Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 6 subscribers
  • Views 21465 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

scan quietly abandoned

deipnosophista

I'm running OS10.8.5 and Sophos 8.0.21C; Energy Saver is not set to induce sleep mode when there is no input.  I've tried to run a number of scans over the past week or so, but the last scan Sophos recognises was in October.  On each occasion the scan starts and proceeds normally, but Sophos closes spontaneously after an hour or so before the scan is finished. 

:1015033


This thread was automatically locked due to age.
  • 0

    Thanks for the screenshot.

    So what (generally) is on the Seagate drive?  Is this full of zip files, compressed files, application bundle files, etc?  Or maybe it is just Time Machine backups?

    If Seagate is just TM backups:

    If it's just Time Machine backups I'd suggest not scanning it - all the backups are encrypted and have a complex structure.  The backups naturally expire when space is required and if you try to restore a malicious file from a backup the on-access scanner will grab during the restore.  Exclude the volume (/Volumes/Seagate/) from all other scans.

    If Seagate is full of files:

    If the volume is just full of files then consider that the screenshot shows there are nearly 7 million files still to be scanned - and the scan is already a quarter the way through.  So it looks like there are tons of files on there and yes, the scanner will take it's time working through them.

    1. Cancel the scan.
    2. Look on the drive for files and folders you recognize and can delete - have a good clear out.
    3. In the scan settings uncheck the compressed files option (see screenshot below).
    4. Run another scan and see how far it gets.

    If the volumes has loads and loads of files then you may have to split the scan up and configure Sophos to scan sub-folders of the volume - all depends on how you have the folder structure laid out.

    ---

    2013-12-19_10-40-21.png

    :1015131
  • 0

    It's Time Machine backups.  I'll take your advice. But I don't understand it when you say "if you try to restore a malicious file from a backup the on-access scanner will grab during the restore" - if there is an on-access scanner which grabs incoming problems, why doesn't it catch all those phishing emails as they arrive in my inbox, eliminating the need to root them out afterwards?  

    :1015133
  • 0
    ruckus wrote:

    ...and if you try to restore a malicious file from a backup the on-access scanner will grab during the restore.

    I meant to say that by not scanning the backups you will still be protected.  If you decided to restore a file it will be written to the local disk and the on-access scanner will scan it at that point.

    :1015135