Free Tools

Discussions SAV and TimeMachine

Free Tools requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 31 replies
Subscribers 6 subscribers
Views 30060 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SAV and TimeMachine

st181234 over 14 years ago

I installed the SAV for Mac today.

After installation, I made a local drive scan, and It found 4 threats.

I deleted the infected files.

After a while, I got alert from SAV that it denied access to the files, which had been deleted but still in my TimeMachine backup.

Although everything seems alright now, SAV interfered TimeMachine's operation.

Will this corrupt my TimeMachine backup?

This thread was automatically locked due to age.

Parents

0 technorandy over 14 years ago
grahamperrin wrote:
The extract mentions Access to the file denied in a few places, but no mention of clean up or deletion/removal.
For viewing logs, the current version of SAV lacks a view menu. There are three different GUIs for the different classes of log.
Logs exist at the following paths:
/Library/Logs/
maybe just one file, Sophos Anti-Virus.log
~/Library/Logs/Sophos Anti-Virus/Scans
multiple folders, each one of which may contain multiple logs.
Try to find a log that corresponds with the time of the problem.
_____________________________________________________________
I have a total of 2 log files:
/library/logs/Sophos Anti-virus.log (that the previous sample was from) reproduced in its entirety http://pastebin.ca/1994650
and
~/library/logs/Sophos Anti-virus/Scans/Scan This Mac/2010-11-02 18/20/39 +0000.log corresponding to the single full system scan I have done. http://pastebin.ca/1994655
I can see the scan, the files it found that were infected , and some corrupt files. There seems to be no log or entry for the removal of the items that I can see. The generic keygen it found was removed via the quarantine manager in the app
:1000925
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 technorandy over 14 years ago
grahamperrin wrote:
The extract mentions Access to the file denied in a few places, but no mention of clean up or deletion/removal.
For viewing logs, the current version of SAV lacks a view menu. There are three different GUIs for the different classes of log.
Logs exist at the following paths:
/Library/Logs/
maybe just one file, Sophos Anti-Virus.log
~/Library/Logs/Sophos Anti-Virus/Scans
multiple folders, each one of which may contain multiple logs.
Try to find a log that corresponds with the time of the problem.
_____________________________________________________________
I have a total of 2 log files:
/library/logs/Sophos Anti-virus.log (that the previous sample was from) reproduced in its entirety http://pastebin.ca/1994650
and
~/library/logs/Sophos Anti-virus/Scans/Scan This Mac/2010-11-02 18/20/39 +0000.log corresponding to the single full system scan I have done. http://pastebin.ca/1994655
I can see the scan, the files it found that were infected , and some corrupt files. There seems to be no log or entry for the removal of the items that I can see. The generic keygen it found was removed via the quarantine manager in the app
:1000925
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data