Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 12 replies
  • Subscribers 6 subscribers
  • Views 23115 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New to Sophos - what is actually running?

iwisa

Hi,

I need to install AV software on to a Mac running Snow Leopard that is used for audio recording with Pro Tools.  How do I configure Sophos so that it is not constantly running (using up CPU) as PT needs as much CPU as possible.  I only need to to manually scan external drives when they are connected so the system itself does not need constant monitoring.  I read on one forum post here that Sophos is constantly checking the system and it's folders - is there a way to turn all of this off?

Thanks!

:1005635


This thread was automatically locked due to age.
  • 0

    Back when the flash malware came out I did all the scans Apple instructed and believed all three of our machines were clean.

    Today after doing a full Sophos scan (that took overnight), the system tells me I have OSX/Flshplyr-D in five locations on my time machine backup drive, though thankfully nothing in my hard drive.

    Here's what I am reading:

    Threat:    OSX/Flshplyr-D
    Date:        Dec 6, 2013 11:06 AM
    Path and filename:
    /Volumes/Time Machine Backups/Backups.backupdb/Robert Wilson’’’’s iMac/2012-03-29-092109/Macintosh HD/Users/robertwilson/.sunupdate,
    /Volumes/Time Machine Backups/Backups.backupdb/Robert Wilson’’’’s iMac/2012-04-11-082740/Macintosh HD/Users/robertwilson/.sunupdate,
    /Volumes/Time Machine Backups/Backups.backupdb/Robert Wilson’’’’s iMac/2012-04-25-105948/Macintosh HD/Users/robertwilson/.sunupdate,
    /Volumes/Time Machine Backups/Backups.backupdb/Robert Wilson’’’’s iMac/2012-05-02-104853/Macintosh HD/Users/robertwilson/.sunupdate,
    /Volumes/Time Machine Backups/Backups.backupdb/Robert Wilson’’’’s iMac/2012-05-10-155554/Macintosh HD/Users/robertwilson/.sunupdate

    When I go to the time machine files for each instance above, I am not seeing the last item in the path called /.sunupdate

    The only thing I see is an alias for SendRegistration that has the time/datestamp indicated above. WHen I go to the original file it brings me to the SendUpdate application from when I purchased the machine.

    I cannot create a custom scan for these paths, as the paths as listed in the quarantine manager does not look like what I am seeing in the time machine backups.

    What should I do? Thanks everyone -

    :1014867
  • 0

    Files that start with a dot (period) are hidden in Finder.  Maybe try switching on hidden files with a Terminal command outside TM, locate the file in TM and delete, then switch the view hidden files off again?

    1. Open the Terminal.
      2013-11-13_19-39-32.png

    2. Run the following command:

      defaults write com.apple.finder AppleShowAllFiles TRUE;killall Finder
    3. Enter Time Machine.
    4. Go to the location of the detected file and delete it.
    5. Exit Time Machine.

    6. Run the following command to hide files again:

      defaults write com.apple.finder AppleShowAllFiles FALSE;killall Finder
    :1014871