On the quarantain window, I get an empty path for an infected file. Even after I authenticate as admin. (see http://dl.dropbox.com/u/323146/sophos.jpg )
I try to access the journal, but the menu is grayed....
Cleaning the menace fails : the window hangs...
This menace shows up every day and I don't know how to get rid of it... please help.
This doesn't really address your issue, but it provides some context:
JS/Sinowal-V is a malicious javascript embedded in web pages, and is commonly found on fraud/phishing pages and SEO poison pages. It attempts to load malware onto your computer via a hidden iFrame injected via the script into the web page, that points to the actual malicious site.
The place where I've seen the behaviour you're experiencing is when Safari caches the malicious file, on-access detects it, safari clears it from the cache, and then re-loads it. The detection now still exists, but the original path name of the first cache file no longer points to a file on the system. The back end SHOULD still list the new path, but I too have seen instances where it is blank instead.
Hopefully this is enough of a bug description for the developer folk to track down; I suspect that it's still not enough to recreate the issue however.
On the plus side, purging your web cache should clear all copies of this malware. If the item still exists in Quarantine after that, please remove it from the list and then run a custom scan over your ~/Library/Caches folder.
HEllo, Thanks
Does not help me much :
com.sophos.intercheck: 2012-01-27 10:39:23 +0100 Menace : 'JS/Sinowal-V' détecté dans
com.sophos.intercheck: 2012-01-27 10:54:53 +0100 Menace : 'JS/Sinowal-V' détecté dans
com.sophos.intercheck: 2012-01-27 11:04:07 +0100 Menace : 'JS/Sinowal-V' détecté dans
com.sophos.intercheck: 2012-01-27 11:47:03 +0100 Menace : 'JS/Sinowal-V' détecté dans
com.sophos.intercheck: 2012-01-27 11:55:50 +0100 Menace : 'JS/Sinowal-V' détecté dans
com.sophos.intercheck: 2012-01-27 13:02:11 +0100 Menace : 'JS/Sinowal-V' détecté dans
com.sophos.intercheck: 2012-01-27 14:45:30 +0100 Menace : 'JS/Sinowal-V' détecté dans
com.sophos.intercheck: 2012-01-27 15:42:54 +0100 Menace : 'JS/Sinowal-V' détecté dans
com.sophos.intercheck: 2012-01-27 17:52:49 +0100 Menace : 'JS/Sinowal-V' détecté dans
com.sophos.intercheck: sinow-au.ide
com.sophos.intercheck: 2012-01-27 21:43:13 +0100 Menace : 'JS/Sinowal-V' détecté dans
I'm looking for what's after the "détecté dans" (translates "dectected in")....
Any clue..
Also, I found 3 to 5 daily crashes of Sophos in the Console... Could this be related ? here is the latest :
Process: SophosAntiVirus [60961]
Path: /Library/Sophos Anti-Virus/SophosAntiVirus.app/Contents/MacOS/SophosAntiVirus
Identifier: SophosAntiVirus
Version: ??? (???)
Code Type: X86 (Native)
Parent Process: launchd [1]
Date/Time: 2012-01-30 09:20:51.081 +0100
OS Version: Mac OS X 10.7.2 (11C74)
Report Version: 9
Crashed Thread: 0 Dispatch queue: com.apple.main-thread
Exception Type: EXC_BREAKPOINT (SIGTRAP)
Exception Codes: 0x0000000000000002, 0x0000000000000000
Application Specific Information:
*** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: '*** -[__NSArrayM insertObject:atIndex:]: object cannot be nil'
*** Call stack at first throw:
(
0 CoreFoundation 0x9534ad87 __raiseError + 231
1 libobjc.A.dylib 0x96851149 objc_exception_throw + 155
2 CoreFoundation 0x95253f06 -[__NSArrayM insertObject:atIndex:] + 150
3 SUMScanKit 0x00039d39 -[SUMScanScope insertObject:inScanItemsAtIndex:] + 281
4 Foundation 0x98a00330 NSKVOInsertObjectAtIndexAndNotify + 358
5 SUMScanKit 0x00039bd5 -[SUMScanScope insertScanItemsFromArray:atIndex:] + 144
6 SophosAntiVirus 0x00017cd2 -[SAVQuarantineRescanner startScanWithPaths:] + 89
7 SophosAntiVirus 0x00018025 +[SAVQuarantineRescanner rescanFiles:afterRootFullScan:rescanner:] + 109
8 SophosAntiVirus 0x000100ee -[SAVQuarantineServer rescanAllThreatsAfterFullRootScanCompleted:] + 188
9 SophosAntiVirus 0x00010030 -[SAVQuarantineServer rescanAllThreats] + 34
10 SophosAntiVirus 0x0001056f -[SAVQuarantineServer rescanTimerFireMethod:] + 154
11 Foundation 0x989c4d03 __NSFireTimer + 166
12 CoreFoundation 0x95262996 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 22
13 CoreFoundation 0x95262327 __CFRunLoopDoTimer + 743
14 CoreFoundation 0x952413e0 __CFRunLoopRun + 1888
15 CoreFoundation 0x952408ec CFRunLoopRunSpecific + 332
16 CoreFoundation 0x95240798 CFRunLoopRunInMode + 120
17 Foundation 0x98973607 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 273
18 SophosAntiVirus 0x00006358 nsrunloop_run + 252
19 SophosAntiVirus 0x00003588 main + 764
20 SophosAntiVirus 0x000020cb _start + 209
21 SophosAntiVirus 0x00001ff9 start + 41
)
objc[60961]: garbage collection is OFF
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 com.apple.CoreFoundation 0x9534ac77 ___TERMINATING_DUE_TO_UNCAUGHT_EXCEPTION___ + 7
1 libobjc.A.dylib 0x96851149 objc_exception_throw + 155
2 com.apple.CoreFoundation 0x9524098d CFRunLoopRunSpecific + 493
3 com.apple.CoreFoundation 0x95240798 CFRunLoopRunInMode + 120
4 com.apple.Foundation 0x98973607 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 273
5 com.Sophos.SophosServer 0x00006358 nsrunloop_run + 252
6 com.Sophos.SophosServer 0x00003588 main + 764
7 com.Sophos.SophosServer 0x000020cb _start + 209
8 com.Sophos.SophosServer 0x00001ff9 start + 41
Thread 1:: Dispatch queue: com.apple.libdispatch-manager
0 libsystem_kernel.dylib 0x90e3b90a kevent + 10
1 libdispatch.dylib 0x97d1bc58 _dispatch_mgr_invoke + 969
2 libdispatch.dylib 0x97d1a6a7 _dispatch_mgr_thread + 53
Thread 2:: com.apple.CFSocket.private
0 libsystem_kernel.dylib 0x90e3ab42 __select + 10
1 com.apple.CoreFoundation 0x9528f195 __CFSocketManager + 1557
2 libsystem_c.dylib 0x90ec9ed9 _pthread_start + 335
3 libsystem_c.dylib 0x90ecd6de thread_start + 34
Thread 3:
0 libsystem_kernel.dylib 0x90e38c22 mach_msg_trap + 10
1 libsystem_kernel.dylib 0x90e381f6 mach_msg + 70
2 com.apple.CoreFoundation 0x952380ea __CFRunLoopServiceMachPort + 170
3 com.apple.CoreFoundation 0x95241214 __CFRunLoopRun + 1428
4 com.apple.CoreFoundation 0x952408ec CFRunLoopRunSpecific + 332
5 com.apple.CoreFoundation 0x95251611 CFRunLoopRun + 129
