This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos 9.4 hanging on every scan

I have run Sophos Anti-virus on my Mac laptop several times now and every time it hangs half-way through the scan. From what I can tell, it is hanging on the exact same file each time. I get no message of any kind, just the progress bar showing how far along it is and the number of files scanned. I am running Yosemite on my Mac. Any help would be appreciated.

Thanks,


Darin



This thread was automatically locked due to age.
Parents
  • Hello all,

    starting with 9.4.0 we enabled scanning of "xar" compressed dmg files .Xar (short for eXtensible ARchive format) is an open source file archiver and the archiver’s file format. It was created within the OpenDarwin project and is used in Mac OS X for software installation routines, as well as browser extensions in Safari. Xar replaced the use of gzipped pax files.

    Scanning these dmg files can be an extensive process, since the complete dmg is extracted and inside files are scanned. Other
    timely scanning operations are dmg or archives containing java classes.

    For example: the JDK dmg can take up to 15 minutes to scan, depending on system resources.

    The scans most likely will finish. In order to speed up on-demand scanning the user can do one of the following things:

    a) disable archive scanning (not recommended)

    b) add an exclusion for dmg files, like *.dmg

    Frank Fenn
    Sr. Software Engineer
  • Thank you. How do I add that exclusion and what are any potential downsides?

    Thanks.
  • Hey Ben,

    You can read all about adding exclusions here (page 8). I actually just learned you could add the wildcard exceptions (like the ones frank suggested) so I guess I can check off my "learned something new" box today.

    How to do it wasn't super obvious to me so I made this fancy graphic. You can access this panel if you click on the Sophos shield > Open preferences... 

    As for what to add, you can either add an exception for ALL DMG files (by adding *.dmg) or else just adding specific dmg files that the scanner seems to get stuck on.

    As for the potential downsides - well, it means that .dmg files aren't going to be scanned as part of your regular scans. But that doesn't mean you have to avoid scanning them altogether - for example, when you download a file from the Internet, it will still be scanned for malicious content when you're downloading it, thanks to Web protection. 

    Hopefully that helps, but let me know if you have any other questions.

  • Serra:

    i added a *.dmg exclusion to the scan, but it didn't take. The scan I'm running now is still looking through .dmg files, specifically the .dmg file for apache open office.
Reply Children