Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 6 subscribers
  • Views 4319 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

External Drive Scanning FOREVER! + Can't Clean Up Threat + Windows OS???

Beak81

Running Sophos Anti-Virus Version 8.0.16C on Mac OSX 10.6.8

-------------------------------------------------------------------------------------

1: Running a Custom scan on my external hard Drive (Formac brand) and although I left it to 'do its thing' all night its still only done about a quarter of the items. Would like to know if this is normal, and also what is a good practise for external hard-drives if its going to take so long every time please?

2: Also I have 2 Threats detected in the quarnatine manager but on unlocking the padlock the "Clean Up Threat" button doesn't become active even though I'm clicked on one of the threats.

3: Dont' understand why on clicking on a Threat in the Q- Manager it takes me to a web page where I'm told that the offending Operating System is WINDOWS even though 'Action Available' says Restart Mac....? ie is Restarting all I really need to do here please? (See screen Grab) 

Any enlightenment appreciated! Thanks Andrew in UK

:1013503


This thread was automatically locked due to age.
Parents
  • 0

    0. Upgrade to version 9.


    1. Depends on the configuration of the scan you're running, the number and type of files on the drive and even the drive speed.


    If you need to post back include the summary of the scan starting: Right click on the custom scan in the scans window (somewhere near the scan now button) and click 'view scan log' which opens Console. Example:

    Scan name: "a custom scan"
Scan items:
Path: / enabled: yes
Exclusions: 
Path: "/Volumes/Time Machine"
Configuration:
Scan inside archives and compressed files: Yes
Automatically clean up threats: No
Action on infected files: Report only
Live Protection enabled: Yes

    If the drive has a lot of jar/compressed/archive files then double click the custom scan (somewhere around the 'Scan Now' button and on the 'Options' tab uncheck the 'scan inside archives and compressed files'.

    From the screen grab you provided the current file being scanned is 'RealPlayerSP.dmg' - dmg is a complex file with tons of files inside of it hence it will be slow.


    If the RPM of the drive is low…buy an SSD drive :smileywink:


    2. Maybe the file is no longer there and even though the quarantine manager is showing it. You can always clear all the item and run another scan (configured to exclude archives as mentioned above). See 3 first though.


    3. Sophos AV for Mac scans for Windows malware too. Hence this scan has found a few files that are no threat to your Mac, but could hurt a Windows computer if you plugged the drive into a Windows computer that doesn't have AV protection of its own. If you never take the drive near a Windows computer you could leave the files on the drive and they won't cause a problem. That said, it's better to remove them.


    Sometimes a reboot is required. Do try it.


    Ultimately you can see the problem files for Mal/FakeAV-EW (as that's the one highlighted in your grab) and so you can just go and delete the Windows executable files manually...

    /Users/andrewrob/Documents/DOCS/DONGLE/MARNUO/guzu.exe
/Volumes/07710775621/.Trashes/501/MARNUO/guzu.exe
/Volumes/07710775621/MARNUO/guzu.exe

    Not sure what's detected for netsky-p.

    :1013509
Reply
  • 0

    0. Upgrade to version 9.


    1. Depends on the configuration of the scan you're running, the number and type of files on the drive and even the drive speed.


    If you need to post back include the summary of the scan starting: Right click on the custom scan in the scans window (somewhere near the scan now button) and click 'view scan log' which opens Console. Example:

    Scan name: "a custom scan"
Scan items:
Path: / enabled: yes
Exclusions: 
Path: "/Volumes/Time Machine"
Configuration:
Scan inside archives and compressed files: Yes
Automatically clean up threats: No
Action on infected files: Report only
Live Protection enabled: Yes

    If the drive has a lot of jar/compressed/archive files then double click the custom scan (somewhere around the 'Scan Now' button and on the 'Options' tab uncheck the 'scan inside archives and compressed files'.

    From the screen grab you provided the current file being scanned is 'RealPlayerSP.dmg' - dmg is a complex file with tons of files inside of it hence it will be slow.


    If the RPM of the drive is low…buy an SSD drive :smileywink:


    2. Maybe the file is no longer there and even though the quarantine manager is showing it. You can always clear all the item and run another scan (configured to exclude archives as mentioned above). See 3 first though.


    3. Sophos AV for Mac scans for Windows malware too. Hence this scan has found a few files that are no threat to your Mac, but could hurt a Windows computer if you plugged the drive into a Windows computer that doesn't have AV protection of its own. If you never take the drive near a Windows computer you could leave the files on the drive and they won't cause a problem. That said, it's better to remove them.


    Sometimes a reboot is required. Do try it.


    Ultimately you can see the problem files for Mal/FakeAV-EW (as that's the one highlighted in your grab) and so you can just go and delete the Windows executable files manually...

    /Users/andrewrob/Documents/DOCS/DONGLE/MARNUO/guzu.exe
/Volumes/07710775621/.Trashes/501/MARNUO/guzu.exe
/Volumes/07710775621/MARNUO/guzu.exe

    Not sure what's detected for netsky-p.

    :1013509
Children
No Data