6 com.Sophos.SophosServer 0x00005360 ss_worker_run + 127
7 libsystem_c.dylib 0x90ec9ed9 _pthread_start + 335
8 libsystem_c.dylib 0x90ecd6de thread_start + 34
Thread 4:
0 libsystem_kernel.dylib 0x90e3b02e __workq_kernreturn + 10
1 libsystem_c.dylib 0x90ecbccf _pthread_wqthread + 773
2 libsystem_c.dylib 0x90ecd6fe start_wqthread + 30
Thread 5:
0 libsystem_kernel.dylib 0x90e3b02e __workq_kernreturn + 10
1 libsystem_c.dylib 0x90ecbccf _pthread_wqthread + 773
2 libsystem_c.dylib 0x90ecd6fe start_wqthread + 30
Thread 0 crashed with X86 Thread State (32-bit):
eax: 0x00000001 ebx: 0x0285f001 ecx: 0x00000001 edx: 0x00000000
edi: 0x00566460 esi: 0x968510bf ebp: 0xbffff468 esp: 0xbffff460
ss: 0x00000023 efl: 0x00000286 eip: 0x9534ac77 cs: 0x0000001b
ds: 0x00000023 es: 0x00000023 fs: 0x00000000 gs: 0x0000000f
cr2: 0x000c8000
Logical CPU: 2
Binary Images:
0x1000 - 0x1eff7 +com.Sophos.SophosServer (7.3.5 - 7.3.5) <38663C33-ABB1-F6C4-632D-7F9A91F19BDD> /Library/Sophos Anti-Virus/SophosAntiVirus.app/Contents/MacOS/SophosAntiVirus
0x31000 - 0x53ff7 +com.sophos.sum.scan.kit (7.3.2 - 7.3.2) <87DB8998-42FE-F4E7-9AD6-7A4D01D9BEA0> /Library/Frameworks/SUMScanKit.framework/Versions/A/SUMScanKit
0x8fef0000 - 0x8ff229c7 dyld (195.5 - ???) <134323A7-49DC-3A9D-ACFD-32FAD0FD6BA2> /usr/lib/dyld
0x9003c000 - 0x9003dff7 libquarantine.dylib (36.0.0 - compatibility 1.0.0) <70782AEC-8933-3EB4-91CA-E44C0E768C90> /usr/lib/system/libquarantine.dylib
0x90087000 - 0x90092fff libkxld.dylib (??? - ???) <088640F2-429D-3368-AEDA-3C308C4EB80C> /usr/lib/system/libkxld.dylib
0x90e22000 - 0x90e40ff7 libsystem_kernel.dylib (1699.22.73 - compatibility 1.0.0) <D32C2E9C-8184-3FAF-8694-99FC619FC71B> /usr/lib/system/libsystem_kernel.dylib
0x90e4c000 - 0x90e54ff3 libunwind.dylib (30.0.0 - compatibility 1.0.0) <E8DA8CEC-12D6-3C8D-B2E2-5D567C8F3CB5> /usr/lib/system/libunwind.dylib
0x90e6d000 - 0x90f38fff libsystem_c.dylib (763.12.0 - compatibility 1.0.0) <1B0A12B3-DAFA-31E2-8F82-E98D620E4D72> /usr/lib/system/libsystem_c.dylib
0x90fa3000 - 0x90fb7ff7 com.apple.CFOpenDirectory (10.7 - 144) <665CDF77-F0C9-3AFF-8CF8-64257268B7DD> /System/Library/Frameworks/OpenDirectory.framework/Versions/A/Frameworks/CFOpenDirectory.framework/Versions/A/CFOpenDirectory
0x91174000 - 0x911d6ff3 libstdc++.6.dylib (52.0.0 - compatibility 7.0.0) <266CE9B3-526A-3C41-BA58-7AE66A3B15FD> /usr/lib/libstdc++.6.dylib
0x911d7000 - 0x911e0fff libc++abi.dylib (14.0.0 - compatibility 1.0.0) <FEB5330E-AD5D-37A0-8AB2-0820F311A2C8> /usr/lib/libc++abi.dylib
0x9123f000 - 0x9134eff7 libsqlite3.dylib (9.6.0 - compatibility 9.0.0) <90D36793-04A5-3BFF-BE83-EEEDCBEDC756> /usr/lib/libsqlite3.dylib
0x9134f000 - 0x91503ff3 libicucore.A.dylib (46.1.0 - compatibility 1.0.0) <6AD14A51-AEA8-3732-B07B-DEA37577E13A> /usr/lib/libicucore.A.dylib
0x91551000 - 0x91561ff7 libCRFSuite.dylib (??? - ???) <CE616EF3-756A-355A-95AD-3472A876BEB9> /usr/lib/libCRFSuite.dylib
0x922b9000 - 0x922c1ff5 libcopyfile.dylib (85.1.0 - compatibility 1.0.0) <A1BFC320-616A-30AA-A41E-29D7904FC4C7> /usr/lib/system/libcopyfile.dylib
