Running 10.6.4 Removed Intego Antivirus last night, using their uninstaller successfully. Installed Sophos Noted BootCamp Drive issue, so set custom scan to exclude it Ticked "include archives" Besides system drive, I included two external FW drives in the custom scan Began scan (SET TO REPORT ONLY), seemed to run fine. Activity Monitor reported CPU% was occasionally in high 90s, then down to 25% area and back, repeatedly. This did not slow down other computer activity, however. 10 hours later, the scan appears to be stuck with app. the 500,000 something file on the system drive (began with over a million) Activity Monitor reports CPU for SophosAVAgent more or less pinned at 99-100% CPU HOWEVER, the system is not slowed down, I ran Firefox, Activity monitor, switched Spaces: nothing is frozen and nothing seems sluggish despite the Activity Monitor's reading. Nothing in the Quarantine Manager Log shows hourly updates have continued to run all night. No threats, 3 issues. Corrupted files plus I also found another issue in another sophos log window generated about a dmg file with "unrecognized file format" message (mentioned by another poster on this forum about a week ago.) Force Quit does not show Sophos as unresponsive but I used it to quit anyway: Sophos windows closed and Force Quit window no longer lists Sophos. BUT Activity monitor still showed SophosAVAgent (root user) pinned at 99-100% CPU SO, I selected SophosAVAgent and clicked on the stop sign "Quit Process" button of the Activity Manager, which worked. Menu Bar shield icon for Sophos still there and functional I ran sophos again on a single file, (the dmg file) and got the same report about unrecognized file format. I will now uncheck the "scan archives" choice and I will attempt to run custom scan (again excluding the BootCamp partition) on the system drive and then each of the firewire drives, ONE AT A TIME and will report on how that goes later. That is my initial report. TIA :1000623

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

First Scan Failed

mascotca over 14 years ago

Running 10.6.4
Removed Intego Antivirus last night, using their uninstaller successfully.
Installed Sophos
Noted BootCamp Drive issue, so set custom scan to exclude it
Ticked "include archives"
Besides system drive, I included two external FW drives in the custom scan
Began scan (SET TO REPORT ONLY), seemed to run fine.
Activity Monitor reported CPU% was occasionally in high 90s, then down to 25% area and back, repeatedly.
This did not slow down other computer activity, however.
10 hours later, the scan appears to be stuck with app. the 500,000 something file on the system drive (began with over a million)
Activity Monitor reports CPU for SophosAVAgent more or less pinned at 99-100% CPU
HOWEVER, the system is not slowed down, I ran Firefox, Activity monitor, switched Spaces: nothing is frozen and nothing seems sluggish despite the Activity Monitor's reading.
Nothing in the Quarantine Manager
Log shows hourly updates have continued to run all night. No threats, 3 issues. Corrupted files plus I also found another issue in another sophos log window generated about a dmg file with "unrecognized file format" message (mentioned by another poster on this forum about a week ago.)
Force Quit does not show Sophos as unresponsive but I used it to quit anyway: Sophos windows closed and Force Quit window no longer lists Sophos.
BUT Activity monitor still showed SophosAVAgent (root user) pinned at 99-100% CPU
SO, I selected SophosAVAgent and clicked on the stop sign "Quit Process" button of the Activity Manager, which worked.
Menu Bar shield icon for Sophos still there and functional
I ran sophos again on a single file, (the dmg file) and got the same report about unrecognized file format.
I will now uncheck the "scan archives" choice and I will attempt to run custom scan (again excluding the BootCamp partition) on the system drive and then each of the firewire drives, ONE AT A TIME and will report on how that goes later.

That is my initial report.

TIA

This thread was automatically locked due to age.

Parents

0 mascotca over 14 years ago
Well, after scanning each of the three drives mentioned above one at a time:
One of the FW drives completed successfully WITH "archives" checked.
Another FW drive stalled on one file with "archives" checked, so I unchecked it and then that completed after a restart of the scan.
The system drive (this time also with archive unchecked) passed.
So, I guess at this point Sophos has trouble with:
Archives
BootCamp partition
P.S. No viruses etc., just a few "issues": a handful of corrupt files; three files listed as encrypted; and the earlier dmg "unknown file format" issue mentioned in the post at the top of this thread.
P.P.S Finally, the scans that seemed stuck during this second round of testing (and would not quit using just the GUI's X button) WOULD quit using the dropdown menu, which yielded the warning about a scan in progress. So it is possible that I did NOT need to resort to Force Quit like I did the first time round.
HOWEVER, I still had to use the Activity Monitors "Quit Process" button to get SophosAVAgent to stop for real.
That covers my first 24 hours with Sophos Free. Hope this is useful. Depending on response I may be heading back to Intego, which didn't choke on archives at least.
:1000667
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 mascotca over 14 years ago
Well, after scanning each of the three drives mentioned above one at a time:
One of the FW drives completed successfully WITH "archives" checked.
Another FW drive stalled on one file with "archives" checked, so I unchecked it and then that completed after a restart of the scan.
The system drive (this time also with archive unchecked) passed.
So, I guess at this point Sophos has trouble with:
Archives
BootCamp partition
P.S. No viruses etc., just a few "issues": a handful of corrupt files; three files listed as encrypted; and the earlier dmg "unknown file format" issue mentioned in the post at the top of this thread.
P.P.S Finally, the scans that seemed stuck during this second round of testing (and would not quit using just the GUI's X button) WOULD quit using the dropdown menu, which yielded the warning about a scan in progress. So it is possible that I did NOT need to resort to Force Quit like I did the first time round.
HOWEVER, I still had to use the Activity Monitors "Quit Process" button to get SophosAVAgent to stop for real.
That covers my first 24 hours with Sophos Free. Hope this is useful. Depending on response I may be heading back to Intego, which didn't choke on archives at least.
:1000667
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data