On Access Scanning suddenly disabled

All I can think of is if it was on SAV 8.x and we pushed out an update to that and then, because it is 10.6, it was forced to upgrade to v 9.0.11 - that's what happened recently.

I had the 9.0.8. Did you mean that the on access scanner kext was from the old 8 and that kext was updated finally with the new 9.0.11? Never installed the old 8. I do see it's the 9.0.11 now (at least on ML.) Anyway if that's what happened, it was a bunged up job of updating.

I have a similar problem. I am running Mac OS 10.6.8. Sophos is updated to version 9.0.11. The on-access scan was suddenly disabled yesterday, and I cannot re-enable it.  When I open Sophos preferences, On Access tab, it says that "on access scanner is off". I click the lock to make changes, then I click "Start Scanning", but nothing happens. I cannot turn the On Access back on. I attached a screen shot of the Preferences. Please advise. What should I do?

1. Reboot.

2. Try the commands from the bottom of page three of this thread...

http://openforum.sophos.com/t5/Sophos-Anti-Virus-for-Mac-Home/Sophos-for-Mac-on-access-scanning-disabled/td-p/12610/highlight/true/page/3

Interesting that this was on 10.6.8, which is where I also encountered this problem--coudln't get on-access scanning going again, no matter what I tried, including hitting the Start Scanning button. Wonder if this is a 10.6 specific updating bug? Had no problem updating from 10.8.5.

FWIW, my fix was to uninstall then reinstall the 9.0.8, the zip for which I had saved. Next, I did a manual update, which brought it to the 9.0.11. If you uninstall then reinstall by getting the 9.0.11 directly, then maybe you won't have to force the updating, as I had to.

EDIT: didn't think of trying to re-load the LaunchDaemon. That's what I'd try first, according to Ruckus's directions.

Ruckus, while we're at it, I have several questions about versions and numbering.

This is what I'm seeing for About  from the app itself.

Before the update to the 9.0.11, I think Threat data was at 4.98. But what I'm finding really puzzling is that there are two different Sophos apps in /Applications, Sophos.app at 9.0.1 and the Home Edition at 9.0.8. How did I get these two, and besides, why is the Home Edition app listed here, or in Get Info, at 9.0.8, even after the update to 9.0.11? (This screenshot is from the 10.8.5. The 10.6.8, after updating to 9.0.11, shows only the Home Edition app at 9.0.8.)

Hi,

I just suddeny, this morning, got an alert saying that the Sophos On-Access scanner wasn't running. Went to Sophos Preferences and confirmed that was the case, but also found that trying to start it doesn't work for me either. AFAIK, it has been working - I certainly haven't seen that alert before. I have v9.0.11 and this Mac is still running Mac OS X 10.6.8 (only wishing I could find the three uninterrupted days that I know from experience I would need to do the full, clean install of 10.9 and all my apps!)

Anyway, in the course of investigating, I also noticed that I have about 80 (eighty!) iterations of launchctl in the process table (running hierarchically under launchd/uc). I'm not sure if that's related to the problems with SAV?

I'm guessing that a reboot well might fix the problem, so I'll try that after I've posted this. But I'm somewhat mystified as to why this has suddenly happened now. I'm quite sure that SAV has been at version 9.0.11 since sometime back in 2013 - and the dates on the app don't contradict that belief, although Finder does report the app as version 9.0.1 for some reason, whilst the app's About pane confirms 9.0.11 - why???

Postscript:

I rebooted and that did indeed fix the problem, but I'd still prefer to know what caused it!

Before I rebooted, I did notice one other thing that seemed very odd to me. Activity Monitor was showing total system activity at 55-60%, yet the process list only showed processes totalling around 25% CPU and they were mostly user processes. I have no idea how there could be system process CPU activity without it being shown which specific processes were active!

By the time I rebooted, there were more than 200 launchctl processes listed (never using any cumulative CPU resource). Now, more than 24 hours after rebooting, there are no launchctl processes listed at all, nor have I seen any.