0x9264f000 - 0x92650fff libsystem_blocks.dylib (53.0.0 - compatibility 1.0.0) <B04592B1-0924-3422-82FF-976B339DF567> /usr/lib/system/libsystem_blocks.dylib
0x92d5a000 - 0x92d5fff7 libmacho.dylib (800.0.0 - compatibility 1.0.0) <56A34E97-518E-307E-8218-C5D43A33EE34> /usr/lib/system/libmacho.dylib
0x92d60000 - 0x92d60ff2 com.apple.CoreServices (53 - 53) <7CB7AA95-D5A7-366A-BB8A-035AA9E582F8> /System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices
0x93912000 - 0x93979fff libc++.1.dylib (19.0.0 - compatibility 1.0.0) <3AFF3CE8-14AE-300F-8F63-8B7FB9D4DA96> /usr/lib/libc++.1.dylib
0x93b7b000 - 0x93c63fff libxml2.2.dylib (10.3.0 - compatibility 10.0.0) <ED3F5E83-8C76-3D46-B2FF-0D5BDF8970C5> /usr/lib/libxml2.2.dylib
0x93c64000 - 0x93c6bffd com.apple.NetFS (4.0 - 4.0) <D0D59145-D211-3E7C-9062-35A2833FA99B> /System/Library/Frameworks/NetFS.framework/Versions/A/NetFS
0x93cb1000 - 0x93cb2ff7 libsystem_sandbox.dylib (??? - ???) <BC0A04E9-4F28-3BC8-AA7B-63C3451E9212> /usr/lib/system/libsystem_sandbox.dylib
0x93cb3000 - 0x93cfafff com.apple.SystemConfiguration (1.11.1 - 1.11) <CA6CE2B6-DC18-31FF-9668-70BB2FD8D7BB> /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration
0x94387000 - 0x9438aff7 libmathCommon.A.dylib (2026.0.0 - compatibility 1.0.0) <69357047-7BE0-3360-A36D-000F55E39336> /usr/lib/system/libmathCommon.A.dylib
0x9454e000 - 0x9454ffff libDiagnosticMessagesClient.dylib (??? - ???) <DB3889C2-2FC2-3087-A2A2-4C319455E35C> /usr/lib/libDiagnosticMessagesClient.dylib
0x945d8000 - 0x94698fff com.apple.CoreServices.OSServices (478.29 - 478.29) <EAAAAC1B-2599-3875-9068-DF7E6B5760A8> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServices.framework/Versions/A/OSServices
0x94c95000 - 0x94cc3ff7 com.apple.DictionaryServices (1.2.1 - 158.2) <DA16A8B2-F359-345A-BAF7-8E6A5A0741A1> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/DictionaryServices.framework/Versions/A/DictionaryServices
0x94cee000 - 0x94e1aff9 com.apple.CFNetwork (520.2.5 - 520.2.5) <02193949-50A8-3CBC-9920-5FCDB8EBE17A> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwork.framework/Versions/A/CFNetwork
0x95206000 - 0x953dcfe3 com.apple.CoreFoundation (6.7.1 - 635.15) <AC9F6462-6315-3D89-8075-D048DB4DBF7E> /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
0x953dd000 - 0x95441fff com.apple.framework.IOKit (2.0 - ???) <D14460ED-2B6C-375D-B3A4-B8C82E922666> /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
0x95595000 - 0x9560afff com.apple.Metadata (10.7.0 - 627.20) <1E7C8194-8CE4-3103-A3D1-8913238AF923> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Metadata
0x9560b000 - 0x957f4ff7 com.apple.CoreData (104 - 358.12) <F8AD7990-2C30-31A4-8E78-FA8DD5CF03CC> /System/Library/Frameworks/CoreData.framework/Versions/A/CoreData
0x957f5000 - 0x957f8ff7 libcompiler_rt.dylib (6.0.0 - compatibility 1.0.0) <7F6C14CC-0169-3F1B-B89C-372F67F1F3B5> /usr/lib/system/libcompiler_rt.dylib
0x95953000 - 0x95964fff libbsm.0.dylib (??? - ???) <54ACF696-87C6-3652-808A-17BE7275C230> /usr/lib/libbsm.0.dylib
0x95b03000 - 0x95b32ff7 libsystem_info.dylib (??? - ???) <B86A363D-6EA2-3A69-A6CB-18B7F98FC61A> /usr/lib/system/libsystem_info.dylib
