18  AppKit                              0x992b8a5a _DPSNextEvent + 724
	19  AppKit                              0x992b828c -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 119
	20  AppKit                              0x992ae6dc -[NSApplication run] + 855
	21  AppKit                              0x992518e6 NSApplicationMain + 1053
	22  SuperDuper!                         0x0000211e SuperDuper! + 4382
	23  SuperDuper!                         0x00002045 SuperDuper! + 4165
8/2/12 7:42:16.341 AM SuperDuper![207]: ISGetIconFamilyFromStorage: seed mismatch for 29920014, actual seed is 6a93a984
	1   OSServices                          0x970ea1cb _ZL26ISGetIconFamilyFromStoragemPP17CIconStorageArrayPm + 148
	2   OSServices                          0x970eaded _ISIsStorageOnTheVolume + 29
	3   OSServices                          0x9711ce45 _ISIsAnyOfImageStoragesOnTheVolume + 49
	4   LaunchServices                      0x960440d8 _ZN13CIconRefEntry23DataChangedAfterUnmountEs + 28
	5   LaunchServices                      0x96042da3 _ZN13CIconRefArray13UnmountVolumeEs + 75
	6   LaunchServices                      0x960440b4 _ZL21MountNotificationHookP15VolumeNoticeBlk + 45
	7   CarbonCore                          0x95d766a2 _Z29_FSVolumeNotificationCallbacksPK10__CFStringPKvPv + 338
	8   CarbonCore                          0x95d2cf48 _FSVolumeObserverCallback + 176
	9   CoreFoundation                      0x948ff1ef __CFMachPortPerform + 303
	10  CoreFoundation                      0x948ff0a5 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ + 53
	11  CoreFoundation                      0x948fecd2 __CFRunLoopDoSource1 + 146
	12  CoreFoundation                      0x949349c6 __CFRunLoopRun + 2038
	13  CoreFoundation                      0x94933d6a CFRunLoopRunSpecific + 378
	14  CoreFoundation                      0x94933bdb CFRunLoopRunInMode + 123
	15  HIToolbox                           0x90d298aa RunCurrentEventLoopInMode + 242
	16  HIToolbox                           0x90d29619 ReceiveNextEventCommon + 374
	17  HIToolbox                           0x90d29494 BlockUntilNextEventMatchingListInMode + 88
	18  AppKit                              0x992b8a5a _DPSNextEvent + 724
	19  AppKit                              0x992b828c -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 119
	20  AppKit                              0x992ae6dc -[NSApplication run] + 855
	21  AppKit                              0x992518e6 NSApplicationMain + 1053
	22  SuperDuper!                         0x0000211e SuperDuper! + 4382
	23  SuperDuper!                         0x00002045 SuperDuper! + 4165
8/2/12 7:42:16.342 AM SuperDuper![207]: ISGetIconFamilyFromStorage: seed mismatch for 28a80015, actual seed is 58fb25fb
	1   OSServices                          0x970ea1cb _ZL26ISGetIconFamilyFromStoragemPP17CIconStorageArrayPm + 148
	2   OSServices                          0x970eaded _ISIsStorageOnTheVolume + 29
	3   OSServices                          0x9711ce45 _ISIsAnyOfImageStoragesOnTheVolume + 49
	4   LaunchServices                      0x960440d8 _ZN13CIconRefEntry23DataChangedAfterUnmountEs + 28
	5   LaunchServices                      0x96042da3 _ZN13CIconRefArray13UnmountVolumeEs + 75
	6   LaunchServices                      0x960440b4 _ZL21MountNotificationHookP15VolumeNoticeBlk + 45
	7   CarbonCore                          0x95d766a2 _Z29_FSVolumeNotificationCallbacksPK10__CFStringPKvPv + 338
	8   CarbonCore                          0x95d2cf48 _FSVolumeObserverCallback + 176
	9   CoreFoundation                      0x948ff1ef __CFMachPortPerform + 303
	10  CoreFoundation                      0x948ff0a5 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ + 53