0x95da7000 - 0x95dabff3 libsystem_network.dylib (??? - ???) <62EBADDA-FC72-3275-AAB3-5EDD949FEFAF> /usr/lib/system/libsystem_network.dylib
0x96029000 - 0x96031fff com.apple.DiskArbitration (2.4.1 - 2.4.1) <28D5D8B5-14E8-3DA1-9085-B9BC96835ACF> /System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration
0x96032000 - 0x962e4ff7 com.apple.security (7.0 - 55010) <BE0350C5-5221-3BFF-B674-646AB1BA0F2E> /System/Library/Frameworks/Security.framework/Versions/A/Security
0x967b3000 - 0x9683dffb com.apple.SearchKit (1.4.0 - 1.4.0) <CF074082-64AB-3A1F-831E-582DF1667827> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchKit.framework/Versions/A/SearchKit
0x9683e000 - 0x96914a5b libobjc.A.dylib (228.0.0 - compatibility 1.0.0) <A0EDB351-4B9D-3AA2-9D1A-0C22204FCCD3> /usr/lib/libobjc.A.dylib
0x96915000 - 0x96915fff libdnsinfo.dylib (395.6.0 - compatibility 1.0.0) <959E5139-EB23-3529-8881-2BCB5724D1A9> /usr/lib/system/libdnsinfo.dylib
0x96da8000 - 0x96dabffc libpam.2.dylib (3.0.0 - compatibility 3.0.0) <6FFDBD60-5EC6-3EFA-996B-EE030443C16C> /usr/lib/libpam.2.dylib
0x96f12000 - 0x96f2eff5 com.apple.GenerationalStorage (1.0 - 125) <F1D67293-9192-367D-AE74-2732B23E7E77> /System/Library/PrivateFrameworks/GenerationalStorage.framework/Versions/A/GenerationalStorage
0x96f2f000 - 0x96f37ff3 liblaunch.dylib (392.18.0 - compatibility 1.0.0) <CD470A1E-0147-3CB1-B44D-0B61F9061826> /usr/lib/system/liblaunch.dylib
0x9717c000 - 0x971aafe7 libSystem.B.dylib (159.1.0 - compatibility 1.0.0) <07D9A827-9567-34C2-9022-AF4BF975C9A7> /usr/lib/libSystem.B.dylib
0x97d19000 - 0x97d27fff libdispatch.dylib (187.7.0 - compatibility 1.0.0) <B50C62AD-0B5B-34C3-A491-ECFD72ED505E> /usr/lib/system/libdispatch.dylib
0x988cf000 - 0x988f7ff7 libxslt.1.dylib (3.24.0 - compatibility 3.0.0) <FCAC685A-724F-3FE7-8416-146108DF75FB> /usr/lib/libxslt.1.dylib
0x988fa000 - 0x98905ffc com.apple.NetAuth (1.0 - 3.0) <C07853C0-AF32-3633-9CEF-2480860C12C5> /System/Library/PrivateFrameworks/NetAuth.framework/Versions/A/NetAuth
0x98957000 - 0x98958ff5 libremovefile.dylib (21.0.0 - compatibility 1.0.0) <9A1E12B7-F822-3544-8E1D-A6DC81E1F2E6> /usr/lib/system/libremovefile.dylib
0x98967000 - 0x98c71ff3 com.apple.Foundation (6.7.1 - 833.20) <B5092554-485A-3A7D-904B-B04B1EE5C50C> /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation
0x98c98000 - 0x98c9aff7 libdyld.dylib (195.5.0 - compatibility 1.0.0) <637660EA-8D12-3B79-B644-041FEADC9C33> /usr/lib/system/libdyld.dylib
0x99135000 - 0x99136fff com.apple.TrustEvaluationAgent (2.0 - 1) <4BB39578-2F5E-3A50-AD59-9C0AB99472EB> /System/Library/PrivateFrameworks/TrustEvaluationAgent.framework/Versions/A/TrustEvaluationAgent
0x99137000 - 0x99137ffe libkeymgr.dylib (23.0.0 - compatibility 1.0.0) <7F0E8EE2-9E8F-366F-9988-E2F119DB9A82> /usr/lib/system/libkeymgr.dylib
0x99330000 - 0x99392ffb com.apple.datadetectorscore (3.0 - 179.4) <12EF80E0-35CC-30A7-942F-2F9E87C4C98C> /System/Library/PrivateFrameworks/DataDetectorsCore.framework/Versions/A/DataDetectorsCore
0x99535000 - 0x99837fff com.apple.CoreServices.CarbonCore (960.18 - 960.18) <8094724D-591D-3CC2-81DE-4E3029624E11> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/CarbonCore
0x9a280000 - 0x9a363ff7 libcrypto.0.9.8.dylib (44.0.0 - compatibility 0.9.8) <BD913D3B-388D-33AE-AA5E-4810C743C28F> /usr/lib/libcrypto.0.9.8.dylib
0x9a99c000 - 0x9a9aafff libz.1.dylib (1.2.5 - compatibility 1.0.0) <E73A4025-835C-3F73-9853-B08606E892DB> /usr/lib/libz.1.dylib
0x9ab58000 - 0x9ab9bffd libcommonCrypto.dylib (55010.0.0 - compatibility 1.0.0) <4BA1F5F1-F0A2-3FEB-BB62-F514DCBB3725> /usr/lib/system/libcommonCrypto.dylib
0x9ab9c000 - 0x9abdcff7 libauto.dylib (??? - ???) <984C81BE-FA1C-3228-8F7E-2965E7E5EB85> /usr/lib/libauto.dylib
0x9b052000 - 0x9b059ff7 libsystem_notify.dylib (80.1.0 - compatibility 1.0.0) <47DB9E1B-A7D1-3818-A747-382B2C5D9E1B> /usr/lib/system/libsystem_notify.dylib
0x9b05a000 - 0x9b061ff5 libsystem_dnssd.dylib (??? - ???) <B3217FA8-A7D6-3C90-ABFC-2E54AEF33547> /usr/lib/system/libsystem_dnssd.dylib
0x9b2ec000 - 0x9b322ff7 com.apple.AE (527.7 - 527.7) <7BAFBF18-3997-3656-9823-FD3B455056A4> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/AE
0x9b8ab000 - 0x9b8c1ffe libxpc.dylib (77.17.0 - compatibility 1.0.0) <E01E0074-0830-3F20-8703-EA7722BFD358> /usr/lib/system/libxpc.dylib
0x9b90c000 - 0x9b90dfff liblangid.dylib (??? - ???) <C8C204E9-1785-3785-BBD7-22D59493B98B> /usr/lib/liblangid.dylib
0x9b9de000 - 0x9ba72ff7 com.apple.LaunchServices (480.21 - 480.21) <E3621817-B627-3EEC-A7F9-0D45583B7FE8> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/LaunchServices
0x9c0be000 - 0x9c0bfff0 libunc.dylib (24.0.0 - compatibility 1.0.0) <BCD277D0-4271-3E96-A4A2-85669DBEE2E2> /usr/lib/system/libunc.dylib
0x9cb0c000 - 0x9cb10ffa libcache.dylib (47.0.0 - compatibility 1.0.0) <98A82BC5-0DD9-3212-9CAE-35A77278EEB6> /usr/lib/system/libcache.dylib
0xc0000000 - 0xc02efff7 +com.sophos.sav.savi (2.07.330 - 2.07.330) <8BB3AE88-6411-D29D-C1D2-8FE6AACFB3CD> /Library/Frameworks/SAVI.framework/Versions/A/SAVI
External Modification Summary:
Calls made by other processes targeting this process:
task_for_pid: 13909
thread_create: 0
thread_set_state: 0
Calls made by this process:
task_for_pid: 0
thread_create: 0
thread_set_state: 0
Calls made by all processes on this machine:
task_for_pid: 11775426
thread_create: 0
thread_set_state: 0
VM Region Summary:
ReadOnly portion of Libraries: Total=72.4M resident=43.0M(59%) swapped_out_or_unallocated=29.4M(41%)
Writable regions: Total=50.6M written=632K(1%) resident=944K(2%) swapped_out=0K(0%) unallocated=49.7M(98%)
REGION TYPE VIRTUAL
=========== =======
MALLOC 40.2M
MALLOC guard page 32K
SQLite page cache 96K
Stack 66.1M
VM_ALLOCATE 32K
__DATA 1796K
__DATA/__OBJC 8K
__IMPORT 16K
__LINKEDIT 42.3M
__OBJC 452K
__PAGEZERO 4K
__TEXT 30.1M
__UNICODE 544K
mapped file 197.1M
shared memory 16K
shared pmap 12.8M
=========== =======
TOTAL 391.5M
THANKS in advance !
Thank you for the feedback! Yes, I would say that looks related. It appears that at some point, the process is unable to capture the file path, which is causing an exception as the parent process won't accept a mull value being returned instead of a text string. I'll make sure this gets some more attention internally.