	11  CoreFoundation                      0x948fecd2 __CFRunLoopDoSource1 + 146
	12  CoreFoundation                      0x949349c6 __CFRunLoopRun + 2038
	13  CoreFoundation                      0x94933d6a CFRunLoopRunSpecific + 378
	14  CoreFoundation                      0x94933bdb CFRunLoopRunInMode + 123
	15  HIToolbox                           0x90d298aa RunCurrentEventLoopInMode + 242
	16  HIToolbox                           0x90d29619 ReceiveNextEventCommon + 374
	17  HIToolbox                           0x90d29494 BlockUntilNextEventMatchingListInMode + 88
	18  AppKit                              0x992b8a5a _DPSNextEvent + 724
	19  AppKit                              0x992b828c -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 119
	20  AppKit                              0x992ae6dc -[NSApplication run] + 855
	21  AppKit                              0x992518e6 NSApplicationMain + 1053
	22  SuperDuper!                         0x0000211e SuperDuper! + 4382
	23  SuperDuper!                         0x00002045 SuperDuper! + 4165
8/2/12 7:42:16.344 AM SuperDuper![207]: ISGetIconFamilyFromStorage: seed mismatch for 2c0e0016, actual seed is c5345beb
	1   OSServices                          0x970ea1cb _ZL26ISGetIconFamilyFromStoragemPP17CIconStorageArrayPm + 148
	2   OSServices                          0x970eaded _ISIsStorageOnTheVolume + 29
	3   OSServices                          0x9711ce45 _ISIsAnyOfImageStoragesOnTheVolume + 49
	4   LaunchServices                      0x960440d8 _ZN13CIconRefEntry23DataChangedAfterUnmountEs + 28
	5   LaunchServices                      0x96042da3 _ZN13CIconRefArray13UnmountVolumeEs + 75
	6   LaunchServices                      0x960440b4 _ZL21MountNotificationHookP15VolumeNoticeBlk + 45
	7   CarbonCore                          0x95d766a2 _Z29_FSVolumeNotificationCallbacksPK10__CFStringPKvPv + 338
	8   CarbonCore                          0x95d2cf48 _FSVolumeObserverCallback + 176
	9   CoreFoundation                      0x948ff1ef __CFMachPortPerform + 303
	10  CoreFoundation                      0x948ff0a5 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ + 53
	11  CoreFoundation                      0x948fecd2 __CFRunLoopDoSource1 + 146
	12  CoreFoundation                      0x949349c6 __CFRunLoopRun + 2038
	13  CoreFoundation                      0x94933d6a CFRunLoopRunSpecific + 378
	14  CoreFoundation                      0x94933bdb CFRunLoopRunInMode + 123
	15  HIToolbox                           0x90d298aa RunCurrentEventLoopInMode + 242
	16  HIToolbox                           0x90d29619 ReceiveNextEventCommon + 374
	17  HIToolbox                           0x90d29494 BlockUntilNextEventMatchingListInMode + 88
	18  AppKit                              0x992b8a5a _DPSNextEvent + 724
	19  AppKit                              0x992b828c -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 119
	20  AppKit                              0x992ae6dc -[NSApplication run] + 855
	21  AppKit                              0x992518e6 NSApplicationMain + 1053
	22  SuperDuper!                         0x0000211e SuperDuper! + 4382
	23  SuperDuper!                         0x00002045 SuperDuper! + 4165
8/2/12 7:42:18.263 AM SuperDuper![207]: ***ERROR OCCURRED: ****FAILED****: result=256 errno=0 (Undefined error: 0)
8/2/12 7:45:23.302 AM coreservicesd[28]: Application App:"Sophos Anti-Virus" [ 0x0/0x35035]  @ 0x0x7fcdf94e64c0 tried to be brought forward, but isn't in fPermittedFrontASNs ( ( ASN:0x0-0x36036:) ), so denying.
8/2/12 7:45:23.302 AM WindowServer[82]: [cps/setfront] Failed setting the front application to Sophos Anti-Virus, psn 0x0-0x35035, securitySessionID=0x186a4, err=-13066

Also, once I uninstalled Sophos for Mac the backup with SuperDuper worked without issue.